urlscan.io logo urlscan.io
SecurityTrails logo

www.newsnationnow.com Open in urlscan Pro
192.0.66.120  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Submission: On April 30 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 8 countries across 114 domains to perform 489 HTTP transactions. The main IP is 192.0.66.120, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.newsnationnow.com. The Cisco Umbrella rank of the primary domain is 110645.
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.
This is the only time www.newsnationnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
66 192.0.66.120 2635 (AUTOMATTIC)
7 2607:f8b0:400... 15169 (GOOGLE)
1 13.225.214.26 16509 (AMAZON-02)
10 2606:4700::68... 13335 (CLOUDFLAR...)
10 54.192.51.7 16509 (AMAZON-02)
1 13.35.93.44 16509 (AMAZON-02)
5 2600:9000:215... 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2600:9000:24f... 16509 (AMAZON-02)
8 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
8 54.208.43.162 14618 (AMAZON-AES)
3 108.138.107.138 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 52.54.239.67 14618 (AMAZON-AES)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 18.164.116.116 16509 (AMAZON-02)
1 151.101.130.133 54113 (FASTLY)
1 54.192.51.113 16509 (AMAZON-02)
1 2600:1901:0:2... 15169 (GOOGLE)
18 151.139.128.10 20446 (STACKPATH...)
1 2600:9000:220... 16509 (AMAZON-02)
1 5 35.169.149.236 14618 (AMAZON-AES)
1 2600:9000:24e... 16509 (AMAZON-02)
6 23.197.32.118 16625 (AKAMAI-AS)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2600:9000:220... 16509 (AMAZON-02)
3 2600:9000:236... 16509 (AMAZON-02)
7 2607:f8b0:400... 15169 (GOOGLE)
2 52.85.61.52 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.65.198 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
1 3 18.164.116.98 16509 (AMAZON-02)
1 23.60.5.44 16625 (AKAMAI-AS)
2 34.199.245.73 14618 (AMAZON-AES)
2 130.211.23.194 15169 (GOOGLE)
3 34.200.40.122 14618 (AMAZON-AES)
1 52.85.109.55 16509 (AMAZON-02)
1 3.239.232.254 14618 (AMAZON-AES)
1 23.54.69.151 16625 (AKAMAI-AS)
8 52.4.33.45 14618 (AMAZON-AES)
1 104.18.25.185 13335 (CLOUDFLAR...)
4 2602:803:c002... 26667 (RUBICONPR...)
5 7 68.67.160.132 29990 (ASN-APPNEX)
1 5 35.172.39.42 14618 (AMAZON-AES)
2 35.174.20.74 14618 (AMAZON-AES)
1 52.206.62.126 14618 (AMAZON-AES)
1 2620:100:a001... 19750 (AS-CRITEO)
1 4 23.216.151.62 16625 (AKAMAI-AS)
5 2606:4700:303... 13335 (CLOUDFLAR...)
33 2607:f8b0:400... 15169 (GOOGLE)
1 13.225.223.151 16509 (AMAZON-02)
3 23.54.68.197 16625 (AKAMAI-AS)
1 2 107.20.18.23 14618 (AMAZON-AES)
17 41 142.251.32.98 15169 (GOOGLE)
1 54.88.77.103 14618 (AMAZON-AES)
2 20 52.46.128.147 16509 (AMAZON-02)
10 18.210.106.198 14618 (AMAZON-AES)
5 52.35.110.192 16509 (AMAZON-02)
1 1 23.52.158.180 16625 (AKAMAI-AS)
2 2 34.133.71.175 396982 (GOOGLE-CL...)
1 1 52.202.108.25 14618 (AMAZON-AES)
2 3.132.156.14 16509 (AMAZON-02)
1 2600:9000:251... 16509 (AMAZON-02)
1 3 2620:100:a001::c 19750 (AS-CRITEO)
6 6 35.211.178.172 15169 (GOOGLE)
3 3 35.207.24.140 15169 (GOOGLE)
6 2600:9000:220... 16509 (AMAZON-02)
4 15 192.40.39.223 27381 (CASALE-MEDIA)
3 7 34.98.64.218 396982 (GOOGLE-CL...)
1 1 54.192.51.41 16509 (AMAZON-02)
4 9 52.6.78.119 14618 (AMAZON-AES)
2 34.224.47.217 14618 (AMAZON-AES)
1 5 104.127.172.242 16625 (AKAMAI-AS)
2 2 34.200.65.202 14618 (AMAZON-AES)
3 5 52.223.22.214 16509 (AMAZON-02)
3 3 68.67.179.153 29990 (ASN-APPNEX)
1 20 52.207.45.55 14618 (AMAZON-AES)
1 1 51.255.68.171 16276 (OVH)
3 4 70.42.32.255 22075 (AS-OUTBRAIN)
3 3 34.230.197.176 14618 (AMAZON-AES)
1 1 54.86.165.56 14618 (AMAZON-AES)
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
1 1 54.152.156.135 14618 (AMAZON-AES)
2 2 2603:c020:400... 31898 (ORACLE-BM...)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 70.42.32.95 13789 (INTERNAP-...)
1 1 23.205.77.247 16625 (AKAMAI-AS)
2 2 198.148.27.139 19189 (PULSEPOINT)
1 1 199.187.193.181 47043 (SMARTADSE...)
2 4 207.198.113.230 13768 (COGECO-PEER1)
2 108.159.227.82 16509 (AMAZON-02)
2 2 216.200.232.249 30419 (MEDIAMATH...)
1 174.137.133.32 27257 (WEBAIR-IN...)
2 3 151.101.194.49 54113 (FASTLY)
12 12 3.33.220.150 16509 (AMAZON-02)
1 1 124.146.215.51 2514 (INFOSPHER...)
1 1 80.77.87.163 46636 (NATCOWEB)
2 2 8.43.72.97 26667 (RUBICONPR...)
6 6 199.127.204.171 26120 (RHYTHMONE)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
3 3 162.248.18.32 62713 (AS-PUBMATIC)
1 7 8.28.7.83 62713 (AS-PUBMATIC)
1 2 162.248.18.34 62713 (AS-PUBMATIC)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 2600:1f18:61c... 14618 (AMAZON-AES)
3 3 185.167.164.39 198622 (ADFORM)
1 1 35.214.153.92 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
20 2607:f8b0:400... 15169 (GOOGLE)
1 2 54.186.170.143 16509 (AMAZON-02)
4 7 34.111.113.62 396982 (GOOGLE-CL...)
2 2 34.229.3.43 14618 (AMAZON-AES)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 2 52.73.235.138 14618 (AMAZON-AES)
1 2 104.36.115.113 62713 (AS-PUBMATIC)
8 8 34.231.47.224 14618 (AMAZON-AES)
7 11 69.173.151.100 26667 (RUBICONPR...)
1 52.94.220.185 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 199.38.167.130 54312 (ROCKETFUEL)
1 1 199.187.193.177 47043 (SMARTADSE...)
1 2 18.211.206.98 14618 (AMAZON-AES)
2 2620:100:a001::4 19750 (AS-CRITEO)
4 2600:1400:900... 20940 (AKAMAI-ASN1)
5 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
5 142.251.40.194 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 52.3.68.96 14618 (AMAZON-AES)
1 3.237.215.27 14618 (AMAZON-AES)
4 34.117.228.201 396982 (GOOGLE-CL...)
1 54.192.51.8 16509 (AMAZON-02)
1 1 34.231.23.92 14618 (AMAZON-AES)
2 2 35.190.0.66 15169 (GOOGLE)
1 1 185.98.54.153 39572 (ADVANCEDH...)
2 3 69.166.1.12 27630 (AS-XFERNET)
2 2 34.196.165.14 14618 (AMAZON-AES)
2 2 54.191.238.37 16509 (AMAZON-02)
1 1 2600:9000:220... 16509 (AMAZON-02)
1 1 52.45.175.185 14618 (AMAZON-AES)
1 1 35.208.249.213 19527 (GOOGLE-2)
2 99.83.154.140 16509 (AMAZON-02)
1 8.28.7.84 62713 (AS-PUBMATIC)
1 74.119.119.139 19750 (AS-CRITEO)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
10 10 162.19.138.118 16276 (OVH)
2 2 50.57.31.206 19994 (RACKSPACE)
489 112
66    192.0.66.120 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
www.newsnationnow.com
www.nxsttv.com
7    2607:f8b0:4006:817::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.225.214.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-26.ewr50.r.cloudfront.net
nxst.megpxs.com
10    2606:4700::6813:bc61 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
10    54.192.51.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-7.yul62.r.cloudfront.net
blue.newsnationnow.com
1    13.35.93.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-44.jfk50.r.cloudfront.net
launchpad-wrapper.privacymanager.io
5    2600:9000:215f:c600:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
2    2606:4700:4400::ac40:99f6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    2600:9000:24f1:3000:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
8    2607:f8b0:4006:807::2002 (New York, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
4    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
8    54.208.43.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-43-162.compute-1.amazonaws.com
bob.dmpxs.com
3    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
2    2607:f8b0:4006:80d::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    52.54.239.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-239-67.compute-1.amazonaws.com
nexstar.blueconic.net
2    2606:4700:4400::6812:20c1 (United States)

ASN13335 (CLOUDFLARENET, US)
cookies-data.onetrust.io
1    18.164.116.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-116.jfk50.r.cloudfront.net
launchpad.privacymanager.io
1    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
segment.psg.nexstardigital.net
1    54.192.51.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-113.yul62.r.cloudfront.net
ak.sail-horizon.com
1    2600:1901:0:2954:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
w3.mp.lura.live
18    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
assets.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
1    2600:9000:2209:7200:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
5    35.169.149.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-149-236.compute-1.amazonaws.com
get.civicscience.com
www.civicscience.com
1    2600:9000:24eb:f600:f:c7b3:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2zqfs55y95cft.cloudfront.net
6    23.197.32.118 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-32-118.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2600:9000:2209:9800:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)
dyv1bugovvq1g.cloudfront.net
3    2600:9000:2361:5200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
7    2607:f8b0:4006:80d::2003 (New York, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.85.61.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-52.ewr53.r.cloudfront.net
geo.privacymanager.io
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.65.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net
ad.doubleclick.net
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
3    18.164.116.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-98.jfk50.r.cloudfront.net
sb.scorecardresearch.com
1    23.60.5.44 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-5-44.deploy.static.akamaitechnologies.com
a.teads.tv
2    34.199.245.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-245-73.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
3    34.200.40.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-40-122.compute-1.amazonaws.com
www.civicscience.com
1    52.85.109.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-109-55.yul62.r.cloudfront.net
aax.amazon-adsystem.com
1    3.239.232.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-254.compute-1.amazonaws.com
sqs.us-east-1.amazonaws.com
1    23.54.69.151 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-69-151.deploy.static.akamaitechnologies.com
z.moatads.com
8    52.4.33.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-33-45.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
1    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
4    2602:803:c002:200::42 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
7    68.67.160.132 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
5    35.172.39.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-39-42.compute-1.amazonaws.com
ads.yieldmo.com
2    35.174.20.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-20-74.compute-1.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    52.206.62.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-62-126.compute-1.amazonaws.com
tlx.3lift.com
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
4    23.216.151.62 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-216-151-62.deploy.static.akamaitechnologies.com
at.teads.tv
sync.teads.tv
5    2606:4700:3032::ac43:cb69 (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
33    2607:f8b0:4006:80a::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    13.225.223.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-151.jfk51.r.cloudfront.net
cdn.segment.com
3    23.54.68.197 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-197.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    107.20.18.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-18-23.compute-1.amazonaws.com
cm2.lotlinx.com
cm.lotlinx.com
41    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
cm.g.doubleclick.net
1    54.88.77.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-77-103.compute-1.amazonaws.com
ping.chartbeat.net
20    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
10    18.210.106.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-106-198.compute-1.amazonaws.com
trends.revcontent.com
yeet.revcontent.com
5    52.35.110.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-110-192.us-west-2.compute.amazonaws.com
api.segment.io
1    23.52.158.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-158-180.deploy.static.akamaitechnologies.com
cs.media.net
2    34.133.71.175 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.71.133.34.bc.googleusercontent.com
um.simpli.fi
1    52.202.108.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-108-25.compute-1.amazonaws.com
jadserve.postrelease.com
2    3.132.156.14 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-156-14.us-east-2.compute.amazonaws.com
secure-dcr.imrworldwide.com
1    2600:9000:2510:a200:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
zsb6z8kidk8m38ei3c29ryfmhjszj1682819951.nuid.imrworldwide.com
3    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
6    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
6    2600:9000:2209:4400:f:c7b3:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.civicscience.com
15    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    54.192.51.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-41.yul62.r.cloudfront.net
usr.undertone.com
9    52.6.78.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-78-119.compute-1.amazonaws.com
match.sharethrough.com
2    34.224.47.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-47-217.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pm.ads.yieldmo.com
5    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
2    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
5    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
3    68.67.179.153 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
20    52.207.45.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-45-55.compute-1.amazonaws.com
usersync.gumgum.com
1    51.255.68.171 (Saint-Gildas-des-Bois, France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
4    70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
3    34.230.197.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-197-176.compute-1.amazonaws.com
ice.360yield.com
ad.360yield.com
1    54.86.165.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-165-56.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    2600:1f18:4e9:5a07:4fe1:ac42:6a21:1cf9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    54.152.156.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-156-135.compute-1.amazonaws.com
sync.ipredictive.com
2    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    23.205.77.247 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-77-247.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    199.187.193.181 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
4    207.198.113.230 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
2    108.159.227.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-159-227-82.ord56.r.cloudfront.net
analytics-sm.com
2    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
12    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    124.146.215.51 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
6    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    162.248.18.32 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
7    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    2600:1f18:61c0:2204:f195:b922:3681:7158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
3    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
1    2607:f8b0:4006:81c::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    2607:f8b0:4006:820::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
20    2607:f8b0:4006:821::2001 (New York, United States)

ASN15169 (GOOGLE, US)
5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
tpc.googlesyndication.com
2    54.186.170.143 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-170-143.us-west-2.compute.amazonaws.com
dpm.demdex.net
7    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
2    52.73.235.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-235-138.compute-1.amazonaws.com
sync.crwdcntrl.net
2    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
8    34.231.47.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-47-224.compute-1.amazonaws.com
match.prod.bidr.io
11    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    199.187.193.177 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
2    18.211.206.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-206-98.compute-1.amazonaws.com
thrtle.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
4    2600:1400:9000::687e:7699 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
5    2607:f8b0:4006:80d::2002 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2607:f8b0:4006:809::2006 (New York, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
googleads4.g.doubleclick.net
4    2607:f8b0:4006:817::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
4    2607:f8b0:4006:80c::2002 (New York, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    52.3.68.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-68-96.compute-1.amazonaws.com
protected-by.clarium.io
1    3.237.215.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-237-215-27.compute-1.amazonaws.com
global.imrworldwide.com
4    34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
1    54.192.51.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-8.yul62.r.cloudfront.net
check.analytics.rlcdn.com
1    34.231.23.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-23-92.compute-1.amazonaws.com
fksnk.com
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    185.98.54.153 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
3    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    34.196.165.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-165-14.compute-1.amazonaws.com
cc.adingo.jp
2    54.191.238.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-238-37.us-west-2.compute.amazonaws.com
pm.w55c.net
1    2600:9000:2209:2e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
1    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
10    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
Apex Domain
Subdomains		 Transfer
75 newsnationnow.com
www.newsnationnow.com — Cisco Umbrella Rank: 110645
blue.newsnationnow.com — Cisco Umbrella Rank: 500203
2 MB
59 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
ad.doubleclick.net — Cisco Umbrella Rank: 201
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
270 KB
53 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
375 KB
28 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 8927
trends.revcontent.com — Cisco Umbrella Rank: 2610
img.revcontent.com — Cisco Umbrella Rank: 13291
cdn.revcontent.com — Cisco Umbrella Rank: 10383
images.revcontent.com — Cisco Umbrella Rank: 10002
yeet.revcontent.com — Cisco Umbrella Rank: 9504
175 KB
25 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
76 KB
22 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2328
rtb.gumgum.com — Cisco Umbrella Rank: 2335
usersync.gumgum.com — Cisco Umbrella Rank: 2448
8 KB
22 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
eus.rubiconproject.com — Cisco Umbrella Rank: 798
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1475
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
token.rubiconproject.com — Cisco Umbrella Rank: 795
33 KB
18 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 725
image8.pubmatic.com — Cisco Umbrella Rank: 1002
image2.pubmatic.com — Cisco Umbrella Rank: 1377
image4.pubmatic.com — Cisco Umbrella Rank: 1704
image6.pubmatic.com — Cisco Umbrella Rank: 1037
simage2.pubmatic.com — Cisco Umbrella Rank: 976
simage4.pubmatic.com — Cisco Umbrella Rank: 1660
95 KB
16 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 768
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
dsum.casalemedia.com — Cisco Umbrella Rank: 2284
12 KB
14 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1468
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
5 KB
14 civicscience.com
get.civicscience.com — Cisco Umbrella Rank: 25327
www.civicscience.com — Cisco Umbrella Rank: 9633
cdn.civicscience.com — Cisco Umbrella Rank: 14191
54 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
7 KB
10 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 612
15 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
secure.adnxs.com — Cisco Umbrella Rank: 604
10 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 615
185 KB
9 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
6 KB
8 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 672
tps.doubleverify.com — Cisco Umbrella Rank: 711
tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 2102
210 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 825
4 KB
8 dmpxs.com
bob.dmpxs.com — Cisco Umbrella Rank: 16803
4 KB
8 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
d15kdpgjg3unno.cloudfront.net
d2zqfs55y95cft.cloudfront.net
dyv1bugovvq1g.cloudfront.net
165 KB
7 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 695
1 KB
7 openx.net
u.openx.net — Cisco Umbrella Rank: 974
us-u.openx.net — Cisco Umbrella Rank: 707
2 KB
7 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 942
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 9425
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 9761
4 KB
7 gstatic.com
fonts.gstatic.com
156 KB
7 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2939
secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 2628
zsb6z8kidk8m38ei3c29ryfmhjszj1682819951.nuid.imrworldwide.com
global.imrworldwide.com — Cisco Umbrella Rank: 9703
70 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
7 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
4 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 797
eb2.3lift.com — Cisco Umbrella Rank: 535
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
243 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
992 B
5 segment.io
api.segment.io — Cisco Umbrella Rank: 1344
886 B
5 analyticssystems.net
analyticssystems.net — Cisco Umbrella Rank: 17442
2 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 803
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 1686
8 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1617
at.teads.tv — Cisco Umbrella Rank: 4942
sync.teads.tv — Cisco Umbrella Rank: 1703
5 KB
5 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2353
m.addthis.com — Cisco Umbrella Rank: 2342
218 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
304 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 875
3 KB
4 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 5223
3 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 987
1 KB
4 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3572
onesignal.com — Cisco Umbrella Rank: 1047
83 KB
4 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 8334
launchpad.privacymanager.io — Cisco Umbrella Rank: 6914
geo.privacymanager.io — Cisco Umbrella Rank: 2374
12 KB
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1456
2 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 2316
load77.exelator.com — Cisco Umbrella Rank: 4801
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 908
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
898 B
3 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2389
ad.360yield.com — Cisco Umbrella Rank: 812
981 B
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1505
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
3 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 1542
api.btloader.com — Cisco Umbrella Rank: 1745
9 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2090
mab.chartbeat.com — Cisco Umbrella Rank: 3436
25 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1965
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1248
s.tribalfusion.com — Cisco Umbrella Rank: 2774
1 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 4193
497 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1332
2 KB
2 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 7938
838 B
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 7904
933 B
2 rlcdn.com
check.analytics.rlcdn.com — Cisco Umbrella Rank: 5350
api.rlcdn.com — Cisco Umbrella Rank: 1060
642 B
2 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 2133
487 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
58 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 2147
685 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277
2 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 682
701 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
952 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
1 KB
2 analytics-sm.com
analytics-sm.com — Cisco Umbrella Rank: 15226
2 KB
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774
835 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 866
2 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 813
1 KB
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 2037
4 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
1 KB
2 lotlinx.com
cm2.lotlinx.com — Cisco Umbrella Rank: 43715
cm.lotlinx.com — Cisco Umbrella Rank: 23633
533 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019
452 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1707
1 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3510
pixel.wp.com — Cisco Umbrella Rank: 2908
3 KB
2 onetrust.io
cookies-data.onetrust.io — Cisco Umbrella Rank: 12452
84 B
2 blueconic.net
nexstar.blueconic.net — Cisco Umbrella Rank: 45231
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
118 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 882
552 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1925
160 KB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 2349
453 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 16963
517 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1005
673 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 11316
287 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 6708
612 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
786 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
514 B
1 google.ca
adservice.google.ca — Cisco Umbrella Rank: 14238
531 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1427
289 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1979
181 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2579
349 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1531
660 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1266
830 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1939
191 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 842
682 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1528
222 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1318
465 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009
880 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 4146
564 B
1 undertone.com
usr.undertone.com — Cisco Umbrella Rank: 6128
540 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1859
539 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 2272
665 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1521
201 B
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 2757
708 B
1 segment.com
cdn.segment.com — Cisco Umbrella Rank: 2324
56 KB
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 681
1 KB
1 amazonaws.com
sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5459
658 B
1 lura.live
w3.mp.lura.live — Cisco Umbrella Rank: 18614
168 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 4037
33 KB
1 nexstardigital.net
segment.psg.nexstardigital.net — Cisco Umbrella Rank: 24538
43 KB
1 nxsttv.com
www.nxsttv.com — Cisco Umbrella Rank: 63346
108 KB
1 megpxs.com
nxst.megpxs.com — Cisco Umbrella Rank: 32334
980 B
0 rtk.io Failed
sync.rtk.io Failed
489 114
Domain Requested by
65 www.newsnationnow.com www.newsnationnow.com
41 cm.g.doubleclick.net 17 redirects rtb.gumgum.com
u.openx.net
sync-amz.ads.yieldmo.com
eus.rubiconproject.com
googleads.g.doubleclick.net
5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
33 pagead2.googlesyndication.com segment.psg.nexstardigital.net
5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.newsnationnow.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
20 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
20 s.amazon-adsystem.com 2 redirects d3plfjw9uod7ab.cloudfront.net
s.amazon-adsystem.com
rtb.gumgum.com
u.openx.net
match.sharethrough.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
ads.pubmatic.com
17 tpc.googlesyndication.com www.newsnationnow.com
5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
tpc.googlesyndication.com
d3plfjw9uod7ab.cloudfront.net
12 images.revcontent.com www.newsnationnow.com
12 match.adsrvr.org 12 redirects
10 id5-sync.com 10 redirects
10 blue.newsnationnow.com www.newsnationnow.com
blue.newsnationnow.com
d3plfjw9uod7ab.cloudfront.net
10 cdn.cookielaw.org www.newsnationnow.com
cdn.cookielaw.org
9 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
8 match.prod.bidr.io 8 redirects
8 c2shb.pubgw.yahoo.com www.nxsttv.com
8 bob.dmpxs.com www.newsnationnow.com
d3plfjw9uod7ab.cloudfront.net
8 securepubads.g.doubleclick.net www.newsnationnow.com
securepubads.g.doubleclick.net
www.googletagservices.com
7 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
7 pixel.tapad.com 4 redirects www.newsnationnow.com
rtb.gumgum.com
7 ib.adnxs.com 5 redirects www.nxsttv.com
googleads.g.doubleclick.net
7 www.civicscience.com get.civicscience.com
www.newsnationnow.com
d3plfjw9uod7ab.cloudfront.net
7 fonts.gstatic.com fonts.googleapis.com
7 fonts.googleapis.com www.newsnationnow.com
client
cdn.civicscience.com
6 cdn.civicscience.com get.civicscience.com
d3plfjw9uod7ab.cloudfront.net
cdn.civicscience.com
6 x.bidswitch.net 6 redirects
6 trends.revcontent.com assets.revcontent.com
www.newsnationnow.com
5 googleads4.g.doubleclick.net www.newsnationnow.com
googleads.g.doubleclick.net
5 www.googletagservices.com www.newsnationnow.com
5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
5 image2.pubmatic.com 1 redirects ads.pubmatic.com
rtb.gumgum.com
5 us-u.openx.net 2 redirects u.openx.net
googleads.g.doubleclick.net
5 eb2.3lift.com 3 redirects rtb.gumgum.com
5 api.segment.io cdn.segment.com
5 analyticssystems.net www.newsnationnow.com
5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
5 ads.yieldmo.com 1 redirects www.nxsttv.com
sync-amz.ads.yieldmo.com
5 d3plfjw9uod7ab.cloudfront.net www.newsnationnow.com
5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
4 googleads.g.doubleclick.net 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
www.newsnationnow.com
4 www.google.com www.newsnationnow.com
5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
d3plfjw9uod7ab.cloudfront.net
4 s0.2mdn.net www.newsnationnow.com
4 cdn.doubleverify.com www.newsnationnow.com
4 yeet.revcontent.com assets.revcontent.com
4 token.rubiconproject.com 4 redirects
4 sync.1rx.io 4 redirects
4 pixel.sitescout.com 2 redirects www.newsnationnow.com
4 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
rtb.gumgum.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
4 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
rtb.gumgum.com
ssum-sec.casalemedia.com
4 fastlane.rubiconproject.com www.nxsttv.com
4 s7.addthis.com www.newsnationnow.com
s7.addthis.com
d3plfjw9uod7ab.cloudfront.net
4 assets.revcontent.com www.newsnationnow.com
d3plfjw9uod7ab.cloudfront.net
3 sync.go.sonobi.com 2 redirects
3 sync.teads.tv 1 redirects www.newsnationnow.com
googleads.g.doubleclick.net
3 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
3 c1.adform.net 3 redirects
3 image8.pubmatic.com 3 redirects
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 secure.adnxs.com 3 redirects
3 rtb.mfadsrvr.com 3 redirects
3 gum.criteo.com 1 redirects d3plfjw9uod7ab.cloudfront.net
3 ads.pubmatic.com d3plfjw9uod7ab.cloudfront.net
rtb.gumgum.com
3 sb.scorecardresearch.com 1 redirects www.newsnationnow.com
3 cdn-gl.imrworldwide.com www.newsnationnow.com
cdn-gl.imrworldwide.com
d3plfjw9uod7ab.cloudfront.net
3 c.amazon-adsystem.com www.newsnationnow.com
c.amazon-adsystem.com
2 tpsc-ue1.doubleverify.com cdn.doubleverify.com
2 uipglob.semasio.net 2 redirects
2 api.sail-personalize.com ak.sail-horizon.com
2 pm.w55c.net 2 redirects
2 cc.adingo.jp 2 redirects
2 ads.travelaudience.com 2 redirects
2 tps.doubleverify.com cdn.doubleverify.com
2 protected-by.clarium.io 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
2 static.criteo.net www.nxsttv.com
static.criteo.net
2 simage2.pubmatic.com rtb.gumgum.com
2 thrtle.com 1 redirects rtb.gumgum.com
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects www.newsnationnow.com
2 loadm.exelator.com 2 redirects
2 dpm.demdex.net 1 redirects www.newsnationnow.com
2 dsum.casalemedia.com 1 redirects ssum-sec.casalemedia.com
2 creativecdn.com 2 redirects
2 image4.pubmatic.com 1 redirects rtb.gumgum.com
2 sync.targeting.unrulymedia.com 2 redirects
2 ad.turn.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 sync.mathtag.com 2 redirects
2 analytics-sm.com www.newsnationnow.com
2 bh.contextweb.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 sync.technoratimedia.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 secure-dcr.imrworldwide.com www.newsnationnow.com
2 um.simpli.fi 2 redirects
2 onesignal.com cdn.onesignal.com
d3plfjw9uod7ab.cloudfront.net
2 api.btloader.com btloader.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 ad-delivery.net www.newsnationnow.com
2 geo.privacymanager.io launchpad.privacymanager.io
2 cookies-data.onetrust.io cdn.cookielaw.org
2 nexstar.blueconic.net blue.newsnationnow.com
d3plfjw9uod7ab.cloudfront.net
2 www.googletagmanager.com www.newsnationnow.com
cdn.segment.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 cdn.onesignal.com www.newsnationnow.com
cdn.onesignal.com
2 static.chartbeat.com www.newsnationnow.com
2 cdn.confiant-integrations.net www.newsnationnow.com
cdn.confiant-integrations.net
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 api.rlcdn.com www.nxsttv.com
1 mug.criteo.com
1 simage4.pubmatic.com ads.pubmatic.com
1 trace.mediago.io 1 redirects
1 im.bluevoox.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 s.uuidksinc.net 1 redirects
1 fksnk.com 1 redirects
1 check.analytics.rlcdn.com www.nxsttv.com
1 global.imrworldwide.com www.newsnationnow.com
1 rtb-csync.smartadserver.com 1 redirects
1 p.rfihub.com 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 cdn.revcontent.com www.newsnationnow.com
1 load77.exelator.com www.newsnationnow.com
1 adservice.google.com d3plfjw9uod7ab.cloudfront.net
1 adservice.google.ca d3plfjw9uod7ab.cloudfront.net
1 img.revcontent.com www.newsnationnow.com
1 csync.loopme.me 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 sync-pm.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 cs.admanmedia.com 1 redirects
1 tg.socdm.com 1 redirects
1 sync.adkernel.com rtb.gumgum.com
1 ssbsync.smartadserver.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ice.360yield.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 usr.undertone.com 1 redirects
1 rtb.gumgum.com s.amazon-adsystem.com
1 zsb6z8kidk8m38ei3c29ryfmhjszj1682819951.nuid.imrworldwide.com www.newsnationnow.com
1 jadserve.postrelease.com 1 redirects
1 cs.media.net 1 redirects
1 ping.chartbeat.net www.newsnationnow.com
1 cm.lotlinx.com www.newsnationnow.com
1 cm2.lotlinx.com 1 redirects
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 pixel.wp.com www.newsnationnow.com
1 cdn.segment.com segment.psg.nexstardigital.net
1 at.teads.tv a.teads.tv
1 bidder.criteo.com www.nxsttv.com
1 tlx.3lift.com www.nxsttv.com
1 g2.gumgum.com www.nxsttv.com
1 htlb.casalemedia.com www.nxsttv.com
1 z.moatads.com s7.addthis.com
1 sqs.us-east-1.amazonaws.com d15kdpgjg3unno.cloudfront.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 a.teads.tv www.googletagmanager.com
1 mab.chartbeat.com static.chartbeat.com
1 ad.doubleclick.net www.newsnationnow.com
1 dyv1bugovvq1g.cloudfront.net www.nxsttv.com
1 stats.wp.com www.newsnationnow.com
1 d2zqfs55y95cft.cloudfront.net www.newsnationnow.com
1 get.civicscience.com 1 redirects
1 d15kdpgjg3unno.cloudfront.net www.newsnationnow.com
1 w3.mp.lura.live www.newsnationnow.com
1 ak.sail-horizon.com www.newsnationnow.com
1 segment.psg.nexstardigital.net www.newsnationnow.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 btloader.com www.newsnationnow.com
1 www.nxsttv.com www.newsnationnow.com
1 launchpad-wrapper.privacymanager.io www.newsnationnow.com
1 nxst.megpxs.com www.newsnationnow.com
0 sync.rtk.io Failed d3plfjw9uod7ab.cloudfront.net
489 180
Subject Issuer Validity Valid
newsnationnow.com
R3		 2023-03-23 -
2023-06-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
nxst.megpxs.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-11-05		 8 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
blue.kark.com
Amazon RSA 2048 M01		 2023-04-05 -
2024-05-03		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
nxsttv.com
R3		 2023-04-16 -
2023-07-15		 3 months crt.sh
*.confiant-integrations.net
GTS CA 1P5		 2023-03-27 -
2023-06-25		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-05 -
2023-08-05		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
*.dmpxs.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-07		 10 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.blueconic.net
Amazon RSA 2048 M02		 2023-02-28 -
2023-08-06		 5 months crt.sh
onetrust.io
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh
*.psg.nexstardigital.net
R3		 2023-04-19 -
2023-07-18		 3 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-16		 a year crt.sh
*.mp.lura.live
Sectigo RSA Domain Validation Secure Server CA		 2022-11-07 -
2023-12-08		 a year crt.sh
assets.revcontent.com
R3		 2023-03-13 -
2023-06-11		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.civicscience.com
Amazon RSA 2048 M02		 2023-04-04 -
2024-05-03		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
queue.amazonaws.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-27 -
2023-06-21		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-10-12		 7 months crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-17 -
2023-08-05		 6 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-01-12		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
revcontent.com
Amazon RSA 2048 M02		 2023-02-23 -
2023-07-16		 5 months crt.sh
*.segment.io
Amazon RSA 2048 M01		 2023-02-10 -
2024-02-10		 a year crt.sh
*.nuid.imrworldwide.com
Amazon RSA 2048 M01		 2023-04-12 -
2024-05-10		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-08-12		 5 months crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.analytics-sm.com
Amazon RSA 2048 M02		 2023-02-21 -
2023-07-16		 5 months crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
img.revcontent.com
R3		 2023-03-13 -
2023-06-11		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
cdn.revcontent.com
R3		 2023-03-09 -
2023-06-07		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
images.revcontent.com
R3		 2023-03-06 -
2023-06-04		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M01		 2022-12-16 -
2024-01-14		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-08-25		 6 months crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh

This page contains 54 frames:

Primary Page: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Frame ID: FDD045933B0A1C49118FB35F8C282F5C
Requests: 251 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 473C80D4478B29B78489572ED6C6E6FB
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D29BEE9996A8FB72EB5238F2E3242BF7
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 43ADD9ECCB435D5C991AF2DEEE14B7AD
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&dcc=t
Frame ID: 9D5E07D12272F5020BD782C81A489E11
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: BE8DB28B805C91087EA12FBE1A370848
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: C3A77531498F564B09818ACE7EA02B08
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 752A0AE2211E080F325188A1C0988B5C
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 82F8FBFBD4D7786A61C9B58ABFD09FBE
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=6623047a2d71446d91fcca52f2f99e89
Frame ID: 550057608F381A4ABB32D3D9B93BE8F1
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: AFB2A3CD81B77A1ADAA700D631AF0EF6
Requests: 6 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 88438AEC5A417DA7541F2E9931F4D871
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 013D50777E83E34F408E7897FFF8C70B
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1XT3dtMVV0RTJ1S1JpUnZkRnRyN3AyTldzQWh1dWE2R35B
Frame ID: 8546C521A19509DF6ADAAFC4A57E5132
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=2806201715888124060&ex=appnexus.com
Frame ID: F424D0C3F8289D619EE01BB54DB4AAA0
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=292355670861132343203
Frame ID: 860B4EDCF6D2D737F9187C198D9EB74D
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: CE3D4B25B3F839607134BD30E1D88B9B
Requests: 6 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=a664644d-cb70-4300-9a13-233ed2a6eae5&gdpr=&gdpr_consent=
Frame ID: 7E23948BC645F9E94BAF5D7BDD514717
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: E6D40C04ED80D081B4A17A66CDF459FC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZE3LbwAGdnRvhAAn&gdpr=&gdpr_consent=&_test=ZE3LbwAGdnRvhAAn
Frame ID: 72201DF0E9097A60DF0D237E254E6668
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV81ZmJkZmM4YS03OWUwLTQzZTktOGQ2Yy1iNThkZWEzZjg0OGI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 21AEF94A731CF216DBB4DF387989EDF7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 9AEDBFA47AD8803AE3BCF43AA8CAADD1
Requests: 13 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=0d3b310b-bf7a-405b-b93b-9457c9f6b19e
Frame ID: 6AB42E690BB5AD83771A9DE56355FC08
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZE3LcMCo8X4AAHdCi2gAAAAA
Frame ID: C71C526BEA8539096697CA571BA37B58
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=98255888-350f-4733-b66b-28f3b9e014a6
Frame ID: 188FB4F3BC5142C6D722E44A0A391FFB
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 6E18A96D299007749CA082AF19C63FB8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=yKnKxKjizgaVMhMIUbQf&pi=gumgum&tc=1
Frame ID: E2B13C8A7AB2F4BFA66D00B0C813EBD7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 148E9DAD72E6CE4B20EAD08864039D9B
Requests: 3 HTTP requests in this frame

Frame: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1E804A586DFD24F07C1958966AACE6F2
Requests: 1 HTTP requests in this frame

Frame: https://sync.rtk.io/cs
Frame ID: 95BED33ABF5D843843CE9A46274AAF1D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.civicscience.com/jspoll/5/csw.5.4.1.css?pv=5.4.1
Frame ID: 715E19D77FCD71182C98A25D0CA97E41
Requests: 4 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: FDA94CD9559A72C1F02406506B057845
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978758886832913290
Frame ID: 6F93D7B58FC1377CCC35CD8802E54077
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&redir=true&gdpr=0&gdpr_consent=
Frame ID: 290A17E0C7C03F3BAA2F32162647C560
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADqGE7Im5cAACHzaMyfgw&gdpr=0&gdpr_consent=
Frame ID: 84A16A77F457C85B6610E14E3DF61CAE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E
Frame ID: 741CBD612CE7B0A11CBC3B0D7F1A4800
Requests: 1 HTTP requests in this frame

Frame: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BB0A1385451C1204E8CE801124042F1E
Requests: 24 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=24193518&sid=6080257&plc=273620345&num=&adid=&advid=2276943&adsrv=1&btreg=551030907&btadsrv=doubleclick&crt=171932880&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Frame ID: 0F7C64B213BC0497FED09886324E596E
Requests: 7 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/31b9b552-f32e-4036-8364-726eb992b71d.js
Frame ID: B3198E74F18E2E57E56753F9AA0632CD
Requests: 11 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/31b9b552-f32e-4036-8364-726eb992b71d.js
Frame ID: 8746CC010865564E8A5A4C95C790A41D
Requests: 11 HTTP requests in this frame

Frame: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B2DCBEA0400FD90D73C24F35F086DEEE
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGOLwktsBMAE&v=APEucNX4PeaJB6TtAXtR1Q75HUgk8VarypxDpFpDWwqukB-qhynA9fRo9PIGRGy3bPSTr_rDpnu9Vhxm55Tu4wqQu0kemCR-fg
Frame ID: 58F83B54D3D0D9289BF28B3183CA2493
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGOLwktsBMAE&v=APEucNUgD3KLUeBAy03qdL1optYlarqFdgZcbpT3a9pBYkalGHycUcCRl8n1ZanNU03pzYYH5KZB8rgoW5UBeDfPHxZmym2Gkg
Frame ID: 5BF1FDA734561C08A62E2583FDDC6A46
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3735.js
Frame ID: 8164A36F404D741A06C6E368B7FE12B1
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3735.js
Frame ID: 06AFD9780B856EE643A8E1E3C4C4EE77
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 993FE8B5FC0CA618B95D9FB63F9143DF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 08B83F069A07803A0AF2199D57DC9599
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 126A701CEB6E3AD6A24634A0CB49033F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0DC1EB170E5B47B8DCF0CF0D601E8B71
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7E782EB04792D3809BB66406C276DD47
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C61D9D76F7BDF8FF49B00A788ADB47B6
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.newsnationnow.com
Frame ID: 493BD065B9B29CE0BFE88D7CEBECBC43
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6961E971AF031F42C201CA4224718BB5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 289A3D2498FF40990D0F50AE328CEE6F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft says it found malicious software from SolarWinds in its systems | NewsNationOpen NavigationClose NavigationVideo IconVideo IconVideo IconVideo IconGoFacebookTwitterWhatsAppSMSEmailAddThisVideo IconVideo IconVideo IconVideo IconVideo IconVideo IconVideo IconVideo IconVideo IconVideo IconVideo IconVideo IconVideo IconFacebookTwitterInstagramYouTubeRSS FeedBack ButtonFilter Button

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

489
Requests

81 %
HTTPS

28 %
IPv6

114
Domains

180
Subdomains

112
IPs

8
Countries

5496 kB
Transfer

15649 kB
Size

211
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://get.civicscience.com/jspoll/5/csw-polyfills.js?ver=1.1 HTTP 302
  • https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js?ver=1.1
Request Chain 159
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036439&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682819950752&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&c8=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20%7C%20NewsNation&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036439&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682819950752&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&c8=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20%7C%20NewsNation&c9=
Request Chain 174
  • https://cm2.lotlinx.com/live/141000/sync?hms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=lemonfree&google_hm=NGQ4ZTcwZGM5NzA2MDQwZDA4YzgxMjVk&google_ula=500446778&google_redir=https%3A%2F%2Fcm.lotlinx.com%2Flive%2F141000%2Fendsync HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=lemonfree&google_hm=NGQ4ZTcwZGM5NzA2MDQwZDA4YzgxMjVk&google_ula=500446778&google_redir=https%3A%2F%2Fcm.lotlinx.com%2Flive%2F141000%2Fendsync&google_tc= HTTP 302
  • https://cm.lotlinx.com/live/141000/endsync?google_ula=500446778,0
Request Chain 177
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&dcc=t
Request Chain 195
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258215511455387000V10
Request Chain 196
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=97F0F40EA0184676AC35881C57F6BA1C&ex=simpli.fi&status=ok
Request Chain 197
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=bb30f702-d383-4c5b-9d50-28ae5b6074f9
Request Chain 201
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1682819951&us_privacy=&rev_dt=1682819951529 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1682819951&us_privacy=&rev_dt=1682819951529 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=31d2f336-b910-431f-84a5-4d822ced4596&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=3fda7304-241e-494b-ba29-937617e680e8&ssp=revcontent HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=31d2f336-b910-431f-84a5-4d822ced4596&callback=dspCMCallback
Request Chain 202
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=M2NmY2Y4NGIyM2VkMGQ5NjNjZjQzMDRkMzAzOTdjYjY%3D&rev_dt=1682819951&us_privacy=&rev_dt=1682819951530 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=M2NmY2Y4NGIyM2VkMGQ5NjNjZjQzMDRkMzAzOTdjYjY%3D&rev_dt=1682819951&us_privacy=&rev_dt=1682819951530 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=M2NmY2Y4NGIyM2VkMGQ5NjNjZjQzMDRkMzAzOTdjYjY=&bidder=154&bidder_uid=3fda7304-241e-494b-ba29-937617e680e8&callback=dspCMCallback
Request Chain 206
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 207
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 208
  • https://usr.undertone.com/userPixel/syncr?partnerid=49&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=6623047a2d71446d91fcca52f2f99e89
Request Chain 212
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1XT3dtMVV0RTJ1S1JpUnZkRnRyN3AyTldzQWh1dWE2R35B
Request Chain 213
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=2806201715888124060&ex=appnexus.com
Request Chain 214
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=292355670861132343203
Request Chain 222
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2806201715888124060
Request Chain 223
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=31d2f336-b910-431f-84a5-4d822ced4596&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=924b113e-57b3-49c2-ab80-8a6f6b4116c8&expires=1&user_group=5&ssp=gumgum2&bsw_param=31d2f336-b910-431f-84a5-4d822ced4596&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=31d2f336-b910-431f-84a5-4d822ced4596&gdpr=&gdpr_consent=&us_privacy=
Request Chain 224
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28_Wc_kZqn6X7dMDgNfhaFFkdxUAb8DtyafnReO-p_VVpZngsUa8F1DM7IsmC3WJxY%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28_Wc_kZqn6X7dMDgNfhaFFkdxUAb8DtyafnReO-p_VVpZngsUa8F1DM7IsmC3WJxY%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b&obuid=ENC(_Wc_kZqn6X7dMDgNfhaFFkdxUAb8DtyafnReO-p_VVpZngsUa8F1DM7IsmC3WJxY) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3D_Wc_kZqn6X7dMDgNfhaFFkdxUAb8DtyafnReO-p_VVpZngsUa8F1DM7IsmC3WJxY%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=eb05c266-35b1-4de6-bbf3-266efdf9c20a&obUid=_Wc_kZqn6X7dMDgNfhaFFkdxUAb8DtyafnReO-p_VVpZngsUa8F1DM7IsmC3WJxY&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Request Chain 225
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=132afa39-a00a-0c5f-23e2-d5989d86cd89
Request Chain 226
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185
Request Chain 227
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-ycGzdv9E2pfYyhjHZGzk52C3TE1VxoyOqIy7~A
Request Chain 228
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=8eba1813-6438-44ac-a501-d1055090e5f7
Request Chain 229
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=5597529CCA40456999768DE69389154D
Request Chain 231
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=emhcbg7rl3Ki7JE6L2It&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVSW22DDMJTTO4TMGNFWSN2KIU3EYMSJOQ HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVSW22DDMJTTO4TMGNFWSN2KIU3EYMSJOQ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=emhcbg7rl3Ki7JE6L2It
Request Chain 232
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=eb05c266-35b1-4de6-bbf3-266efdf9c20a
Request Chain 233
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=dTKB7HO9FSyL&ev=1&pid=558355
Request Chain 234
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=7045590474520975260
Request Chain 236
  • https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
  • https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Request Chain 238
  • https://pixel.sitescout.com/iap/22adbdb5ae1d0ff1 HTTP 302
  • https://pixel.sitescout.com/iap/22adbdb5ae1d0ff1?cookieQ=1
Request Chain 239
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=a664644d-cb70-4300-9a13-233ed2a6eae5&gdpr=&gdpr_consent=
Request Chain 241
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZE3LbwAGdnRvhAAn HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZE3LbwAGdnRvhAAn&gdpr=&gdpr_consent=&_test=ZE3LbwAGdnRvhAAn
Request Chain 244
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=0d3b310b-bf7a-405b-b93b-9457c9f6b19e
Request Chain 245
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZE3LcMCo8X4AAHdCi2gAAAAA
Request Chain 246
  • https://cs.admanmedia.com/sync/gumgum?puid=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=98255888-350f-4733-b66b-28f3b9e014a6
Request Chain 250
  • https://match.adsrvr.org/track/cmf/openx?oxid=e4175e49-881f-3409-4499-c57555d6cccf&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&ttd_puid=e4175e49-881f-3409-4499-c57555d6cccf&gdpr=0&gdpr_consent=
Request Chain 252
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAPWdf3Rlu6tvJ5vynSHzgk&google_cver=1
Request Chain 254
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2806201715888124060
Request Chain 255
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
Request Chain 256
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
Request Chain 257
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
Request Chain 261
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LH2RJSAP-Y-HTBD
Request Chain 262
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEEiLMyuAGW5pwIvaugyjG2A&google_cver=1
Request Chain 263
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1682819952040 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3723819329 HTTP 302
  • https://sync.1rx.io/usersync/turn/4114394166873606790?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fefba385-d67b-4953-8954-bd76b135de3f-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-fefba385-d67b-4953-8954-bd76b135de3f-005 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-fefba385-d67b-4953-8954-bd76b135de3f-005
Request Chain 264
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODJGOUM1NzUtM0U4RS00ODQyLThEQjctNEVCRkEzRkEwNDNF&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D82F9C575-3E8E-4842-8DB7-4EBFA3FA043E%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&gdpr=0&gdpr_consent=
Request Chain 268
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=yKnKxKjizgaVMhMIUbQf&pi=gumgum&tc=1
Request Chain 269
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 270
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&expiration=1685411951&gdpr=0&gdpr_consent=
Request Chain 271
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3LbwC4IvwXl.4YHEnopgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECuKuqkVOZXV-X3tO49Ukic&google_cver=1&google_hm=2
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3LbwC4IvwXl-4YHEnopgAAAC0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENCBDnyP20oP1obhXaE0khk&google_cver=1
Request Chain 274
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b88892d1-de49-e0eb-55a56e6a
Request Chain 276
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7812624609369255604&expiration=1684029552
Request Chain 277
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c15d3720-4ec5-427e-8d75-3e9ca5ef2b96&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 292
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LH2RJSAP-Y-HTBD HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LH2RJSAP-Y-HTBD&ex=d-rubiconproject.com&status=ok
Request Chain 294
  • https://dpm.demdex.net/ibs:dpid=82530&dpuuid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent=
Request Chain 295
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341
Request Chain 296
  • https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 298
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent=&ct=y
Request Chain 301
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fbob.dmpxs.com%2Fmagnetar_attract%3Fbob_tag_id%3Dbob_001%26apnx_uid%3D%24UID HTTP 302
  • https://bob.dmpxs.com/magnetar_attract?bob_tag_id=bob_001&apnx_uid=2806201715888124060
Request Chain 302
  • https://match.prod.bidr.io/cookie-sync/nextardigital HTTP 303
  • https://match.prod.bidr.io/cookie-sync/nextardigital?_bee_ppp=1 HTTP 303
  • https://bob.dmpxs.com/magnetar_attract?bx_uid=AADqGE7Im5cAACHzaMyfgw
Request Chain 305
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UmBcTnVzRyiep_dfzGfqrw&rk=usync-na
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBaXr4Ek-14qFgwVSrN8WTM&google_cver=1
Request Chain 308
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEgyUkpTQVAtWS1IVEJE HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ68-D-o92wWnIKIySg-1EM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyUkpTQVAtWS1IVEJE&google_push=
Request Chain 309
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmU1YWU3MzA0Nzc4NWYzOTY2ZWMwYTg1ODc1NGFhMDVkMGRlNWNiOA
Request Chain 310
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=&expires=30
Request Chain 311
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/B742MQfAyK5SbqQ9KoCOFw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0ZiZ1ctE2oL2mb8YzrOH..AiGJik1x5YHluVgw--~A
Request Chain 312
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2RJSAP-Y-HTBD
Request Chain 313
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1---&khaos=LH2RJSAP-Y-HTBD HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LH2RJSAP-Y-HTBD&us_privacy=1---
Request Chain 329
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978758886832913290
Request Chain 331
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEcUdFN0ltNWNBQUNIemFNeWZndw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADqGE7Im5cAACHzaMyfgw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADqGE7Im5cAACHzaMyfgw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADqGE7Im5cAACHzaMyfgw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADqGE7Im5cAACHzaMyfgw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=7045590474520975260&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADqGE7Im5cAACHzaMyfgw&gdpr=0&gdpr_consent=
Request Chain 333
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gvnFdT6OSEKNt06_o_oEPg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 334
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=13a54d7e-5d29-48ca-b783-eece86e1ae12%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&ttd_puid=13a54d7e-5d29-48ca-b783-eece86e1ae12%2C%2C
Request Chain 336
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&vxii_pid=12&vxii_pid1=10067&vxii_rcid=9e28f1eb-c040-4591-ae21-d619b7634fa4
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKGC2rQuH7xWSQLdMUuHESw&google_cver=1
Request Chain 338
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:97F0F40EA0184676AC35881C57F6BA1C
Request Chain 339
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4114394166873606790&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 340
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
Request Chain 341
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-tAOxJKZE2uXHv2bDnT1Cf6UnS0EbStE-~A&gdpr=0
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuKuqkVOZXV-X3tO49Ukic&google_cver=1
Request Chain 397
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE3LbwC4IvwXl.4YHEnopgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuKuqkVOZXV-X3tO49Ukic&google_cver=1&google_hm=2
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOUielAX-DN3R10e4rIPu0A&google_cver=1
Request Chain 399
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgwNjIwMTcxNTg4ODEyNDA2MA%3D%3D
Request Chain 402
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAPWdf3Rlu6tvJ5vynSHzgk&google_cver=1
Request Chain 403
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg3ODhkODMtNDE2OC02YWFkLTUxNzktOWZjYzlmMzQwMmFm
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEP5BMkeK3dm1j6Myu76G7C8&google_cver=1
Request Chain 405
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzYzM2ZjZTQtZjAyMC00Mzk0LWEwOTYtNmQ2YjI5NDU2MWY0
Request Chain 455
  • https://fksnk.com/cs/google?google_gid=CAESEBSYABZ-jhTQZNDE-z8_9Gw&google_cver=1&google_push=ATf1kGM0ekOlPUzYCG-EyXeZwVUjgdDfrhHLRxGHWQhwSuG_AqGmnVZIziqeEJj-RYkGxn3jQag03V3eN0nuKZhr7QzBZs-ojyUz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDg0MTg4MjdBMEFGRDcyMw==
Request Chain 456
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHl23Egvwtxqp1YuysAytPM&google_cver=1&google_push=ATf1kGNqPUy3h2oJbWK1N2XjiswcOGXG-WCsLMKpPR0bBcstgyDKcAP-Dqjw5M89NdaSTPgi72a2WQJC-PLQUqHUEVkfMPVAjcuK HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=g4xviK_ISe6bW4nuvSP07Q2&google_push=ATf1kGNqPUy3h2oJbWK1N2XjiswcOGXG-WCsLMKpPR0bBcstgyDKcAP-Dqjw5M89NdaSTPgi72a2WQJC-PLQUqHUEVkfMPVAjcuK
Request Chain 457
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJlT6JDCN44M1tfRR8vcWes&c_param1=ATf1kGP1I1-qzAIambon-58e7V5a3VgAbRA0KKT1qNIHBKuWi6E7AHkf9D9QqeoMKOrVjrdV2iopyJj3x8aML0JiFe7QsuYt8Nag&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGP1I1-qzAIambon-58e7V5a3VgAbRA0KKT1qNIHBKuWi6E7AHkf9D9QqeoMKOrVjrdV2iopyJj3x8aML0JiFe7QsuYt8Nag
Request Chain 458
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ68-D-o92wWnIKIySg-1EM&google_cver=1&google_push=ATf1kGOdOxuK1ppNOGezYahduLGLYuDkPa0upsNqQ1dP5EVUSDdj1FkuKZnO5DTCMJAXtdUduG8d7WBUebYrzCid-acoitt0OPjY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyUkpTQVAtWS1IVEJE&google_push=ATf1kGOdOxuK1ppNOGezYahduLGLYuDkPa0upsNqQ1dP5EVUSDdj1FkuKZnO5DTCMJAXtdUduG8d7WBUebYrzCid-acoitt0OPjY
Request Chain 459
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGNtuTD4ZhcyOTd2StgX3oEJ8caWMCQhNRcGhEZ9GabFPi2VbaOI3AhRqS5Ws6O_fygwxM0dtUAEVRfyC1IAlDszEMKkAbdyOQ%26google_hm%3D%5BUID%5D&google_gid=CAESEMe_f11C2-4vzIRkp1Xfb8g&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGNtuTD4ZhcyOTd2StgX3oEJ8caWMCQhNRcGhEZ9GabFPi2VbaOI3AhRqS5Ws6O_fygwxM0dtUAEVRfyC1IAlDszEMKkAbdyOQ&google_hm=2171f362-a4cc-4148-8d35-d41073c8fa9b
Request Chain 460
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEHrNze5jlbdcpSz-2ZfL5_o&google_cver=1&google_push=ATf1kGMB4itMg_zKVbCRg_BGlj8Ce8vwfmHNoSbG-kNFBalPYvZDPy6e3ht3fubNtk0IOlMp2Y6ECbOm7b2TVX6irviF78XXm3sv6w HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fefba385-d67b-4953-8954-bd76b135de3f-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGMB4itMg_zKVbCRg_BGlj8Ce8vwfmHNoSbG-kNFBalPYvZDPy6e3ht3fubNtk0IOlMp2Y6ECbOm7b2TVX6irviF78XXm3sv6w%26google_hm%3DBf77o4XWe0lTiVS9drE13j8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMB4itMg_zKVbCRg_BGlj8Ce8vwfmHNoSbG-kNFBalPYvZDPy6e3ht3fubNtk0IOlMp2Y6ECbOm7b2TVX6irviF78XXm3sv6w&google_hm=Bf77o4XWe0lTiVS9drE13j8
Request Chain 461
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEOGAkKoK6CgaaCierZyXA4M&google_cver=1&google_push=ATf1kGNAguuo1dn5QGHmhpgHCFJdyh2Wbe3SRge-ICnO6b-uLY-4OvxX2ZfJ-9x_J7cjnR8TIJedWu6YjZw_VzGRGtBbVba2BPgNCw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGNAguuo1dn5QGHmhpgHCFJdyh2Wbe3SRge-ICnO6b-uLY-4OvxX2ZfJ-9x_J7cjnR8TIJedWu6YjZw_VzGRGtBbVba2BPgNCw&google_hm=5d3fda4793c339f35382892a6bfbf613
Request Chain 463
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG_rpd5nA1yz-FEro_bmTuY&google_cver=1&google_push=ATf1kGMG59IuV4UYnKs7QcETfZB-61jWUU2-9Qh1lTxdB74eIh7MGcw7Y4QLMh_gFqdzE8n3W05OPEHlrJZNsq_2oxdtBEDF3Dk HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG_rpd5nA1yz-FEro_bmTuY&google_cver=1&google_push=ATf1kGMG59IuV4UYnKs7QcETfZB-61jWUU2-9Qh1lTxdB74eIh7MGcw7Y4QLMh_gFqdzE8n3W05OPEHlrJZNsq_2oxdtBEDF3Dk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RTEwRzRJYXoxUFNXbGs1&google_gid=CAESEG_rpd5nA1yz-FEro_bmTuY&google_cver=1&google_push=ATf1kGMG59IuV4UYnKs7QcETfZB-61jWUU2-9Qh1lTxdB74eIh7MGcw7Y4QLMh_gFqdzE8n3W05OPEHlrJZNsq_2oxdtBEDF3Dk
Request Chain 464
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHl23Egvwtxqp1YuysAytPM&google_cver=1&google_push=ATf1kGPbD-M9YLc5ryuDq1Nt8NVt-tYIlc9MsR9vw2vn2m5XRcBjRh1rGoDaDUrGfLfAoPknMromqITJAi36nt8yvGG3ZfBp7KaJ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dOJDvdWLQJWKusH1h8ZDXg2&google_push=ATf1kGPbD-M9YLc5ryuDq1Nt8NVt-tYIlc9MsR9vw2vn2m5XRcBjRh1rGoDaDUrGfLfAoPknMromqITJAi36nt8yvGG3ZfBp7KaJ
Request Chain 465
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHQqL_lsOAmly8Ob5-yWEw0&google_cver=1&google_push=ATf1kGMl18GTn-oMiPcs3skQghSPnvfSudwo5HyX1D4bU-_sXzRlIqxW-fkl0jpRjvjMqgXGvuM6cVgkSf_JdsYglGlFtREjzcpl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgxMjYyNDYwOTM2OTI1NTYwNA&google_push=ATf1kGMl18GTn-oMiPcs3skQghSPnvfSudwo5HyX1D4bU-_sXzRlIqxW-fkl0jpRjvjMqgXGvuM6cVgkSf_JdsYglGlFtREjzcpl
Request Chain 466
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIoY_hf977BWSYKEXaqbky0&google_cver=1&google_push=ATf1kGO0mmgwdXb65s8oZAJeoaLHpuIF7I0JoctSQHuKYWZAn-948Bz06fbdmkHjpnNlCABljbN3PxeqaZCbFDkZ83y2IvRi_Gqh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=2947bdb4&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGO0mmgwdXb65s8oZAJeoaLHpuIF7I0JoctSQHuKYWZAn-948Bz06fbdmkHjpnNlCABljbN3PxeqaZCbFDkZ83y2IvRi_Gqh
Request Chain 467
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEOGAkKoK6CgaaCierZyXA4M&google_cver=1&google_push=ATf1kGMBJPIB-7dM9bYxhKErERH04SpCSahnsQ3A2a61mX_oFr3hANmuB8PNh09UzTNDuyyc40VY7SAzzF5rI4jNWJ4VI6gEdy1M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGMBJPIB-7dM9bYxhKErERH04SpCSahnsQ3A2a61mX_oFr3hANmuB8PNh09UzTNDuyyc40VY7SAzzF5rI4jNWJ4VI6gEdy1M&google_hm=97748cccb384a5e39ab1a785cdc990da
Request Chain 468
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEMmgJRf7UQonWhgihWxnwg8&google_cver=1&google_push=ATf1kGOPDNOrVkkhkOyVwCBXeV9frKBdcprIOQ3GnkBQVkJDX8P8SVA5Yc6dUTS0JXz1IphkOaBpGWAI4Yj4EoHiPMxkjBIzIGzR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOPDNOrVkkhkOyVwCBXeV9frKBdcprIOQ3GnkBQVkJDX8P8SVA5Yc6dUTS0JXz1IphkOaBpGWAI4Yj4EoHiPMxkjBIzIGzR&google_hm=QlMuNGE2ZC04NTc0LTQ5YjItYTliMQ==
Request Chain 469
  • https://trace.mediago.io/cs/google?google_gid=CAESEKBXlarVZWxW_uljtSvFAm4&google_cver=1&google_push=ATf1kGOsRtvOkE3rtUaqmv9W88z6xPIZtt2Og7iXEEvJhfoxK2gaXuD1OgHn_VLXEmmPZFIl4716MD4RXh_qOcGJyRzHxjY5igxboA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGOsRtvOkE3rtUaqmv9W88z6xPIZtt2Og7iXEEvJhfoxK2gaXuD1OgHn_VLXEmmPZFIl4716MD4RXh_qOcGJyRzHxjY5igxboA&google_hm=9a244197be68358dfeab67af3138f206
Request Chain 480
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=newsnationnow.com&sn=ChromeSyncframe&so=0&topUrl=www.newsnationnow.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Rn4Ej3xJSGFpZzBpVE1UaE4zOUNBTlNTamREOVdubCtzd0JOOTRYWXFEeW1lMjFXVWxFOExUaVdwZDRIOWRPaGZnWHlOSkFCcHBRTzVENko3bWpldHYrMDNWSk9mMFNaenVpd0lYdDFGOFpKcnUzZVV4S0o3YnNYTHN5MC94cUpueGxDRXl2RzRtbWFDRHpDSXB5UHZ2Zy9DUGRUZlE0QUwyb3pGc2dtazlzYThtSTRiYVcxRXc4TVgxM1VyQWp5aXY3aTVZT0xDNlQ5cnZlQU5wcTMvenAxNkhkbjhpUFF4T2FTQU8wQ1VKM2k2OHIzTUxLa0xwKzFmVXRWSkhSYU9lTGM3aVRYSXFkU3B2Q0E3ZzhndzlLT3NKYXF6aTVNNm1BalZvdWk0QXNxUGxhaz18&cppv=2
Request Chain 488
  • https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=image HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=gc07948f5975ba895194 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D13a54d7e-5d29-48ca-b783-eece86e1ae12%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2806201715888124060&pt=13a54d7e-5d29-48ca-b783-eece86e1ae12%2C%2C
Request Chain 489
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=726939&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZE3LbwC4IvwXl.4YHEnopgAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZE3LbwC4IvwXl.4YHEnopgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259307703854
Request Chain 490
  • https://eb2.3lift.com/sync?px=1&src=prebid&us_privacy=1---& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 491
  • https://id5-sync.com/s/441/9.gif?puid=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/441/434/8/2.gif?puid=2171f362-a4cc-4148-8d35-d41073c8fa9b&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/7/3.gif?puid=2806201715888124060&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&ttl=%%TTL%% HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F5%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/441/429/5/5.gif?puid=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/112/4/6.gif?puid=22D37AD76CA25579&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-6040W6kX2gaWsq9yAk3V-qjusrQu52a6b56osqPB-A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F3%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/3/3/7.gif?puid=a664644d-cb70-4300-9a13-233ed2a6eae5&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F2%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/2/8.gif?puid=13a54d7e-5d29-48ca-b783-eece86e1ae12&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AADqGE7Im5cAACHzaMyfgw HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=a664644d-cb70-4300-9a13-233ed2a6eae5&gdpr=0&consent=&id5id=ID5-6040W6kX2gaWsq9yAk3V-qjusrQu52a6b56osqPB-A

489 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/ 		347 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
9dcd42706b55488849677355cc06f02d79470434d038fe8b0c2093873dd5fe4f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
private, no-store
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 01:59:09 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.newsnationnow.com/wp-json/>; rel="https://api.w.org/" <https://www.newsnationnow.com/wp-json/wp/v2/posts/1548892>; rel="alternate"; type="application/json" <https://www.newsnationnow.com/?p=1548892>; rel=shortlink
server
nginx
x-cache
miss
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
yyz3 123 242 443
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora:400,400i,700,700i|Roboto+Condensed:400,700&display=swap
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7484358e7f25e068df4b3112be535d16bf310dab9d160446a1d30b54474d24e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 01:59:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Apr 2023 01:59:09 GMT
ndn.js
nxst.megpxs.com/ 		1 KB
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nxst.megpxs.com/ndn.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-26.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fae7cb122b33949c45effba227d872943f35d08e48c352a1d92e8bd1936d9d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:38:56 GMT
content-encoding
gzip
via
1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
last-modified
Tue, 11 Oct 2022 18:34:30 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
1214
etag
W/"4e766e8c28018b0e03961b6117903c22"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
TjSbw6fZW4D7IzxFYyFYJfPocTbyahOZBDmHEODUQz7YPPqWQzMwyA==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
rpnZu/dYNZPLIh9pLOSMrg==
age
26277
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6757
x-ms-lease-status
unlocked
last-modified
Thu, 27 Apr 2023 20:26:46 GMT
server
cloudflare
etag
0x8DB475DB9217360
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7adbfebd-601e-0124-504e-7907fd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7bfc2f0aea414bd0-YUL
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 30 Apr 2023 01:59:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
31817
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7bfc2f0afa454bd0-YUL
udl.js
www.newsnationnow.com/wp-content/plugins/universal-data-layer/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/plugins/universal-data-layer/js/udl.js?ver=1.3.0
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f299ed8d77a8eca1e3e2610c1c245cd5dfe00baba8a0799512fac5d61d69018a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Fri, 31 Mar 2023 15:40:56 GMT
server
nginx
etag
W/"6426ff08-34d0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
script.js
blue.newsnationnow.com/ 		162 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.newsnationnow.com/script.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
- /
Resource Hash
e238c1f3cd9d01e3e147ef07fe25b6f1341a49b9b0989c655cea85bad27d3f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:53:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C2
age
333
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
50034
x-xss-protection
1; mode=block
last-modified
Sun, 30 Apr 2023 01:43:06 GMT
server
-
etag
b838d952cd395fbcbb483793df2c3c78
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
vn5ykO9p3OkSWcpspoguwnH6YVJl2xp0XkR3jhkTE4yJiKk81-TYag==
expires
Sun, 30 Apr 2023 02:03:36 GMT
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/68713bba-01e6-43ff-b1b6-da374170dd37/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/68713bba-01e6-43ff-b1b6-da374170dd37/launchpad-liveramp.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-44.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84432b6dc3830418a78a9fd78aa8284566e3f01eddede190fca4b5a0ce79b233

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
pbvF32AVrOnipkdV5OxOq_zY5B6daW.z
content-encoding
gzip
via
1.1 dee3e3075e44bf98642bfe89cb38088a.cloudfront.net (CloudFront)
date
Sat, 29 Apr 2023 06:13:55 GMT
x-amz-cf-pop
JFK50-P8
age
71115
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Mon, 07 Nov 2022 15:21:52 GMT
server
AmazonS3
etag
W/"ae871beb96ff57228f6a6cf66a345a7d"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
SFw_WfOfRQAx6kd5YT435X8hVsgp-KuHXcYA1sZY4EVLeJzN_b3T3w==
31b9b552-f32e-4036-8364-726eb992b71d.js
d3plfjw9uod7ab.cloudfront.net/ 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:c600:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36578ae592482703e85b49339372ddb90fb913e993def91a768d7193bf523d12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
_jo2vQ..vpdr8zoXETzCrkyf5FBzTGGk
content-encoding
gzip
via
1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 01:29:34 GMT
last-modified
Wed, 08 Mar 2023 15:57:39 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
1779
x-amz-server-side-encryption
AES256
etag
W/"2895c9c021855adaa2746b67952a729d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, public
x-amz-cf-id
5KRJRsEb3S2wn_EB6Ji85XxFYuixi_1CUPO2viYxdMtAAgOVhxLyHg==
pbjs-7.32.0-20230406.js
www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/ 		336 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a182298504cef7daa5c027c37c0ec041a6dec7f21176514dbebde155abce2016

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Tue, 25 Apr 2023 15:56:05 GMT
server
nginx
etag
W/"6447f815-54072"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
config.js
cdn.confiant-integrations.net/Y2Nn8JmiAY8HpnF4sl5n7J71jaI/gpt_and_prebid/ 		393 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/Y2Nn8JmiAY8HpnF4sl5n7J71jaI/gpt_and_prebid/config.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe57c866192792981bcde1f022f935d3a9ab5ae6165ad21f9d4c748ad18776e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 29 Apr 2023 23:35:56 GMT
server
cloudflare
x-amz-request-id
JDZF6PCE7ZRJDHFJ
age
410
etag
W/"1359880d8ae1eab3c2afd040502869cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7bfc2f0c8f1f7154-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
huJbfbOPH98Pp/pXMKzwbxQk2tWAYAdc0DOF43J1V45YaczBxz+H4Y0Bp4j/6VsbU0uYhk0cW3Y=
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:3000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 07:15:19 GMT
content-encoding
gzip
via
1.1 d877346b368e974486e739220882b59e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
67430
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
24AAOLOJd1lGkCe2x8KCDv_qYJtdSqkPTCDxfygAXh43KZBuc3cjsQ==
expires
Sun, 30 Apr 2023 07:15:19 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af27db7d6746be817216cdf352f51248a2a1ea7fbcf4612140873dc58f2ab3b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24757
x-xss-protection
0
server
cafe
etag
433 / 19477 / m202304250101 / config-hash: 17856767610576847833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 01:59:09 GMT
tag
btloader.com/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5189853027762176&upapi=true
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6ae7c8aef5bfb22d3d6b6f9c8669cb937b0d51678f23264648c9b4ea79bba80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 30 Apr 2023 01:00:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3330
etag
W/"be8423243b6099f029bc8da2ffa2958b"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNYji7E9xNcT4lHl6JTVfQR8JNB4ZYEwYDdQUn4S0%2F8Gd14wrxh1lorIBExaDjgH9H7HbY2oh%2FVMqwJPfbj2oA9Bn4ag0WSpksE89DT64E9%2F5VFd%2FhJj6lGhLUJotZ95k8yYBFzft7W6Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7bfc2f0e5cf2c43b-EWR
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2011
etag
W/"06f50014011c1fcd9e21b6b0481979de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7bfc2f0e4de63400-YUL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 03 May 2023 01:59:09 GMT
fd137de5-c96c-424c-afa7-f92a90556e38.json
cdn.cookielaw.org/consent/fd137de5-c96c-424c-afa7-f92a90556e38/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fd137de5-c96c-424c-afa7-f92a90556e38/fd137de5-c96c-424c-afa7-f92a90556e38.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9902ccac011c83c05387d110956e1ddf61b0732b104bded4c61446a1a2094e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
yqmCmgVJvdCOpmV85oPAeQ==
age
12714
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1584
x-ms-lease-status
unlocked
last-modified
Fri, 14 Apr 2023 21:21:17 GMT
server
cloudflare
etag
0x8DB3D2E2F851314
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d05fe0a3-a01e-0036-7617-6f75b4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7bfc2f0bde337156-YUL
expires
Mon, 01 May 2023 01:59:09 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		77 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26722786cc2b7257efb9ed4b77e7c4f0cae058303ac58a67e74f191db592eda7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7bfc2f0e0f394bd1-YUL
vary
Accept-Encoding
content-type
text/javascript
bob_001.js
bob.dmpxs.com/static/ 		1 KB
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bob.dmpxs.com/static/bob_001.js?bob_cb=1682819949384731&cats=Business%2CCybersecurity%2CTech%2CWorld&bob_kw=&bob_desc=Microsoft%20said%20it%20detected%2C%20isolated%20and%20removed%20a%20malicious%20version%20of%20software%20from%20SolarWinds%20inside%20the%20company%20but%20that%20its%20investigation%20so%20far%20showed%20no%20evidence%20hackers%20had%20used%20Microsoft%20systems%20to%20attack%20customers%20or%20anyone%20else.&story_author=Haley%20Townsend&page_url=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.43.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-43-162.compute-1.amazonaws.com
Software
/ Express
Resource Hash
92f46c7cba4d17f6919a27bc712bcfa2ae726743ba22c8e208014990f7661268

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
last-modified
Wed, 06 Apr 2022 03:35:15 GMT
x-powered-by
Express
etag
W/"44a-17ffcf0d2a8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
apstag.js
c.amazon-adsystem.com/aax2/ 		227 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:15:42 GMT
content-encoding
gzip
via
1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront), 1.1 313dd6f62ed18c58ce60182660a6ec46.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 19:15:17 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, JFK50-P3
age
2608
x-amz-server-side-encryption
AES256
etag
W/"644915d59292b7496ff86a0d2c460fce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
cEsreW7RDJUpe0ELhiG1YIDQEipZYvvWutDrzpx24WzggY6Xh3-Edg==
gtm.js
www.googletagmanager.com/ 		282 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJJZHXD
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7429e664871f86d037ddadef0b07a146557927b7ff081bee665223af1e0a6b1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77266
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Apr 2023 01:59:09 GMT
cs
nexstar.blueconic.net/DG/DEFAULT/ 		16 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json554
Requested by
Host: blue.newsnationnow.com
URL: https://blue.newsnationnow.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.239.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-239-67.compute-1.amazonaws.com
Software
- /
Resource Hash
032c97779200ed51c5566540c4ddccec5216c160290bd20447e48bb895b08b2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
domaingroupcheck
cookies-data.onetrust.io/bannersdk/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
domainid,location,url
Access-Control-Request-Method
GET
Origin
https://www.newsnationnow.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
domainId, url, location, Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
*
cf-ray
7bfc2f0c4c2a4bbf-YUL
content-length
0
content-type
application/json
date
Sun, 30 Apr 2023 01:59:09 GMT
server
cloudflare
vary
Accept-Encoding
domaingroupcheck
cookies-data.onetrust.io/bannersdk/v1/ 		16 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
469ab758cfe6a8ac93cda5872ca28655f6f874a2f6cceafa710fc01f52fc787d

Request headers

location
cdn.cookielaw.org
Referer
https://www.newsnationnow.com/
url
www.newsnationnow.com
accept-language
en-CA,en;q=0.9
domainId
fd137de5-c96c-424c-afa7-f92a90556e38
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7bfc2f0c7c584bbf-YUL
access-control-allow-headers
Content-Type
content-length
16
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		68 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7bfc2f0c3cdf7145-YUL
access-control-allow-headers
Content-Type
launchpad.bundle.js
launchpad.privacymanager.io/1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/68713bba-01e6-43ff-b1b6-da374170dd37/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-116.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding
gzip
via
1.1 c36b03c9737c294317e3651e77ee0c4a.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 01:40:51 GMT
x-amz-cf-pop
JFK50-P6
age
1099
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
a78f2a5a4864424e54348ce47b156abb
last-modified
Thu, 10 Mar 2022 13:10:48 GMT
server
AmazonS3
etag
W/"3e312624cdc2445a38a716f92dc3c0cd"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
E8Mo_jmCCey3t4o-j6kHqB-xg3h98n4Wbj2rgxLZGlUs6ZDCQQyyyQ==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202210.1.0/ 		381 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
DjzI+HdyHvhC2OCs+qd+pw==
age
78589
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
93164
x-ms-lease-status
unlocked
last-modified
Fri, 16 Dec 2022 04:11:44 GMT
server
cloudflare
etag
0x8DADF1BA4D9E9D9
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b63a90e6-101e-0006-59e1-5a2f9e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7bfc2f0dee2e4bd0-YUL
style.min.css
www.newsnationnow.com/wp-includes/css/dist/block-library/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Wed, 05 Apr 2023 21:46:36 GMT
server
nginx
etag
W/"642dec3c-172a9"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
mediaelementplayer-legacy.min.css
www.newsnationnow.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Wed, 05 Apr 2023 21:46:37 GMT
server
nginx
etag
W/"642dec3d-2bf8"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
wp-mediaelement.min.css
www.newsnationnow.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Wed, 05 Apr 2023 21:46:37 GMT
server
nginx
etag
W/"642dec3d-105a"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
related-posts-block-styles.min.css
www.newsnationnow.com/wp-content/mu-plugins/search/elasticpress-next/dist/css/ 		222 B
289 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/mu-plugins/search/elasticpress-next/dist/css/related-posts-block-styles.min.css?ver=4.2.2
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 123 242 443
last-modified
Thu, 20 Apr 2023 15:16:01 GMT
server
nginx
etag
"64415731-de"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
222
classic-themes.min.css
www.newsnationnow.com/wp-includes/css/ 		217 B
261 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 123 242 443
last-modified
Wed, 05 Apr 2023 21:46:36 GMT
server
nginx
etag
"642dec3c-d9"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
217
os-custom-link.css
www.newsnationnow.com/wp-content/plugins/onesignal/dist/ 		1 KB
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/plugins/onesignal/dist/os-custom-link.css?ver=3.7
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1537ea59fe760513e81e0d92603da1eac49e37a8f3d97e6597614ce0850cd43e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Tue, 31 Jan 2023 16:37:10 GMT
server
nginx
etag
W/"63d943b6-516"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
css
fonts.googleapis.com/ 		19 KB
1018 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C600%2C700%2C900%7CSource+Serif+Pro%3A400%2C600%2C700%2C900&display=swap&ver=1.0.0
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4768d796cd86601ea51cb79bfa81825d89dd7ab8c6c9d313ef0274bf8821a42a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsnationnow.com/
Origin
https://www.newsnationnow.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 00:30:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Apr 2023 01:59:09 GMT
css
fonts.googleapis.com/ 		12 KB
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora%3A400%2C400i%2C700%2C700i%7CRoboto+Condensed%3A400%2C700&display=swap&ver=1.0
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7484358e7f25e068df4b3112be535d16bf310dab9d160446a1d30b54474d24e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsnationnow.com/
Origin
https://www.newsnationnow.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 01:59:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Apr 2023 01:59:09 GMT
global.min.css
www.newsnationnow.com/wp-content/themes/nexstar/client/build/css/ 		179 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/nexstar/client/build/css/global.min.css?ver=c0661c1a574767491305
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
76357ae80cacc78bb1385d3bf6a3e4479c34ec4e502396f266dfd2ee8b993055

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-2cae0"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
css
fonts.googleapis.com/ 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A500%2C600%2C700%7CNunito+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i&ver=1.0
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
70a69a73c8f604528d5390b58c53a83ce6a3290d0e7fca9df7ee5134c892e36a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsnationnow.com/
Origin
https://www.newsnationnow.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 01:57:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Apr 2023 01:59:09 GMT
global.min.css
www.newsnationnow.com/wp-content/themes/newsnation/client/build/css/ 		168 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/newsnation/client/build/css/global.min.css?ver=5ed99c9e2b3d3ce6041e
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d1e711d61ad0476c0da400e33cf8d47a24b4ca8dc4e4631c605e1553402231c0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-29e4f"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
article.min.css
www.newsnationnow.com/wp-content/themes/nexstar/client/build/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/nexstar/client/build/css/article.min.css?ver=dee9ecd1d28398071d06
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
78b9dc5d0987b605b295bc7ba71ff897a49ead3969dd0319de83c2491d575f0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-1f3f"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
article.min.css
www.newsnationnow.com/wp-content/themes/newsnation/client/build/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/newsnation/client/build/css/article.min.css?ver=3f4ce00210bd08e20d90
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f45e8c0789458a1aae0de357620b82f2d8692fc1ebf904c01a348e01304c7eb8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-54dd"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
common.chunk.min.css
www.newsnationnow.com/wp-content/themes/nexstar/client/build/css/ 		26 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/nexstar/client/build/css/common.chunk.min.css?ver=05f936473bb57673a7fd
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fd93fbd00fc168496db366c21c9eecd8a4a08b2ff962c076fe63b2f873e8ae84

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-6996"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
weatherIcons.min.css
www.newsnationnow.com/wp-content/themes/nexstar/client/build/css/ 		314 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/nexstar/client/build/css/weatherIcons.min.css?ver=8815d05ab5082c1b94da
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1a62a50741963e587d42b905ce9f22c55a19453096d308c5cdbc5762ded77c27

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-4e723"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
video-playlist.min.css
www.newsnationnow.com/wp-content/themes/nexstar/client/build/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/nexstar/client/build/css/video-playlist.min.css?ver=6f87cde3febaa78659ea
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9e2c0f9c8b7c348defe012c165f5ba4c0e1f6ca10db7763733095bec3b380df1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-25ee"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
weather.min.css
www.newsnationnow.com/wp-content/themes/nexstar/client/build/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/nexstar/client/build/css/weather.min.css?ver=70d124a2e978cebec544
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a1407b0c846c65977d7932af975a60934cde970ad97b72e01e9bc02afe29e7e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-3e8b"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
widget.subscribe.css
www.newsnationnow.com/wp-content/plugins/sailthru-widget/css/ 		2 KB
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/plugins/sailthru-widget/css/widget.subscribe.css?ver=1.1.2
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
26e8db41813f87bb61da1529be0ca2d88fd523807d5125bf293025539754fce2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Tue, 31 Jan 2023 16:37:11 GMT
server
nginx
etag
W/"63d943b7-9ef"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
display.css
www.newsnationnow.com/wp-content/plugins/sailthru-widget/css/ 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/plugins/sailthru-widget/css/display.css?ver=1.1.9
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
350c8dbe22ce0bb7b5776740e2ed900132da0be7248a7d29916f8b83b0c02c53

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Fri, 31 Mar 2023 15:40:56 GMT
server
nginx
etag
W/"6426ff08-64b6"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
jetpack.css
www.newsnationnow.com/wp-content/client-mu-plugins/jetpack/css/ 		84 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/client-mu-plugins/jetpack/css/jetpack.css?ver=11.4
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7fa4abb686798756bc90d4d6d1e4da75137160ecf2bc7ff6c103263f9842c444

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Tue, 31 Jan 2023 16:37:10 GMT
server
nginx
etag
W/"63d943b6-14ef8"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
ad-referral-source.js
www.newsnationnow.com/wp-content/plugins/lakana/inc/ad-referral-source/js/ 		2 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/plugins/lakana/inc/ad-referral-source/js/ad-referral-source.js?ver=1.0.0
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6f63f4c537bc568f1084f47fa718432cc639e7b71bafb27eeb7a75c120a3448d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Wed, 19 Apr 2023 19:03:44 GMT
server
nginx
etag
W/"64403b10-910"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
jquery.min.js
www.newsnationnow.com/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Wed, 05 Apr 2023 21:46:37 GMT
server
nginx
etag
W/"642dec3d-15e54"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
jquery-migrate.min.js
www.newsnationnow.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Wed, 05 Apr 2023 21:46:37 GMT
server
nginx
etag
W/"642dec3d-2bd8"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
segment.js
segment.psg.nexstardigital.net/ 		147 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segment.psg.nexstardigital.net/segment.js?ver=6.1.1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58829af7fd4ea53a9a53f760e122a948aef6ad88ff05e32003c09f4bb87d635b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.newsnationnow.com/
Origin
https://www.newsnationnow.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
PA1BBTQSXH82BGV6
age
481
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:564329123274:build/prod-frontend-segment:13193a1b-b93c-4b1f-8c50-610597f325e8
x-cache
HIT
x-amz-meta-codebuild-content-md5
9a513ea52a29dd5269488e11af36e86f
content-length
43515
x-amz-id-2
Yv6qtLhJ/r5lmQOzUZxYp5DmRZlldZtWJn29Bn6lyCnKHC2g+aX2YaMzxZWCA5H67hgU5ufsZNQ=
x-served-by
cache-yul12823-YUL
last-modified
Tue, 25 Apr 2023 17:10:24 GMT
server
AmazonS3
x-timer
S1682819950.566746,VS0,VE0
etag
"dd1257489a1b2c7f2fed58194e608662"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
c646c653433355d0dbaa95897cd25d55c05d5a83445b35b6b09290e6d24d745e
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
9
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=6.1.1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-113.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:53:34 GMT
content-encoding
gzip
via
1.1 ac1cb1fdb7cf3984f94f9f190169eb3a.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 16:08:40 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
335
x-amz-server-side-encryption
AES256
etag
W/"be0aea74754407f0a826a84e140dd5ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
QBb2KakZNxYpatGVQzIRxILKQFVgjIFNZq14K8LOEBjmrcKUok8pbA==
tag.js
www.newsnationnow.com/wp-content/plugins/sailthru-widget/js/ 		603 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/plugins/sailthru-widget/js/tag.js?ver=6.1.1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e7efcd6d780141149d6cfa70470b4518d2e4cbb421bc21d76df611f6b2969587

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Tue, 31 Jan 2023 16:37:11 GMT
server
nginx
etag
W/"63d943b7-25b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
anvload.js
w3.mp.lura.live/player/prod/v3/scripts/ 		491 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w3.mp.lura.live/player/prod/v3/scripts/anvload.js?ver=3
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:2954:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
05c514b1d302798768397cff545450e1d5ca021b1d333ff0617edb5e77fb3e45

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:05:04 GMT
content-encoding
gzip
via
1.1 google
age
14045
x-guploader-uploadid
ADPycdthWer9c0MKALWKm2E0V-MKGhF6prfW2GHJDJ74i9AiWA8Zit0tIAZtbnVRSWVL5RSFLbc_dFSIVQroTZaX5wCqC0gy7XMo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171694
last-modified
Wed, 29 Mar 2023 20:39:04 GMT
server
UploadServer
etag
"3415b365c1086fbf7ab2411749e09569"
vary
Accept-Encoding
x-goog-generation
1680122344229394
x-goog-hash
crc32c=R8/Ufg==, md5=NBWzZcEIb796skEXSeCVaQ==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public,max-age=14400
x-goog-stored-content-length
171694
accept-ranges
bytes
widget.subscribe.js
www.newsnationnow.com/wp-content/plugins/sailthru-widget/js/ 		2 KB
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/plugins/sailthru-widget/js/widget.subscribe.js?ver=1.1.5
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2ffbd2044f32177182571ae98cdb456be05ab0d4d8ab75f04f8f9a985db43a81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Wed, 19 Apr 2023 19:03:44 GMT
server
nginx
etag
W/"64403b10-7a7"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
display.js
www.newsnationnow.com/wp-content/plugins/sailthru-widget/js/ 		1 KB
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/plugins/sailthru-widget/js/display.js?ver=1.1.2
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ee9f313b24e5afd487e1d748e36e50c8ed84c081d91e9ce6d2799dc0e61aa627

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Tue, 31 Jan 2023 16:37:11 GMT
server
nginx
etag
W/"63d943b7-52f"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
2020-08-03T080112Z_1782100189_RC286I9P29GI_RTRMADP_3_MICROSOFT-TIKTOK.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2020/08/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2020/08/2020-08-03T080112Z_1782100189_RC286I9P29GI_RTRMADP_3_MICROSOFT-TIKTOK.jpg?w=876&h=493&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
64aa86bdc27da739a75f7554ef67d6b7560cb93486743fb0baa74e176c7cfeb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
x-rq
yyz3 86 167 443
last-modified
Sun, 30 Apr 2023 01:59:10 GMT
server
nginx
etag
"90f998e7829b1816"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
113566
delivery.js
assets.revcontent.com/master/ 		164 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
e4700c468cf354246d94b2db8f165ac25e866ae4b4e1819bb9852f61c64a013a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 20:23:00 GMT
server
AmazonS3
x-amz-request-id
5HBA1JDBSJ4S41DN
etag
"a3b805e6288172d3edc8ff73718a5778"
x-amz-server-side-encryption
AES256
x-hw
1682819949.cds088.dc2.hn,1682819949.cds220.dc2.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=600
accept-ranges
bytes
content-length
52893
x-amz-id-2
HOWeWgpI8BxdIB6i3JPxvIc6CbK2N7EVMMYArEuIp/5ybVBYM894zEhShViIL/enoCfsCqSntNU=
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		115 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=67
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7200:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38affcb9e2732c13cefa1fdec4cc50517333bc8343b91d7f0b948701a73abc47

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 16:54:03 GMT
x-amz-version-id
02vMKh.90zhQyTQ8aHtjMIJQzHFWmoEd
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 17:23:59 GMT
server
AmazonS3
via
1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
etag
W/"9dd8a23bd5c9f839a39ecd0adf2bb256"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=84600
age
32707
x-amz-cf-id
TuYdM11PpA1xTSe0hjNP0VNeZCL7R8z2GfZvDXf7iNb1IBC_1jOhuw==
csw-polyfills.js
d2zqfs55y95cft.cloudfront.net/jspoll/5/
Redirect Chain
  • https://get.civicscience.com/jspoll/5/csw-polyfills.js?ver=1.1
  • https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js?ver=1.1
116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js?ver=1.1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Server
2600:9000:24eb:f600:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71e284986ca0528a2f3abdfaefac6d16e7874846dda0344cff1456c9804b643a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 14:09:11 GMT
content-encoding
gzip
via
1.1 336a36b0f05a8791fdf32df30f71a8f4.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 17:59:16 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
age
42600
etag
W/"57a173a87fbb4a6f167ffebd04fb854f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
CIDvPfLW9U2jksWuZYxW5d2R6TYbIKo5QxIxNhu6EKfuCbmn51JOOQ==

Redirect headers

location
https://d2zqfs55y95cft.cloudfront.net:443/jspoll/5/csw-polyfills.js?ver=1.1
date
Sun, 30 Apr 2023 01:59:09 GMT
server
awselb/2.0
content-length
110
content-type
text/html
pixel.js
www.newsnationnow.com/wp-content/plugins/civic-science/js/ 		495 B
544 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/plugins/civic-science/js/pixel.js?ver=1.1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cf912d98227ff449c83070ee7bbd7b84d7fc9115014fecad1af2e01e9134dc79

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 123 243 443
last-modified
Tue, 31 Jan 2023 16:37:10 GMT
server
nginx
etag
"63d943b6-1ef"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
495
bidder-timeout.js
www.newsnationnow.com/wp-content/plugins/nxst-ad-tech/js/ 		823 B
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/plugins/nxst-ad-tech/js/bidder-timeout.js?ver=1.0
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
58435af5c3b0b222e368654cc0bc35e39ddf345d4f7c132dfcb3172ad60e1521

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Tue, 31 Jan 2023 16:37:10 GMT
server
nginx
etag
W/"63d943b6-337"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
api-request.min.js
www.newsnationnow.com/wp-includes/js/ 		1023 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-includes/js/api-request.min.js?ver=6.1.1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1a234275545ba883616ac6b4151a0f06d9bb097146e806e40317a263bbf1c51e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Wed, 05 Apr 2023 21:46:37 GMT
server
nginx
etag
W/"642dec3d-3ff"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
common.chunk.min.js
www.newsnationnow.com/wp-content/themes/nexstar/client/build/js/ 		276 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/nexstar/client/build/js/common.chunk.min.js?ver=5783d2bb72d6180fd5ea
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3a9959f66246484c08b7cdf40440a1d37ded12364621d64c0d09437e371e865f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-44f9c"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
global.bundle.min.js
www.newsnationnow.com/wp-content/themes/nexstar/client/build/js/ 		120 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/nexstar/client/build/js/global.bundle.min.js?ver=ccda1185a13ba3f9a14e
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
47eda70daf2548adbe89b16897fea3a523c86e7d265f6f36e3da0f677814ff37

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-1deeb"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
global.bundle.min.js
www.newsnationnow.com/wp-content/themes/newsnation/client/build/js/ 		212 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/newsnation/client/build/js/global.bundle.min.js?ver=26cea94ab8a68172fa4f
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7fae4df872b9fc1175bcb8d8defdc10054ed5771ead7935e6b3fc66cbde6c3fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-35065"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
mediaelement-and-player.min.js
www.newsnationnow.com/wp-includes/js/mediaelement/ 		154 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Wed, 05 Apr 2023 21:46:37 GMT
server
nginx
etag
W/"642dec3d-26935"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
mediaelement-migrate.min.js
www.newsnationnow.com/wp-includes/js/mediaelement/ 		1 KB
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Wed, 05 Apr 2023 21:46:37 GMT
server
nginx
etag
W/"642dec3d-4a7"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
article.bundle.min.js
www.newsnationnow.com/wp-content/themes/newsnation/client/build/js/ 		1 KB
784 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/newsnation/client/build/js/article.bundle.min.js?ver=5602ddfa59f480735d89
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a51a0208e70b0a8757e94d496549ef4265a62d8daa89217bd9ba37715b1a486a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-5bd"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
article.bundle.min.js
www.newsnationnow.com/wp-content/themes/nexstar/client/build/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/nexstar/client/build/js/article.bundle.min.js?ver=5cd944ffe8163a66b4e8
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
09e6804cc9b13b3418be1a367c368545512c79179827dbc3a26b8bd3e40b5a14

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-234a"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
weatherIcons.bundle.min.js
www.newsnationnow.com/wp-content/themes/nexstar/client/build/js/ 		1 KB
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/nexstar/client/build/js/weatherIcons.bundle.min.js?ver=4c3bc3f4b02fcb175e51
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
51c5bcae037eb42870927ac507f108f8e590368731a18ff9dd36f4b64ab0e67d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-45c"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js?ver=1.0.0
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.32.118 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-32-118.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Sun, 30 Apr 2023 01:59:10 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116413
video-playlist.bundle.min.js
www.newsnationnow.com/wp-content/themes/nexstar/client/build/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/nexstar/client/build/js/video-playlist.bundle.min.js?ver=f4fc4d6e462717714edc
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
206b8b5741ec26fdb50523874fa975c69a20850a1976deba28003de4d789d63f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-48bf"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
weather.bundle.min.js
www.newsnationnow.com/wp-content/themes/nexstar/client/build/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/themes/nexstar/client/build/js/weather.bundle.min.js?ver=b9cb1c6b9b1beeb23eeb
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d8ccb4c5509e44f4c52aff345b90e9336171709398110793842e10ae63aae4b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 243 443
last-modified
Thu, 20 Apr 2023 14:48:34 GMT
server
nginx
etag
W/"644150c2-248e"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
live-now.js
www.newsnationnow.com/wp-content/plugins/lakana/inc/alert-banners/js/ 		2 KB
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-content/plugins/lakana/inc/alert-banners/js/live-now.js?ver=1.0.0
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
750f4c56e8b1f97a201446b3d94d6b3c5912dc5df8b06ec6f543de2270405f78

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-rq
yyz3 123 242 443
last-modified
Fri, 31 Mar 2023 15:40:55 GMT
server
nginx
etag
W/"6426ff07-64f"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
e-202317.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202317.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc
HIT yyz
date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
br
server
nginx
etag
W/"61beb1e6-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Fri, 19 Apr 2024 04:39:44 GMT
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@600;800&family=Fira+Sans:wght@800&family=Fira+Sans+Condensed:wght@400;600;800&display=swap
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/wp-content/themes/nexstar/client/build/css/global.min.css?ver=c0661c1a574767491305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c42b59c5f880c7295d213ae367e1849089a271e012b3cbe80d6bd5dc7b04f421
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 01:55:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Apr 2023 01:59:09 GMT
.js
dyv1bugovvq1g.cloudfront.net/67/www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/ 		243 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/67/www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/.js
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:9800:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
375ea80d6ad5f103926f3412f8537d952ab1c3ac78147d4be6e81861d4ed29cf

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
EWR53-P1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-max-age
3000
access-control-allow-methods
GET
access-control-allow-origin
https://www.newsnationnow.com
x-cache
Error from cloudfront
content-type
application/xml
access-control-allow-credentials
true
x-amz-cf-id
zDdDcvtH1l7exRFpn6qyLeBg6J2d4t9UmVkGdYpknyQOo0mZu_jeDg==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202304241206/ 		240 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202304241206/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/Y2Nn8JmiAY8HpnF4sl5n7J71jaI/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
369f20e17ce9308e9e488e6fdbdf3aa0e3c8c4705b903c23cd610e7c41eedd16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Apr 2023 16:10:41 GMT
server
cloudflare
x-amz-request-id
SG6G6CWYWHEBCJJT
age
464005
etag
W/"d1226925b093cc62c3879362099dc851"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7bfc2f0de9227154-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
kYL5hJEWQPo2GFpk7WrxvoQcmA7E9L0napE8GB32owz5r4Qpoe2O4Uh7DdBtpCuw88abPYkh97s=
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:3000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 11:15:05 GMT
content-encoding
gzip
via
1.1 d877346b368e974486e739220882b59e.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
53044
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
6QHnbpP7cK7rjeZHclLlRkQgxrrLkM9qrI4ZEBi8MY9Tkda6BDzFAQ==
expires
Sun, 30 Apr 2023 11:15:05 GMT
P41DFFBE3-BFE6-4E87-A645-785182813A6E.js
cdn-gl.imrworldwide.com/conf/ 		44 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/P41DFFBE3-BFE6-4E87-A645-785182813A6E.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2361:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b98764eaffdb3c3bf9c6bfa36f2f75f3d563aef7287e3c532a51d5403bb0ad0b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
GsULJKebXGIv.ZPFLDBtRmI76lVRPuvX
content-encoding
gzip
via
1.1 1fa2d9dd358abb3fb1c56fe78f725330.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 01:49:38 GMT
last-modified
Fri, 28 Apr 2023 09:16:18 GMT
server
AmazonS3
x-amz-cf-pop
LHR50-P2
age
573
x-amz-server-side-encryption
AES256
etag
W/"872b9decbcc5d8fcaa8e274d8db2d2bb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
YAibamotqAehQJnwLFqvOW2k3_9SNxcE0dP0b7y68Tsp8H821cTO2g==
nnlogo-new-blue.png
www.newsnationnow.com/wp-content/uploads/sites/108/2022/08/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2022/08/nnlogo-new-blue.png
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
306acf23526b8fd39a9efaf651ef11a1bc42d4fbdb7f729d63423cd29476ef7b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 80 86 443
last-modified
Thu, 20 Apr 2023 17:44:54 GMT
server
nginx
etag
"66d8f0a9692b0f4a"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11960
truncated
/ 		978 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55cde4226c6e9479f3df692b31b7d29e8b63bf206c8344c17e120addc3d41db2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		132 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f52ff46e74319dbf632e994096136dd4e2344d5ed2534ef0059733cebdb1bd1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c83ec0c1a66f4d7a6fa65a8a3aa8f61e4f97df5d932c3b5913e5f772c5cdaca

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@600;800&family=Fira+Sans:wght@800&family=Fira+Sans+Condensed:wght@400;600;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsnationnow.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 02:51:40 GMT
x-content-type-options
nosniff
age
83249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31052
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:27:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 02:51:40 GMT
pe0RMImSLYBIv1o4X1M8cce4OdVisMz5nZRqy6cmmmU3t2FQWEAEOvV9wNvrwlNstMKW3Y6K5WMwd-laLQ.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0RMImSLYBIv1o4X1M8cce4OdVisMz5nZRqy6cmmmU3t2FQWEAEOvV9wNvrwlNstMKW3Y6K5WMwd-laLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A500%2C600%2C700%7CNunito+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8e4df00bdad9ee1602ded3b28ca40610b3866740f0d70272ffaaf748dedf694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsnationnow.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 16:40:51 GMT
x-content-type-options
nosniff
age
206298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32972
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 01:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Apr 2024 16:40:51 GMT
NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3SCKr3i-oQ.woff2
fonts.gstatic.com/s/firasansextracondensed/v10/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasansextracondensed/v10/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3SCKr3i-oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A500%2C600%2C700%7CNunito+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d9969d56cafe0bcc63350313033ca15ab1acca206040bbfbbdf99e22a1ad2ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsnationnow.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 18:44:44 GMT
x-content-type-options
nosniff
age
26065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23712
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:06:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 18:44:44 GMT
NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3USLr3i-oQ.woff2
fonts.gstatic.com/s/firasansextracondensed/v10/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasansextracondensed/v10/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3USLr3i-oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A500%2C600%2C700%7CNunito+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f6eeb511e853211c742d1fa125b45ece32fe5711f407c5eb43613670082b3e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsnationnow.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 05:29:29 GMT
x-content-type-options
nosniff
age
73780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24064
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:01:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 05:29:29 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%3A400%2C400i%2C700%2C700i%7CRoboto+Condensed%3A400%2C700&display=swap&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsnationnow.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 16:01:20 GMT
x-content-type-options
nosniff
age
35869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 16:01:20 GMT
snapshot-15.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/snapshot-15.jpg?w=876&h=493&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d505d8cd9003b80d0d6ef362a6cfbbe43037a8db59498dc3b0e6a295663c40df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 87 131 443
last-modified
Sun, 30 Apr 2023 00:53:32 GMT
server
nginx
etag
"b16f958a0b949069"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
79368
GettyImages-134252386.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2022/03/ 		163 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2022/03/GettyImages-134252386.jpg?w=876&h=493&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0627b4895013873ffc9abf70336ba21b56b98718890b1ec6a6316a67fe1322e6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 80 86 443
last-modified
Sun, 30 Apr 2023 01:11:29 GMT
server
nginx
etag
"b0862b7364384e54"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
167304
Image-3_113.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/Image-3_113.jpg?w=876&h=493&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7401214718587ec11a24cf835b91cb2dcc7efdf9caf6ba923f3ea0f8250a89ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 87 131 443
last-modified
Sat, 29 Apr 2023 23:38:21 GMT
server
nginx
etag
"c400fdbdacccb629"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
32426
Willie-Nelson-e1682536228321.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/Willie-Nelson-e1682536228321.jpg?w=876&h=493&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ab5769dc69e2af9fe734c411643b7b1ce420618387a1dc3709b94da5989f036d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 86 167 443
last-modified
Sat, 29 Apr 2023 23:49:24 GMT
server
nginx
etag
"94bf3fa0253d5ec1"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
51286
PayingBillsGettyImages-1313653794.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/PayingBillsGettyImages-1313653794.jpg?w=876&h=493&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bcdb4c5bf501cc59ef0dca0a5f3172397ab95503650d7cbf30751426a1e29170

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 80 86 443
last-modified
Sat, 29 Apr 2023 22:35:01 GMT
server
nginx
etag
"385cbf6e5421fccb"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
61628
first-horizon-2.png
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		255 KB
255 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/first-horizon-2.png?w=876&h=493&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
59e002329b790ba722111c239742f13074edb0f988f42a5a0e78324ad24cfdcb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 86 45 443
last-modified
Sat, 29 Apr 2023 21:59:13 GMT
server
nginx
etag
"1ebdd62bd01e6aea"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
260818
Parrot.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/Parrot.jpg?w=876&h=493&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5632e97790c27eee160a056911015d031ce663fa3e8e868c303053ad25f787ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 80 130 443
last-modified
Sat, 29 Apr 2023 21:58:05 GMT
server
nginx
etag
"a75dbaffae85ed2e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
115224
GettyImages-1334276572.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/GettyImages-1334276572.jpg?w=876&h=493&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
44b859a45e736bd2764feab34ffd5299fe75298936d737e50458d1c46bebfc27

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 86 167 443
last-modified
Sat, 29 Apr 2023 16:17:40 GMT
server
nginx
etag
"32643c73e7a50297"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
110564
F472A7251C1844FC34CEDC1AF4831AEA.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/F472A7251C1844FC34CEDC1AF4831AEA.jpg?w=876&h=493&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
61c2b07928322897f38ba66e15bb2c766694e89b20deae6809f8c96422584845

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 80 86 443
last-modified
Sat, 29 Apr 2023 06:02:20 GMT
server
nginx
etag
"23d218ab581591c4"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
71622
GettyImages-1338456783.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/GettyImages-1338456783.jpg?w=100&h=100&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8aaeb91503b21289515d596ac2ae6d81f2e3781a09923d8f757000bb9b182ba9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 87 203 443
last-modified
Fri, 28 Apr 2023 23:24:57 GMT
server
nginx
etag
"bc78914bb5eaf50e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4324
Ron-Vitiello.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/Ron-Vitiello.jpg?w=100&h=100&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4aa4e9d5c44180f36fe72491b77f51bd82bbc082b71ca50b9309bafc7571dd6a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 80 130 443
last-modified
Fri, 28 Apr 2023 23:24:57 GMT
server
nginx
etag
"8762787c514e86c4"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2348
GettyImages-1247410202.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/03/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/03/GettyImages-1247410202.jpg?w=100&h=100&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e647a88fe0e1ff79a24b9649735f35995b95c89ad7eef843c02eb6012b5f9255

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 80 86 443
last-modified
Fri, 28 Apr 2023 23:24:57 GMT
server
nginx
etag
"178442f54c9511c1"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1470
AP22196458638703.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2022/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2022/07/AP22196458638703.jpg?w=100&h=100&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
21a491fefef220d25eeb0bccdb6574f5068db07dd5f58a788fe814b2fbab65d1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 80 86 443
last-modified
Fri, 28 Apr 2023 22:20:31 GMT
server
nginx
etag
"88b768af23918c13"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4514
6449ade0b52fb3.97354573.jpeg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/6449ade0b52fb3.97354573.jpeg?w=100&h=100&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cb21de6c4321894e2e14836ee2fee94b0bd14b8a25e5411b8690ced493261c71

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 87 203 443
last-modified
Fri, 28 Apr 2023 22:20:31 GMT
server
nginx
etag
"6adeefc37930623f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6792
AP23041136217981-1.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/AP23041136217981-1.jpg?w=100&h=100&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
47cacb4ad89583e1e997ad3cac6e019b30d4b09889a057acbd7d1c9a2669a7d0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 86 215 443
last-modified
Fri, 28 Apr 2023 22:20:31 GMT
server
nginx
etag
"06abd58aca2dc47c"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6048
snapshot-45.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/snapshot-45.jpg?w=100&h=100&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
39a0ef12d6ee7fc5f0348cc70dcc70e6763e003fb9b8d681762234367643c0a1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 91 52 443
last-modified
Fri, 28 Apr 2023 22:20:31 GMT
server
nginx
etag
"d7d7b85c632368fc"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5054
GettyImages-1341762776.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/03/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/03/GettyImages-1341762776.jpg?w=100&h=100&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1dae54a048baca0eb3c12a246582dd2a509a3feb0cb721c3116e26688f175f10

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 80 130 443
last-modified
Fri, 28 Apr 2023 22:20:31 GMT
server
nginx
etag
"883862fd5e485620"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8242
Mulvaney-1.png
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/Mulvaney-1.png?w=100&h=100&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6f3b25719ac4571720eaf7eb80a0e81641bf6665b20693e6eea7785744098b12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 80 130 443
last-modified
Fri, 28 Apr 2023 23:00:45 GMT
server
nginx
etag
"29b8e67e7922ab9d"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12874
MicrosoftTeams-image-41.png
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/MicrosoftTeams-image-41.png?w=100&h=100&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4591a61a65deec7ba99f2a84b040d27661065366adb21e72c01485f9ab0b74be

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 86 215 443
last-modified
Sat, 29 Apr 2023 05:22:07 GMT
server
nginx
etag
"f33f8adcd0eba55f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15318
GettyImages-168997843.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/GettyImages-168997843.jpg?w=100&h=100&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
09f5c1f9026d51570174da6ec90024f7dfa382a455837f5571a2fc6004cdee93

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 86 167 443
last-modified
Fri, 28 Apr 2023 19:14:08 GMT
server
nginx
etag
"6126c69ae0caee3f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4494
bedbathbeyond.jpg
www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/04/bedbathbeyond.jpg?w=100&h=100&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
511af1ff25fca541b146b93f62bfb32b7836fb9410355a29152407fccbdcb261

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
x-rq
yyz3 80 130 443
last-modified
Fri, 28 Apr 2023 17:47:01 GMT
server
nginx
etag
"528626c1b928b9fb"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5326
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1029
etag
W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7bfc2f1009353400-YUL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 03 May 2023 01:59:10 GMT
553
blue.newsnationnow.com/DG/DEFAULT/rest/rpc/ 		68 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.newsnationnow.com/DG/DEFAULT/rest/rpc/553?referer=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-04-30T01%3A59%3A10%2B00%3A00&ts=1682819950081
Requested by
Host: blue.newsnationnow.com
URL: https://blue.newsnationnow.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
- /
Resource Hash
faee024c3f32dd31addcb6821c09b707c70bcf78dfce4e5bf7540e4cf6800bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
8922
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsnationnow.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
n1ZDDXlFKDFh4v8h5FjAaEVm0XV7nzYuh7V7-CkoQTlY0iNVi56ncw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
geo.privacymanager.io/ 		30 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-52.ewr53.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

Accept
application/json
Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 29 Apr 2023 08:17:30 GMT
via
1.1 4eed67f4be7da2537d3407735b8962a8.cloudfront.net (CloudFront), 1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4, EWR53-P1
age
63700
x-amzn-requestid
e56cd0d6-06e1-448d-9296-725718ea44c8
x-amzn-trace-id
Root=1-644cd29a-35f6fa06697e198b3d57b527;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
EIXYKFDgjoEFs4A=
content-length
30
x-amz-cf-id
hLkqCwEdibjeTFlIBOeMNcDSFHlF2z-7xo78--pEsFKDuQrD5_eyxw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-52.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.newsnationnow.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 30 Apr 2023 01:59:10 GMT
via
1.1 70641f5df56ba9a18ec1e10fa85bf5ee.cloudfront.net (CloudFront), 1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
x-amz-apigw-id
EKy5REzADoEF8EQ=
x-amz-cf-id
Zii7Dw4LrTK5822PKDkMsfZF6I0Sy6Z8aBFjKGsrfqn31Fxe9rkvpA==
x-amz-cf-pop
EWR52-C4 EWR53-P1
x-amzn-requestid
47fd840b-c629-4521-9884-bb0848982d44
x-cache
Miss from cloudfront
px.gif
ad-delivery.net/ 		43 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1000773
x-guploader-uploadid
ADPycduIobsihfDpavy2TVhGGvICZHi2PC7BxMVfVSnw0NpPxVDQUJ5qgfStG0SsKCOk76H3wB3d7udofk4PprqHewehKQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwsE2fAWfrCStcIqeJ8NLSzLvSFq7085q0tyvf9%2F9929ppuJtmwx0ZhNAUgkaEmvp3OkBSNqIKE8ttrnSDeL14bGEnM191E0dWZpZZg23DppI0CBBM07XX7kMYl4ZIxao8tQ3N2zJqVup3H5tA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7bfc2f109e420f59-EWR
expires
Tue, 18 Apr 2023 12:59:37 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:33:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55544
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Apr 2023 10:33:26 GMT
px.gif
ad-delivery.net/ 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.5335314857338147
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1000773
x-guploader-uploadid
ADPycduIobsihfDpavy2TVhGGvICZHi2PC7BxMVfVSnw0NpPxVDQUJ5qgfStG0SsKCOk76H3wB3d7udofk4PprqHewehKQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nniLlsmfFJazs0%2Fnwtw%2FzFYcZivklrVGxMkzvfKkG00sCqaxUkckz7U9OzVpjFkaOequ4WgHVDTcwkmpwXZSxWZgjYlymVVoYu5Mx%2FrzQKP%2B7NE9WuKKlp%2FZpnQKuoVI2BnO%2FFG2P3loTOLpg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7bfc2f109e450f59-EWR
expires
Tue, 18 Apr 2023 12:59:37 GMT
en.json
cdn.cookielaw.org/consent/fd137de5-c96c-424c-afa7-f92a90556e38/0d75eee7-7bc6-4acb-8cb3-f25b8f435ce3/ 		318 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fd137de5-c96c-424c-afa7-f92a90556e38/0d75eee7-7bc6-4acb-8cb3-f25b8f435ce3/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955faf32414b23d503636e33f7998c3870d6e988b61b7b14ae20d7c9cc25257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Y8QUjyNJ+ljEjrrZbn1m3w==
age
12714
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
44527
x-ms-lease-status
unlocked
last-modified
Fri, 14 Apr 2023 21:21:24 GMT
server
cloudflare
etag
0x8DB3D2E338875DC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2508fd1f-b01e-0029-0417-6faea4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7bfc2f103c307156-YUL
expires
Mon, 01 May 2023 01:59:10 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		319 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3410&u=https%3A%2F%2Fwww.newsnationnow.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
9bad75da6387119536f2243353d77f2a2c27e722599902651aadae94794bb233

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:43:29 GMT
via
1.1 313dd6f62ed18c58ce60182660a6ec46.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
11740
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsnationnow.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
319
x-amz-cf-id
R2yeOmeHBJ9XXEgWnUwPuFIOBwciqZMMflf49rLfkxDdROTY0PVcwA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 23:47:13 GMT
x-amz-version-id
ZtsI5FMPcYjgnUSe6fFwOoK3szNfqbqS
content-encoding
gzip
via
1.1 8ef35b07fe667674a2922c9d83a75c52.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
7918
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Apr 2023 23:46:51 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
wU4wu1YKpaZD6qOVOaZYO8Tstt7YmB9thr3-JdDqRt7Wm5fmdfvBjg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
14089
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126109
x-xss-protection
0
server
cafe
etag
6695821980177688499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 28 Apr 2024 22:04:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		111 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.newsnationnow.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bf19f91bc2cf8c9c116c433d71fb6530a0ad7b376843920ea7155e0595c706f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Sun, 30 Apr 2023 01:59:10 GMT
/
www.newsnationnow.com/wp-json/lakana/v1/template-variables/ 		324 KB
35 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-json/lakana/v1/template-variables/
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/wp-content/themes/nexstar/client/build/js/common.chunk.min.js?ver=5783d2bb72d6180fd5ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dcbaf94d8e603835cf8515970921a80fedc7f8f2d1c6081881226cdcff68c547
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143
x-cache
graced
content-length
34896
x-rq
yyz3 123 242 443
server
nginx
allow
GET
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
api-call-time-millis
774
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=120
accept-ranges
bytes
x-robots-tag
noindex
link
<https://www.newsnationnow.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		244 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=newsnationnow.com&domain=newsnationnow.com&path=%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2500de77e010f915c511336c5ab24efdea12aeeb430d1fc514411523cf1fe79e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
176
x-served-by
cache-yyz4554-YYZ
x-timer
S1682819950.349651,VS0,VE25
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Fri, 28 Apr 2023 01:59:10 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-98.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 00:49:22 GMT
content-encoding
gzip
via
1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5773
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
gYua8d41MVmCDLnIvT3GAIZl0bFq4bq4bz-8icPaW5Lx1zRyQCRBpQ==
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJJZHXD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.5.44 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-5-44.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
Y3TCJGXZC61VNF0X
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
I+JSAqg75KrhoyE0YsE4hpmlZmXlLUOQYprIFanZMnfv3DGJ9XWy6IW3VH6kpRTzc7nfX8rkojM=
18818452530738c00b7ce342c96bc566
blue.newsnationnow.com/plugin/plugin/ 		131 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.newsnationnow.com/plugin/plugin/18818452530738c00b7ce342c96bc566
Requested by
Host: blue.newsnationnow.com
URL: https://blue.newsnationnow.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
- /
Resource Hash
44643aa84099c58129ed861d4f2ab5369a5f6dda0a7b8213d760f851de1978e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 17:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C2
age
202034
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
30959
x-xss-protection
1; mode=block
last-modified
Wed, 26 Apr 2023 17:51:56 GMT
server
-
etag
18818452530738c00b7ce342c96bc566
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
i8NbVttGt3_8ygRJbO2SnfO4U9bWWRUVEaHEpja0tZeFhLSct47CYg==
expires
Fri, 26 Apr 2024 17:51:56 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.245.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-245-73.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 01:59:10 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.245.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-245-73.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.newsnationnow.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 30 Apr 2023 01:59:10 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5189853027762176&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=yjQkTWkn03&w=4728156257255424&o=5189853027762176&cv=2.1.11-3-gabc8642&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&sid=srfUpRRDx&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5189853027762176&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 01:59:10 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
web
onesignal.com/api/v1/sync/30afd3d5-0b2f-4a24-b61f-551fbcd74579/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/30afd3d5-0b2f-4a24-b61f-551fbcd74579/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48da39245c2d34e4ea250f13607bdc727c0bb129e7804df7a154f0c79a2d53ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
2317
cf-polished
origSize=5484
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ab691a4a-7b19-423f-a86c-9ed8ad94f411
x-runtime
0.023454
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"73f6459f215fd055b2471815780f7aa8"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7bfc2f12cd7f3400-YUL
access-control-allow-headers
SDK-Version
expires
Sun, 30 Apr 2023 02:59:10 GMT
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		199 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P41DFFBE3-BFE6-4E87-A645-785182813A6E.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2361:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4727cf9cbdf4d3bd177c30cfd0ac711122aa967559147ca5d00356a25276007

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
LpychBk8TTXFyjoAKWVTMyNzEZ_dWH4s
content-encoding
gzip
via
1.1 1fa2d9dd358abb3fb1c56fe78f725330.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 00:59:21 GMT
x-amz-cf-pop
LHR50-P2
age
3590
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 19 Apr 2023 14:37:17 GMT
server
AmazonS3
etag
W/"ad16fca62498be2f4932a7fb978328f8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
7iXA4xq_qM8T0HfkET5IpgaRAHZMnKT0YbYm8aOFCOYHz66BXdkHNQ==
jot
www.civicscience.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/jot?j=587156601.784205582&n=0&s=poll&t=created&d=%7B%22target%22%3A%2282d19ca8-4f30-60f4-2562-28d5394c0c93%22%2C%22instance%22%3A%22civsci-id-233280733%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A243%2C%22cy%22%3A1299%7D
Requested by
Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js?ver=1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.40.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-40-122.compute-1.amazonaws.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
last-modified
Fri, 30 Aug 2019 14:44:32 GMT
server
Apache/2.4.39 (Amazon)
accept-ranges
bytes
etag
"0-59156a8fe3400"
content-length
0
content-type
text/plain; charset=UTF-8
bootstrap
www.civicscience.com/widget/api/2/ 		311 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/widget/api/2/bootstrap?target=82d19ca8-4f30-60f4-2562-28d5394c0c93&instance=civsci-id-233280733&context=%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds&mv=5&_=1682819950521&callback=jsonp_1682819950522_77472
Requested by
Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js?ver=1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.149.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-149-236.compute-1.amazonaws.com
Software
Apache/2.4.56 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
2ca48d5a00e55f8e173d945d8fa4e5ef185d1e1eb979712a292eae9585815790

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
gzip
server
Apache/2.4.56 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
bid
aax.amazon-adsystem.com/e/dtb/ 		238 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3410&u=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&pid=UTf85Rg4UHB2F&cb=0&ws=1600x1200&v=23.426.459&t=2000&slots=%5B%7B%22sd%22%3A%22acm-ad-tag-billboard1-billboard1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.newsnation%2Fbillboard1%22%7D%2C%7B%22sd%22%3A%22acm-ad-tag-leader_mr1-leader_mr1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.newsnation%2Fleader_mr1%22%7D%2C%7B%22sd%22%3A%22acm-ad-tag-leaderboard1-leaderboard1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.newsnation%2Fleaderboard1%22%7D%2C%7B%22sd%22%3A%22acm-ad-tag-leaderboard3-leaderboard3%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.newsnation%2Fleaderboard3%22%7D%2C%7B%22sd%22%3A%22acm-ad-tag-exit-exit%22%2C%22s%22%3A%5B%222x2%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.newsnation%2Fexit%22%7D%2C%7B%22sd%22%3A%22acm-ad-tag-adhesion-adhesion%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.newsnation%2Fadhesion%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.109.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-109-55.yul62.r.cloudfront.net
Software
Server /
Resource Hash
c97ab630ffe8b75aa418f674d3b2be23cc687a03b90c2bd71e5069974b6276a0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9d44e85808045d940d36e8cfb772edae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C2
x-amz-rid
GCFDRRKN01RNCPKHWRWA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.newsnationnow.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
238
x-amz-cf-id
mOShCwkb_dtQ_zkZWXjoAYazeMIsBD6-IdxbtuRA5peIumtFpSNURw==
otFlat.json
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JuDKxv1jf1Hw0JXasvCaSg==
age
52634
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 16 Dec 2022 04:11:35 GMT
server
cloudflare
etag
0x8DADF1B9F221620
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6222596f-501e-004e-59e1-5a1d03000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7bfc2f1379267156-YUL
otPcTab.json
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67e40afea590dbd487bf12f6ceaa5c16e606cbec9268c64b69a371d5fb3cc09b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
cWUYtlJNLE0cQ+nS16W3mQ==
age
52634
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13271
x-ms-lease-status
unlocked
last-modified
Fri, 16 Dec 2022 04:11:38 GMT
server
cloudflare
etag
0x8DADF1BA0C0E16F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
2ded576d-b01e-012d-4de1-5a1d73000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7bfc2f13892b7156-YUL
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 30 Apr 2023 01:59:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
oQsmwuIlJWH4cKDxpI1ltA==
age
52634
x-ms-lease-status
unlocked
last-modified
Fri, 16 Dec 2022 04:11:48 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
522c86a1-a01e-015f-18e1-5a6c4d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7bfc2f13892d7156-YUL
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D67%26bt%3Dnull
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=67
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.239.232.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-239-232-254.compute-1.amazonaws.com
Software
/
Resource Hash
f6e7cf0ebadee44e5d50a9405a59903f5c4cae0f621af11deea85c1e8d140c6e

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Sun, 30 Apr 2023 01:59:10 GMT
x-amzn-RequestId
ee528410-1112-519e-a45f-d8d7dcbc4cd5
Content-Length
378
Content-Type
text/xml
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62
8096267
date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
23B28664DCEA9EF7
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=30870
accept-ranges
bytes
content-length
948
x-amz-id-2
AySDnc4uRjW9Th6WvSZfrFG03ojfW1Xc9SiULhzo6VNG69N0xYQoufNtgaRAnzXIDkZKs4hiwts=
/
www.newsnationnow.com/wp-json/lakana/v1/template-variables/ 		324 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsnationnow.com/wp-json/lakana/v1/template-variables/
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/wp-content/plugins/lakana/inc/alert-banners/js/live-now.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dcbaf94d8e603835cf8515970921a80fedc7f8f2d1c6081881226cdcff68c547
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143
x-cache
graced
content-length
34896
x-rq
yyz3 123 242 443
server
nginx
allow
GET
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
api-call-time-millis
774
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=120
accept-ranges
bytes
x-robots-tag
noindex
link
<https://www.newsnationnow.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.newsnationnow.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.newsnationnow.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 30 Apr 2023 01:59:11 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.newsnationnow.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.newsnationnow.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 30 Apr 2023 01:59:11 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.newsnationnow.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.newsnationnow.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 30 Apr 2023 01:59:11 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.newsnationnow.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.newsnationnow.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 30 Apr 2023 01:59:11 GMT
server
ATS/9.1.10.25
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=726939
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb69f24a301e10b4fcf3b0d8b418c20ef5591263331e712b5d74153c85d3e653

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuPuTx5BXtD4myJKNGaSi%2BiBy7G5w2J0DegQuvJZe%2BTmkiST4lWHlwr6tdYIxXpXu4%2FUe4vEWw1yL955vtWtUyxGGgfCOb52s19Q4P6s%2BwlZkHmcEXkBGERO7KpqT1%2BbSP8HVAmv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.newsnationnow.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7bfc2f144906a1f0-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		454 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10043&site_id=387222&zone_id=2157972&size_id=2&us_privacy=1---&rf=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&kw=%23author%23&tg_i.page=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&tg_i.domain=newsnationnow.com&tg_i.d_code=-1&tg_i.pbadslot=%2F5678%2Fnx.newsnation%2Fbillboard1&tk_flint=pbjs_lite_v7.32.0&x_source.tid=9b480578-1d85-435a-b1ed-861461e4c356&l_pb_bid_id=7e3dbc532c20ad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5678%2Fnx.newsnation%2Fbillboard1&slots=1&rand=0.000032633499550849265
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
aec8c3130e52b9dadd8ce7e9695e5eb4461bedcecadae5f4274fa27dd69bb814

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:11 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.newsnationnow.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		454 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10043&site_id=387222&zone_id=2157980&size_id=2&us_privacy=1---&rf=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&kw=%23author%23&tg_i.page=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&tg_i.domain=newsnationnow.com&tg_i.d_code=-1&tg_i.pbadslot=%2F5678%2Fnx.newsnation%2Fleader_mr1&tk_flint=pbjs_lite_v7.32.0&x_source.tid=c293ff64-6e9e-40cf-8e50-272428b6274d&l_pb_bid_id=81c72e9758983c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5678%2Fnx.newsnation%2Fleader_mr1&slots=1&rand=0.7805123658096758
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8cba48093624538b3efeecdd7cdcb2b6d6d3ae04aae0323da97b4a2a722460a3

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.newsnationnow.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		456 B
1022 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10043&site_id=387222&zone_id=2248802&size_id=2&us_privacy=1---&rf=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&kw=%23author%23&tg_i.page=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&tg_i.domain=newsnationnow.com&tg_i.d_code=-1&tg_i.pbadslot=%2F5678%2Fnx.newsnation%2Fleaderboard3&tk_flint=pbjs_lite_v7.32.0&x_source.tid=9c297cc0-afd2-4e8f-a44a-09d0dedd38f0&l_pb_bid_id=97a556f0bf8793&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5678%2Fnx.newsnation%2Fleaderboard3&slots=1&rand=0.04530093648145139
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ee037acd115322446bf9e58d29e715113b8d1060741d9053d698e73020e9de90

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.newsnationnow.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
456
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		452 B
787 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10043&site_id=387222&zone_id=2157992&size_id=2&us_privacy=1---&rf=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&kw=%23author%23&tg_i.page=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&tg_i.domain=newsnationnow.com&tg_i.d_code=-1&tg_i.pbadslot=%2F5678%2Fnx.newsnation%2Fadhesion&tk_flint=pbjs_lite_v7.32.0&x_source.tid=4a5df6e1-0feb-43e7-9624-c3ace5994a86&l_pb_bid_id=10f638b9203e18a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5678%2Fnx.newsnation%2Fadhesion&slots=1&rand=0.02229187353068096
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
41c06dd5ad983637db66959281e8e6266ae406377923a25ef7999d481cf828d6

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.newsnationnow.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
452
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:10 GMT
AN-X-Request-Uuid
b8e5bd9e-fc17-4e87-b25f-c30e356f7140
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.newsnationnow.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
abeae890ad5d00f2b15a0417ea29e3c824bd73fb86f4aed1cb0fad7cb92bf7a4

Request headers

Referer
https://www.newsnationnow.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.newsnationnow.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ddf124a9486c416e3061f41c736c28e0c2697facf0d12d9f7cd50d7b85162cb3

Request headers

Referer
https://www.newsnationnow.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.newsnationnow.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
81299638bf270af49c87e6d9ceb4a8ef7a282ab326c5ac52e8a311c88dcd115a

Request headers

Referer
https://www.newsnationnow.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.newsnationnow.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
403d607a5ce6a9f34c9717b37a7bc25270175a9afbae017c865c81b3ba160655

Request headers

Referer
https://www.newsnationnow.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.newsnationnow.com
access-control-allow-credentials
true
content-length
82
prebid
ads.yieldmo.com/exchange/ 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.32.0&p=%5B%7B%22placement_id%22%3A%22acm-ad-tag-adhesion-adhesion%22%2C%22callback_id%22%3A%22224af580520cacf%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223092361386538246755%22%2C%22gpid%22%3A%22%2F5678%2Fnx.newsnation%2Fadhesion%22%2C%22tid%22%3A%224a5df6e1-0feb-43e7-9624-c3ace5994a86%22%2C%22auctionId%22%3A%22d8f48c60-3817-4a34-956f-e0ac01e65dd2%22%7D%5D&page_url=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&bust=1682819950725&dnt=false&description=Microsoft%20said%20it%20detected%2C%20isolated%20and%20removed%20a%20malicious%20version%20of%20software%20from%20SolarWinds%20inside%20the%20company%20but%20that%20its%20investigation%20so%20far%20showed%20no%20evidence%20hackers%20had%20used%20Microsoft%20systems%20to%20attack%20customers%20or%20anyone%20else.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=1---&pr=&scrd=1&title=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20%7C%20NewsNation&w=1600&h=1200
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.39.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsnationnow.com
pragma
no-cache
date
Sun, 30 Apr 2023 01:59:10 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
imp
g2.gumgum.com/hbid/ 		910 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1682819950726&to=0&aun=acm-ad-tag-adhesion-adhesion&gpid=%2F5678%2Fnx.newsnation%2Fadhesion&t=tndb0thd&pi=2&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.32.0%22%7D&ogu=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&ns=10240
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.20.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-20-74.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c557e2347bc0b5062708434c04c4ce2e1ed2afc7180353dc614d1b9d52d1a5bd

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsnationnow.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
auction
tlx.3lift.com/header/ 		19 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.32.0&referrer=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&tmax=2000&us_privacy=1---
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.62.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-62-126.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:10 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
x-auction-status
12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsnationnow.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		18 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.32.0&cb=20126989374&lsavail=0
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 01:59:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsnationnow.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036439&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682819950752&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breach...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036439&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682819950752&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breac...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036439&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682819950752&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&c8=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20%7C%20NewsNation&c9=
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Server
18.164.116.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-98.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
via
1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P6
x-amz-cf-id
PXHspgvrLRrXteRWsORBq3NbGU0FpDBL0m8VlqitSyPTfJnE6YB0vw==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 30 Apr 2023 01:59:10 GMT
via
1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6036439&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682819950752&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&c8=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20%7C%20NewsNation&c9=
content-length
0
x-amz-cf-id
uN2SGVfhFlvWMXMHqX4GAaBl_VlG7H7vmiKlsD95vl2GJsG2cpdceQ==
fpc
at.teads.tv/ 		56 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_21595&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=1---&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.216.151.62 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-151-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9063ce5b2bf869e259c3341c247f67af6124b6911f189ea1110dc3b8777f3e19

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:10 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.newsnationnow.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
56
Expires
Sun, 30 Apr 2023 01:59:10 GMT
31b9b552-f32e-4036-8364-726eb992b71d
analyticssystems.net/api/v2/client/impression/ 		0
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/client/impression/31b9b552-f32e-4036-8364-726eb992b71d?rand=369062
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57TbBi4qXvmhvRjYDd1TSdMNJXpchgcOiycx8sHUa%2FAKuGQ7BycJcy75HO0u3Dd3x%2Fn6LhK%2FS1T12u%2BzuR8c5%2Bc%2Bxfk3vkM2O6lRkaP0Q3lWZjUlehqFvitsDZqLDUjiRnD7ZlNvTKXAf7%2BiRxvzhFr%2Fug%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
7bfc2f152f9418ea-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
F1qT1FQIGCRh8IYrq9bx
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: segment.psg.nexstardigital.net
URL: https://segment.psg.nexstardigital.net/segment.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d34561adc300594eaa4aedc0f5b7438a72365aef2f51ea03aae9ac0888a26c17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47138
x-xss-protection
0
server
cafe
etag
9852916923286475239
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 01:59:10 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/ombTFgzuMyzShBegBMRNK25zHRqm1YzP/ 		366 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/ombTFgzuMyzShBegBMRNK25zHRqm1YzP/analytics.min.js
Requested by
Host: segment.psg.nexstardigital.net
URL: https://segment.psg.nexstardigital.net/segment.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7502890a8592622e5de8c40e5d1d6c0556aa088949970f004f4d57aa5e4963bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
nYskzAXrId4kVRlg.6_dFAsdVwkmQkHa
content-encoding
br
via
1.1 d9d5880faa1278f1716f3a60dd93de56.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 01:59:03 GMT
x-amz-cf-pop
JFK51-C1
age
14
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 18 Apr 2023 16:00:57 GMT
server
AmazonS3
etag
W/"b3bc43b91c011c453806f52702ea57c0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
qNn3DWqIjtr57ZnYvaBdqwBKt9q9fgVeBZYyNO7Vl3DUbq4hnoG2kA==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		222 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:25:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=80795
accept-ranges
bytes
content-length
68444
expires
Mon, 01 May 2023 00:25:45 GMT
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A11.4&blog=175891489&post=1548892&tz=-5&srv=www.newsnationnow.com&hp=vip&host=www.newsnationnow.com&ref=&fcp=1560&rand=0.9182360188870455
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 01:59:10 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
3
www.civicscience.com/idsync/ 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.civicscience.com/idsync/3?p=nxs1&uid=669f3ecf-419f-4d5c-b8a9-74b6e95ee552-1682819949373
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.149.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-149-236.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
server
nginx/1.14.2
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5b7190c0239b8829/ 		1 KB
708 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5b7190c0239b8829/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.32.118 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-32-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ffe8d407737eb90e9dcba6d5ecd4ae359e4dfea8d79254943c3d059258b9c1f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
content-encoding
gzip
etag
890303311--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=9, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
533
300lo.json
m.addthis.com/live/red_lojson/ 		100 B
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=644dcb6ec8ebbba1&bkl=0&bl=1&pdt=1122&sid=644dcb6ec8ebbba1&pub=ra-5b7190c0239b8829&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.newsnationnow.com&fp=business%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=%23author%23&colc=1682819950886&jsl=131073&uvs=644dcb6ed7a2f2b2000&skipb=1&callback=addthis.cbs.jsonp__5862269657453680
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.32.118 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-32-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
47bff7678b8a6ef6bc620848913de463febf3167180dd24d6268caf14ad4304c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
pragma
no-cache
date
Sun, 30 Apr 2023 01:59:11 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
100
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 473C 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame D29B 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.32.118 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-32-118.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.newsnationnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Sun, 30 Apr 2023 01:59:10 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
NN_Prime_NZ_ART_1920x1080-1-1.png
www.newsnationnow.com/wp-content/uploads/sites/108/2023/01/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsnationnow.com/wp-content/uploads/sites/108/2023/01/NN_Prime_NZ_ART_1920x1080-1-1.png?w=320&h=180&crop=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e39a315f56326a99d7d8c9fed31d0ff876ffdb13e0bcb4e7bccba92160a84468

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
x-rq
yyz3 80 86 443
last-modified
Sat, 29 Apr 2023 23:01:41 GMT
server
nginx
etag
"b160f63400cafd5b"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
50010
657aad6a78d52a2925fe0ace4f36c7b9
blue.newsnationnow.com/plugin/library/ 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.newsnationnow.com/plugin/library/657aad6a78d52a2925fe0ace4f36c7b9
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
- /
Resource Hash
7b4d1ef03a0c8d0dc4f1c5839e721c20e6df96016ff4b3fed1360f3e6b02dd2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 15:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C2
age
2112114
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
98595
x-xss-protection
1; mode=block
last-modified
Tue, 04 Apr 2023 15:17:16 GMT
server
-
etag
657aad6a78d52a2925fe0ace4f36c7b9
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
uagVGBNQezUUMHGVpa_ZjOBSg6dj7Ydime1uGx3_lGaxo7bVTR_xlg==
expires
Thu, 04 Apr 2024 15:17:16 GMT
LB-Zone-1
blue.newsnationnow.com/DG/DEFAULT/rest/rpc/553/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.newsnationnow.com/DG/DEFAULT/rest/rpc/553/LB-Zone-1?referer=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&bcsessionid=&bctempid=9ce8fb87-f026-4bee-9d3a-6a128a188166&overruleReferrer=&time=2023-04-30T01%3A59%3A10%2B00%3A00&ts=1682819950950
Requested by
Host: blue.newsnationnow.com
URL: https://blue.newsnationnow.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
- /
Resource Hash
18d8cff2dec0fe59ecb30b0af74f19915b78b5c50d0d615fa06969e0f32581c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1114
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsnationnow.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
6qyoNrmANXzh_bFZPVlE-fNDhFuwRbg2Q2Hd1VinJGlNPOsPQk5g-g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
endsync
cm.lotlinx.com/live/141000/
Redirect Chain
  • https://cm2.lotlinx.com/live/141000/sync?hms
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=lemonfree&google_hm=NGQ4ZTcwZGM5NzA2MDQwZDA4YzgxMjVk&google_ula=500446778&google_redir=https%3A%2F%2Fcm.lotlinx.com%2Flive%2F141000%2Fendsync
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=lemonfree&google_hm=NGQ4ZTcwZGM5NzA2MDQwZDA4YzgxMjVk&google_ula=500446778&google_redir=https%3A%2F%2Fcm.lotlinx.com%2Flive%2F141000%2Fendsyn...
  • https://cm.lotlinx.com/live/141000/endsync?google_ula=500446778,0
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lotlinx.com/live/141000/endsync?google_ula=500446778,0
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Server
107.20.18.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-18-23.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.lotlinx.com/live/141000/endsync?google_ula=500446778,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
262
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=newsnationnow.com&p=%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&u=zOUCrCRGK4JDIPQ3c&d=newsnationnow.com&g=23192&g0=Tech&g1=Haley%20Townsend&g4=article&n=1&f=00001&c=0&x=0&m=0&y=4658&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&b=2604&t=CfJfV8Bk0WFlCzZeD-Cdv9yMDS_b6u&V=139&i=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20%7C%20NewsNation&tz=0&sn=1&sv=Bt-aCmBuqbGzB-94oKC4xNy-CDTQOv&sd=1&im=067b0fff&_
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.77.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-77-103.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 01:59:11 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 43AD 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2361:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.newsnationnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3465
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 01:01:27 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 19 Apr 2023 14:37:17 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1fa2d9dd358abb3fb1c56fe78f725330.cloudfront.net (CloudFront)
x-amz-cf-id
VvkWjJY0OetftsGWL0p6I8X4yOAbPCckYSq3sh2QqMCk16OgTFPoSw==
x-amz-cf-pop
LHR50-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
DH5llSMKVQij6MpPWD3P85h8LBVxxZob
x-cache
Hit from cloudfront
iu3
s.amazon-adsystem.com/ Frame 9D5E
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&dcc=t
367 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&dcc=t
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5308afda29eed78e3551c62f31baa62522be00b6ca0d6b5dfa437a8c700ebb59
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.newsnationnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
367
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
D8JZERFXRQ0D8YJH7PP0

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3YVV8659Q03JSEFCN3HB
nexstarMG_logo.png
cdn.cookielaw.org/logos/60ba8bee-28bd-45b9-bfaf-0bc25767ba53/0ac87efb-2e61-4c6a-adb8-c3c201bbcf92/be3863dd-e753-4963-bcc1-0113e4f85d60/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/60ba8bee-28bd-45b9-bfaf-0bc25767ba53/0ac87efb-2e61-4c6a-adb8-c3c201bbcf92/be3863dd-e753-4963-bcc1-0113e4f85d60/nexstarMG_logo.png
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d37f3708268f1179d38dea04c1fdff2743856af859e98ed7d356f00027fcb96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 30 Apr 2023 01:59:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
cVUFs+yweIvnNtM1VwclWQ==
age
74837
content-length
12809
x-ms-lease-status
unlocked
last-modified
Wed, 03 Aug 2022 19:56:03 GMT
server
cloudflare
etag
0x8DA758A321596D6
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
26f799c6-f01e-0103-43e1-5a9db4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7bfc2f170d684bd0-YUL
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 30 Apr 2023 01:59:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
23666
x-ms-lease-status
unlocked
last-modified
Thu, 27 Apr 2023 20:26:48 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ad8eee9b-301e-0055-0199-793391000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7bfc2f170d6b4bd0-YUL
target
www.civicscience.com/widget/api/2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/widget/api/2/target?target=82d19ca8-4f30-60f4-2562-28d5394c0c93&instance=civsci-id-233280733&context=%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds&mv=5&_=1682819951218&callback=jsonp_1682819951218_5181
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.149.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-149-236.compute-1.amazonaws.com
Software
Apache/2.4.56 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
3096bee9054c41abde6da9e20322fffb9bababf5adbbb75511776f68e012b993

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
server
Apache/2.4.56 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.32.118 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-32-118.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Sun, 30 Apr 2023 01:59:11 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
553
blue.newsnationnow.com/DG/DEFAULT/rest/rpc/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.newsnationnow.com/DG/DEFAULT/rest/rpc/553?referer=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&bcsessionid=9ce8fb87-f026-4bee-9d3a-6a128a188166&bctempid=&overruleReferrer=&time=2023-04-30T01%3A59%3A11%2B00%3A00&ts=1682819951275
Requested by
Host: blue.newsnationnow.com
URL: https://blue.newsnationnow.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
- /
Resource Hash
dcc4d601f369911be6cecbd03aedb6e93b0ac8af9779a5c28fd65cfd04339798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2682
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsnationnow.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
7As5op491tjSoJFGuh0SS6IPU8VoywNtx3lqg4tFtUxY0VtgEyBowg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
553
blue.newsnationnow.com/DG/DEFAULT/rest/rpc/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.newsnationnow.com/DG/DEFAULT/rest/rpc/553?referer=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&bcsessionid=9ce8fb87-f026-4bee-9d3a-6a128a188166&bctempid=&overruleReferrer=&time=2023-04-30T01%3A59%3A11%2B00%3A00&ts=1682819951311
Requested by
Host: blue.newsnationnow.com
URL: https://blue.newsnationnow.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
- /
Resource Hash
77104954a8da55b9f1d068be612586aa5a927287f7d7a1052299ebcffdea482e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2643
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsnationnow.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
RuTObmXQx9rarQNc5kFyhKwi6LwI3NyW7yhAvheyE35tmFnVC8Lr3w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
553
blue.newsnationnow.com/DG/DEFAULT/rest/rpc/ 		765 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.newsnationnow.com/DG/DEFAULT/rest/rpc/553?referer=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&bcsessionid=9ce8fb87-f026-4bee-9d3a-6a128a188166&bctempid=&overruleReferrer=&time=2023-04-30T01%3A59%3A11%2B00%3A00&ts=1682819951327
Requested by
Host: blue.newsnationnow.com
URL: https://blue.newsnationnow.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
- /
Resource Hash
d714928c83b9d8c62e94e52316c530131ad7350a01d23799447c0c09a5830cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
187
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsnationnow.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
5t8NRYIXPCbb4sKkmOYj-guZ5fcCi1CywbBcwSEDlp6sHEhVAQD1tA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
553
blue.newsnationnow.com/DG/DEFAULT/rest/rpc/ 		191 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.newsnationnow.com/DG/DEFAULT/rest/rpc/553?referer=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&bcsessionid=9ce8fb87-f026-4bee-9d3a-6a128a188166&bctempid=&overruleReferrer=&time=2023-04-30T01%3A59%3A11%2B00%3A00&ts=1682819951332
Requested by
Host: blue.newsnationnow.com
URL: https://blue.newsnationnow.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
- /
Resource Hash
d44df99a717d92e9f5f791d2d5a220e0e2fcdfea5d9b12891f866a0d9bffdc1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
169
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsnationnow.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
F5Bgi5QGLTYm17CnNrvF-hem0yRrQpnBW2P_eXTxKD9WJxKFMuUf8w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
trends.revcontent.com/api/demand/ 		365 B
697 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=221246
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.210.106.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-106-198.compute-1.amazonaws.com
Software
envoy /
Resource Hash
82836d8469e6bbeab686eb7fadee649cbe77ff4c201a38ae629651e2752b70dc
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin
https://www.newsnationnow.com
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
content-length
253
sync
trends.revcontent.com/ 		62 B
568 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.210.106.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-106-198.compute-1.amazonaws.com
Software
envoy /
Resource Hash
fafb9f6bdd28b4a2e09a1e9e5bb39fa5db2bb32fe8bb22f1c2a91898e113bee2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 30 Apr 2023 01:59:11 GMT
server
envoy
etag
"301f9ffa-bbfd-4ece-9bb4-ff2c0be5ab44"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/json
access-control-allow-origin
https://www.newsnationnow.com
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
cache-control
max-age=600, private, s-maxage=0, stale-while-revalidate=1800
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
62
i
api.segment.io/v1/ 		21 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/i
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ombTFgzuMyzShBegBMRNK25zHRqm1YzP/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.110.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-110-192.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsnationnow.com
date
Sun, 30 Apr 2023 01:59:11 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/ 		21 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ombTFgzuMyzShBegBMRNK25zHRqm1YzP/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.110.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-110-192.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsnationnow.com
date
Sun, 30 Apr 2023 01:59:11 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
cs
nexstar.blueconic.net/DG/DEFAULT/ 		66 B
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=9ce8fb87-f026-4bee-9d3a-6a128a188166&&callback=bc_json555
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.239.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-239-67.compute-1.amazonaws.com
Software
- /
Resource Hash
92a4028a4709d9bc9804056a0ca57d071bbd9f854e5ba83dbda2778ac68f4d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
553
blue.newsnationnow.com/DG/DEFAULT/rest/rpc/ 		191 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.newsnationnow.com/DG/DEFAULT/rest/rpc/553?referer=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&bcsessionid=9ce8fb87-f026-4bee-9d3a-6a128a188166&bctempid=&overruleReferrer=&time=2023-04-30T01%3A59%3A11%2B00%3A00&ts=1682819951440
Requested by
Host: blue.newsnationnow.com
URL: https://blue.newsnationnow.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
- /
Resource Hash
c8b076a4676aaf3b2ff4000fe15ad299cb4625eafbce213a23d4e7090b96e982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
169
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsnationnow.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
lW_wTPWMezKmDtGvHrRt4zA3Qn-oDRcouvdZjtcl8XSx7_WrWHBSIA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TRJXNK2&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ombTFgzuMyzShBegBMRNK25zHRqm1YzP/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1c78461b72d985caf979ec1daa7709c406d4c9996aebcc2fc587f81e30616d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43195
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 Apr 2023 01:59:11 GMT
pr
s.amazon-adsystem.com/v3/ Frame BE8D 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5940c1a3c9c9e08fc0755fa5492eaf4f9c807ca5ef70d8122947831647195ff0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3152
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
P9GAN2B9VZV158DB1VBV
jot
www.civicscience.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/jot?j=587156601.784205582&n=1&s=poll&t=resolved&d=%7B%22target%22%3A4655%2C%22instance%22%3A%22civsci-id-233280733%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A243%2C%22cy%22%3A1299%2C%22otarget%22%3A4051%2C%22pin%22%3A%22%22%2C%22pinMode%22%3A%22enabled%22%2C%22isMeta%22%3Atrue%7D
Requested by
Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js?ver=1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.40.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-40-122.compute-1.amazonaws.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
last-modified
Fri, 30 Aug 2019 14:44:32 GMT
server
Apache/2.4.39 (Amazon)
accept-ranges
bytes
etag
"0-59156a8fe3400"
content-length
0
content-type
text/plain; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame BE8D
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258215511455387000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258215511455387000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N7ZYVE10W850ZMTSMW5E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:11 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258215511455387000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 30 Apr 2023 01:59:11 GMT
ecm3
s.amazon-adsystem.com/ Frame BE8D
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=97F0F40EA0184676AC35881C57F6BA1C&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=97F0F40EA0184676AC35881C57F6BA1C&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G4Z908146GTF95JCSX4Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 01:59:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=97F0F40EA0184676AC35881C57F6BA1C&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 01:59:11 GMT
ecm3
s.amazon-adsystem.com/ Frame BE8D
Redirect Chain
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=bb30f702-d383-4c5b-9d50-28ae5b6074f9
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=bb30f702-d383-4c5b-9d50-28ae5b6074f9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D13E4E8KGX1Q972R1A12
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:11 GMT
server
nginx/1.12.2
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=bb30f702-d383-4c5b-9d50-28ae5b6074f9
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 43AD 		44 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P41DFFBE3-BFE6-4E87-A645-785182813A6E&sessionId=zsb6z8kidk8m38ei3c29ryfmhjszj1682819951&c16=sdkv,bj.6.0.0&uoo=&fp_id=fursut4egfyaaxkpdcnpxq7jdwbu31682819951&fp_cr_tm=1682819951063&fp_acc_tm=1682819951063&fp_emm_tm=1682819951063&ve_id=&c30=bldv,6.0.0.662&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.156.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-156-14.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:11 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
zsb6z8kidk8m38ei3c29ryfmhjszj1682819951.nuid.imrworldwide.com/ Frame 43AD 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zsb6z8kidk8m38ei3c29ryfmhjszj1682819951.nuid.imrworldwide.com/
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:a200:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 03:16:58 GMT
via
1.1 1abf103face183cd8172f37e6ac30038.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
81734
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
OpEHaj16kLJ75PXomZOmlfrGFXW3MCNxpZeLOsLYnp8R1cPPMwJr4A==
sync
gum.criteo.com/ 		56 B
298 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=446&r=2&j=dspCriteoRTUSCallback&us_privacy=1---
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e62ff111daf17418d9a23c8cf57947f202701d3d0fb370d29579f60bc9b29dc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:10 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
834765
expires
60
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1682819951&us_privacy=&rev_dt=1682819951529
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1682819951&us_privacy=&rev_dt=1682819951529
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=31d2f336-b910-431f-84a5-4d822ced4596&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=3fda7304-241e-494b-ba29-937617e680e8&ssp=revcontent
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=31d2f336-b910-431f-84a5-4d822ced4596&callback=dspCMCallback
90 B
241 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=31d2f336-b910-431f-84a5-4d822ced4596&callback=dspCMCallback
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Server
18.210.106.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-106-198.compute-1.amazonaws.com
Software
envoy /
Resource Hash
30a0d0eb0c770691e9350bffa6ae22690c4c935a1a74ce2940f30cedaa703a3c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 30 Apr 2023 01:59:12 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

Location
//trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=31d2f336-b910-431f-84a5-4d822ced4596&callback=dspCMCallback
Date
Sun, 30 Apr 2023 01:59:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=M2NmY2Y4NGIyM2VkMGQ5NjNjZjQzMDRkMzAzOTdjYjY%3D&rev_dt=1682819951&us_privacy=&rev_dt=1682819951530
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=M2NmY2Y4NGIyM2VkMGQ5NjNjZjQzMDRkMzAzOTdjYjY%3D&rev_dt=1682819951&us_privacy=&rev_dt=1682819951530
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=M2NmY2Y4NGIyM2VkMGQ5NjNjZjQzMDRkMzAzOTdjYjY=&bidder=154&bidder_uid=3fda7304-241e-494b-ba29-937617e680e8&callback=dspCMCallback
90 B
241 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=M2NmY2Y4NGIyM2VkMGQ5NjNjZjQzMDRkMzAzOTdjYjY=&bidder=154&bidder_uid=3fda7304-241e-494b-ba29-937617e680e8&callback=dspCMCallback
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Server
18.210.106.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-106-198.compute-1.amazonaws.com
Software
envoy /
Resource Hash
d8890206b5ec28689dd27a141e9025e339e4970d25d3997222a4123c06f7c7cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 30 Apr 2023 01:59:12 GMT
x-envoy-upstream-service-time
3
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=M2NmY2Y4NGIyM2VkMGQ5NjNjZjQzMDRkMzAzOTdjYjY=&bidder=154&bidder_uid=3fda7304-241e-494b-ba29-937617e680e8&callback=dspCMCallback
date
Sun, 30 Apr 2023 01:59:11 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
trends.revcontent.com/api/delivery/ 		26 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=221246&width=1600&us_privacy=1---&rev_allow_cookies=1&site_url=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&icr_url=&va=0&user_uuid=301f9ffa-bbfd-4ece-9bb4-ff2c0be5ab44&time=1682819951534&up=pc&bn=chrome&bv=112&widget_width=1216&style_id=0&an=false
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.210.106.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-106-198.compute-1.amazonaws.com
Software
envoy /
Resource Hash
03514645c8db549e7a05e047fdb6fe4ce45407fcb8e292403ae63e5f260c7644
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sun, 30 Apr 2023 01:59:11 GMT
strict-transport-security
max-age=931536000; includeSubDomains
content-encoding
gzip
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsnationnow.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
66
en.json
cdn.civicscience.com/jspoll/5/locales/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.civicscience.com/jspoll/5/locales/en.json?pv=5.4.1
Requested by
Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js?ver=1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:4400:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7667de86db71e27e444ab0a3f8088ff597349578f0680ac65023dde4ce567afe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 07:02:24 GMT
via
1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 17:59:17 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
70050
etag
"16292bb8162f46388695c8b258aca456"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
4718
x-amz-cf-id
OMAciC0PFLhfnfCtcItVNmrprxLiRKuPW2CNE2HcFbSL97f8Y5wopA==
amzns2s
rtb.gumgum.com/usync/ Frame C3A7 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.20.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-20-74.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5954d46ef0a4a8b580e6630a6b7d6f542ca8834fff02cdb2a410d2d9435119c7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 30 Apr 2023 01:59:11 GMT
etag
W/"0ae73d665b19a4085d42afc0bbc2e5e2b"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 752A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
72f600662bf0816c7a0ec3557a9d1e79c890ef801ff9f1026429d0367ad1f0e9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1819
Content-Type
text/html
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
cm
u.openx.net/w/1.0/ Frame 82F8
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
693 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
58e3d3dd6505fad5039ecf085727ad24c2b52df0077c3f4d34661d8b47899bc1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
401
content-type
text/html
date
Sun, 30 Apr 2023 01:59:11 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 30 Apr 2023 01:59:11 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 5500
Redirect Chain
  • https://usr.undertone.com/userPixel/syncr?partnerid=49&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=6623047a2d71446d91fcca52f2f99e89
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=6623047a2d71446d91fcca52f2f99e89
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
W6TBNMMPZ6SVDPXESRSS

Redirect headers

content-length
0
date
Sun, 30 Apr 2023 01:59:11 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=6623047a2d71446d91fcca52f2f99e89
server
istio-envoy
via
1.1 612d3e065148a94cbbe94139733f662e.cloudfront.net (CloudFront)
x-amz-cf-id
p7aMmYa3kCxoFNZu9BRdE62GjvpH0weGtIHi_udnR9K7pjwVrDsGUA==
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
/
match.sharethrough.com/jwumXNuB/v1/ Frame AFB2 		427 B
938 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
23a9ff0fa92e2adfc1249c6f9d51cc1a7e89881cacbeef28b8535bcd2695977a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Sun, 30 Apr 2023 01:59:11 GMT
tamptsync
sync-amz.ads.yieldmo.com/ Frame 8843 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.47.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-47-217.compute-1.amazonaws.com
Software
/
Resource Hash
8a40b4f02090bed35f9605142c61c57571521525e134501e5688f47d325585e8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sun, 30 Apr 2023 01:59:11 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 013D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 01:59:11 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 8546
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1XT3dtMVV0RTJ1S1JpUnZkRnRyN3AyTldzQWh1dWE2R35B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1XT3dtMVV0RTJ1S1JpUnZkRnRyN3AyTldzQWh1dWE2R35B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
D2AQAWHS78S1PBA283XZ

Redirect headers

age
0
content-length
0
date
Sun, 30 Apr 2023 01:59:11 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1XT3dtMVV0RTJ1S1JpUnZkRnRyN3AyTldzQWh1dWE2R35B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame F424
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=2806201715888124060&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=2806201715888124060&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KK2P10Q41HKTWV057MRK

Redirect headers

AN-X-Request-Uuid
2c722698-995d-4c9b-9e39-e983df98c811
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=2806201715888124060&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame 860B
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=292355670861132343203
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=292355670861132343203
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-MediaNet_ox-db5_n-undertone_n-sharethrough_n-simpli.fi_ym_rbd_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
F3HS9WEBKXFH18H8TYWD

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 30 Apr 2023 01:59:11 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=292355670861132343203
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
197.f40f0b8442ffcba47a35.js
s7.addthis.com/static/ 		2 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/197.f40f0b8442ffcba47a35.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.32.118 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-32-118.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
2be26b2e7ea57676a49e6af3c8624a919d4e4967fbd709703c1e5c76ab7adc40
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Sun, 30 Apr 2023 01:59:11 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-7a2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
755
truncated
/ 		253 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5dd7145f1cb5c2e13a9ef6106801892e8cabc8c58fa6469d7b04ab35b3455b00

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		618 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9eb84d2c15cf8f66b57ec3c9db8bb4cbd962516eedb2adcf007feb2489a02500

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		719 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f27554f22b8d95687bfef8e3e64ec1c3544a03559175f5abc1f96bd84963c2b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		779 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4909fbe9f6644099bea439e8fcc5a39000458879cbcd38e9d853753839390da1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		479 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e345e96e50c7ac27dd9826c685f7ee0b0d7af7b6d1b9b1eb70bef052f2a5a3b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
324614d75e758d300332b52fa34ae780371aa2a57fb565063840cfafb87f173d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
usersync
usersync.gumgum.com/ Frame C3A7
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2806201715888124060
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2806201715888124060
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Sun, 30 Apr 2023 01:59:11 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
33bb502a-eac2-483f-9c2d-cb965bb80c2b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=2806201715888124060
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame C3A7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b&gdpr=&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=31d2f336-b910-431f-84a5-4d822ced4596&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=924b113e-57b3-49c2-ab80-8a6f6b4116c8&expires=1&user_group=5&ssp=gumgum2&bsw_param=31d2f336-b910-431f-84a5-4d822ced4596&gdpr=&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=31d2f336-b910-431f-84a5-4d822ced4596&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=31d2f336-b910-431f-84a5-4d822ced4596&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=31d2f336-b910-431f-84a5-4d822ced4596&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 30 Apr 2023 01:59:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame C3A7
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28_Wc_kZqn6X7dMDgNfhaFFkdxUAb8DtyafnReO-p_VVpZngsUa8F1DM7IsmC3WJxY%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b&obuid=ENC(_Wc_kZqn6X7dMDgNfhaFFkdxUAb8DtyafnReO-p_VVpZngsUa8F1DM7IsmC3WJxY)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3D_Wc_kZqn6X7dMDgNfhaFFkdxUAb8DtyafnReO...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=eb05c266-35b1-4de6-bbf3-266efdf9c20a&obUid=_Wc_kZqn6X7dMDgNfhaFFkdxUAb8DtyafnReO-p_VVpZngsUa8F1DM7IsmC3WJxY&gdpr=$GDPR_APPLIES&gdpr_conse...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=eb05c266-35b1-4de6-bbf3-266efdf9c20a&obUid=_Wc_kZqn6X7dMDgNfhaFFkdxUAb8DtyafnReO-p_VVpZngsUa8F1DM7IsmC3WJxY&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 01:59:12 GMT
Cache-Control
no-cache
X-TraceId
3bb164162fb083eddffbb4cd37d3a4d0
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=eb05c266-35b1-4de6-bbf3-266efdf9c20a&obUid=_Wc_kZqn6X7dMDgNfhaFFkdxUAb8DtyafnReO-p_VVpZngsUa8F1DM7IsmC3WJxY&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
access-control-allow-origin
*
date
Sun, 30 Apr 2023 01:59:12 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame C3A7
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=132afa39-a00a-0c5f-23e2-d5989d86cd89
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=132afa39-a00a-0c5f-23e2-d5989d86cd89
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=132afa39-a00a-0c5f-23e2-d5989d86cd89
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame C3A7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185
Date
Sun, 30 Apr 2023 01:59:11 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame C3A7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-ycGzdv9E2pfYyhjHZGzk52C3TE1VxoyOqIy7~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-ycGzdv9E2pfYyhjHZGzk52C3TE1VxoyOqIy7~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 30 Apr 2023 01:59:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-ycGzdv9E2pfYyhjHZGzk52C3TE1VxoyOqIy7~A
content-length
0
usersync
usersync.gumgum.com/ Frame C3A7
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=8eba1813-6438-44ac-a501-d1055090e5f7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=8eba1813-6438-44ac-a501-d1055090e5f7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=8eba1813-6438-44ac-a501-d1055090e5f7
Date
Sun, 30 Apr 2023 01:59:11 GMT
Connection
keep-alive
X-CI-RTID
ad625861-d0dd-4479-97f1-4b2b5c84c00d
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame C3A7
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=5597529CCA40456999768DE69389154D
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=5597529CCA40456999768DE69389154D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 30 Apr 2023 01:59:11 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
703943722
location
https://usersync.gumgum.com/usersync?b=snc&i=5597529CCA40456999768DE69389154D
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame C3A7 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 01:59:10 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame C3A7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=emhcbg7rl3Ki7JE6L2It&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVSW22DDMJTTO4TMGNFWSN2KIU3EYMSJOQ
  • https://usersync.gumgum.com/usersync?b=zem&i=emhcbg7rl3Ki7JE6L2It
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=emhcbg7rl3Ki7JE6L2It
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=emhcbg7rl3Ki7JE6L2It
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame C3A7
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=eb05c266-35b1-4de6-bbf3-266efdf9c20a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=eb05c266-35b1-4de6-bbf3-266efdf9c20a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=eb05c266-35b1-4de6-bbf3-266efdf9c20a
access-control-allow-origin
*
date
Sun, 30 Apr 2023 01:59:12 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame C3A7
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=dTKB7HO9FSyL&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=dTKB7HO9FSyL&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://usersync.gumgum.com/usersync?b=pln&i=dTKB7HO9FSyL&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-whv5f
expires
-1
usersync
usersync.gumgum.com/ Frame C3A7
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=7045590474520975260
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=7045590474520975260
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=7045590474520975260
date
Sun, 30 Apr 2023 01:59:12 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame C3A7 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6XYDF6W8W05EAXA1HG6T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
asyncPixelSync
pixel.sitescout.com/dmp/ Frame CE3D
Redirect Chain
  • https://pixel.sitescout.com/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
207.198.113.230 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
A /
Resource Hash
bc37ad724f20a9b3468ad89c9c927d82d7815b63ed7590d1ee64e12af0c82ae9

Request headers

Referer
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
content-length
1162
content-type
text/html;charset=UTF-8
date
Sun, 30 Apr 2023 01:59:11 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A

Redirect headers

content-length
0
date
Sun, 30 Apr 2023 01:59:11 GMT
location
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
server
A
beacon.js
analytics-sm.com/js/v1/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-sm.com/js/v1/beacon.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.159.227.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-82.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
133b0a1570d26f9e1beeecaeb4587a8f449c65bff8c87895cdd7e98879644ba6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:49:46 GMT
content-encoding
gzip
via
1.1 dab7c883f718ae0143b9d40675c00658.cloudfront.net (CloudFront)
last-modified
Mon, 18 Nov 2019 20:56:58 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
565
etag
W/"ab9f4a2518b1913f8a45b16f69d1c7a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600, no-transform, public
x-amz-cf-id
83uLEz414Ri0pBJ3cnmZtrPQGFOGnYySkKMjoUy2BRWOzN_5NDzP3g==
22adbdb5ae1d0ff1
pixel.sitescout.com/iap/
Redirect Chain
  • https://pixel.sitescout.com/iap/22adbdb5ae1d0ff1
  • https://pixel.sitescout.com/iap/22adbdb5ae1d0ff1?cookieQ=1
0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/22adbdb5ae1d0ff1?cookieQ=1
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Server
207.198.113.230 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sun, 30 Apr 2023 01:59:11 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/iap/22adbdb5ae1d0ff1?cookieQ=1
date
Sun, 30 Apr 2023 01:59:11 GMT
server
AC1.1
content-length
0
usersync
usersync.gumgum.com/ Frame 7E23
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=a664644d-cb70-4300-9a13-233ed2a6eae5&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=a664644d-cb70-4300-9a13-233ed2a6eae5&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
Sun, 30 Apr 2023 01:59:10 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master ord-pixel-x3 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=a664644d-cb70-4300-9a13-233ed2a6eae5&gdpr=&gdpr_consent=
user-sync
sync.adkernel.com/ Frame E6D4 		21 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
43e96d451b13a80f769c106908376c94b31beb9aac6566498c5c60f0059ca4f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
21
Date
Sun, 30 Apr 2023 01:59:11 GMT
Pragma
no-cache
Server
nginx
usersync
usersync.gumgum.com/ Frame 7220
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZE3LbwAGdnRvhAAn
  • https://usersync.gumgum.com/usersync?b=atm&i=ZE3LbwAGdnRvhAAn&gdpr=&gdpr_consent=&_test=ZE3LbwAGdnRvhAAn
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZE3LbwAGdnRvhAAn&gdpr=&gdpr_consent=&_test=ZE3LbwAGdnRvhAAn
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 30 Apr 2023 01:59:11 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZE3LbwAGdnRvhAAn&gdpr=&gdpr_consent=&_test=ZE3LbwAGdnRvhAAn
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yyz4573-YYZ
x-timer
S1682819952.869045,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 21AE 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV81ZmJkZmM4YS03OWUwLTQzZTktOGQ2Yy1iNThkZWEzZjg0OGI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 01:59:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9AED 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113610
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 01:59:11 GMT
expires
Mon, 01 May 2023 09:32:41 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 6AB4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=0d3b310b-bf7a-405b-b93b-9457c9f6b19e
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=0d3b310b-bf7a-405b-b93b-9457c9f6b19e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sun, 30 Apr 2023 01:59:11 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=0d3b310b-bf7a-405b-b93b-9457c9f6b19e
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame C71C
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZE3LcMCo8X4AAHdCi2gAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZE3LcMCo8X4AAHdCi2gAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 30 Apr 2023 01:59:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 30 Apr 2023 01:59:12 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZE3LcMCo8X4AAHdCi2gAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad417.dc4p.scaleout.jp
X-SO-IP
149.56.153.185
X-SO-Key
ZE3LcMCo8X4AAHdCi2gAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"149.56.153.185","key":"ZE3LcMCo8X4AAHdCi2gAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad417"}
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad417
usersync
usersync.gumgum.com/ Frame 188F
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=98255888-350f-4733-b66b-28f3b9e014a6
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=98255888-350f-4733-b66b-28f3b9e014a6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=98255888-350f-4733-b66b-28f3b9e014a6
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
ecm3
s.amazon-adsystem.com/ Frame 82F8 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=bcc12234-94b5-8ff3-8497-47e23de5072f
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
09R5R4BWQ8J0455E4RYX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
70d0380d-18b3-a640-754e-d380aa810186
pr-bh.ybp.yahoo.com/sync/openx/ Frame 82F8 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/70d0380d-18b3-a640-754e-d380aa810186?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:4fe1:ac42:6a21:1cf9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 82F8 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=bcc12234-94b5-8ff3-8497-47e23de5072f
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NAHM0788TCA0HYMBCX50
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 82F8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=e4175e49-881f-3409-4499-c57555d6cccf&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&ttd_puid=e4175e49-881f-3409-4499-c57555d6cccf&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&ttd_puid=e4175e49-881f-3409-4499-c57555d6cccf&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&ttd_puid=e4175e49-881f-3409-4499-c57555d6cccf&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 82F8 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg3ODhkODMtNDE2OC02YWFkLTUxNzktOWZjYzlmMzQwMmFm
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 82F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAPWdf3Rlu6tvJ5vynSHzgk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAPWdf3Rlu6tvJ5vynSHzgk&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAPWdf3Rlu6tvJ5vynSHzgk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame AFB2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=1fe6f55a-454d-4190-84a8-f0c8e9bfe713
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CFAY87RQAA4DPYTVY6WR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame AFB2
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2806201715888124060
68 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2806201715888124060
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Date
Sun, 30 Apr 2023 01:59:11 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2482d90d-729a-4f1e-a693-6b495d5ea0b1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2806201715888124060
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame AFB2
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
68 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame AFB2
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
68 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame AFB2
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
68 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usync.js
eus.rubiconproject.com/ Frame 013D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 01:59:11 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2023 17:49:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57003
Connection
keep-alive
Content-Length
10020
Expires
Sun, 30 Apr 2023 17:49:14 GMT
bob_zero_zero_one.js
bob.dmpxs.com/static/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bob.dmpxs.com/static/bob_zero_zero_one.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.43.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-43-162.compute-1.amazonaws.com
Software
/ Express
Resource Hash
fa852bc86d8cf44647c08d2428f4b6e7bced846930e419b34629fe177f44bee7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
last-modified
Fri, 09 Dec 2022 20:45:04 GMT
x-powered-by
Express
etag
W/"10af-184f8a26941"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
ecm3
s.amazon-adsystem.com/ Frame 8843 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=gc07948f5975ba895194
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RA3ABVADDGTS0BV4VG6G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/ Frame 8843
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LH2RJSAP-Y-HTBD
43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LH2RJSAP-Y-HTBD
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
35.172.39.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-42.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LH2RJSAP-Y-HTBD
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
sync
ads.yieldmo.com/v000/ Frame 8843
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEEiLMyuAGW5pwIvaugyjG2A&google_cver=1
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEEiLMyuAGW5pwIvaugyjG2A&google_cver=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
35.172.39.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-42.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEEiLMyuAGW5pwIvaugyjG2A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 8843
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1682819952040
  • https://ad.turn.com/r/cs?pid=45&rndcb=3723819329
  • https://sync.1rx.io/usersync/turn/4114394166873606790?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-fefba385-d67b-4953-8954-bd76b135de3f-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-fefba385-d67b-4953-8954-bd76b135de...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-fefba385-d67b-4953-8954-bd76b135de3f-005
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-fefba385-d67b-4953-8954-bd76b135de3f-005
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
35.172.39.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-42.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Sun, 30 Apr 2023 01:59:12 GMT
Server
Tengine
ETag
RXfefba385d67b49538954bd76b135de3f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-fefba385-d67b-4953-8954-bd76b135de3f-005
Content-Type
text/html
Connection
keep-alive
sync
sync-pm.ads.yieldmo.com/ Frame 8843
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODJGOUM1NzUtM0U4RS00ODQyLThEQjctNEVCRkEzRkEwNDNF&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D82F9C575-3E8E-4842-8DB7-4EBFA3FA043E%26gdpr%3D0%26gdpr_consent%3D
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&gdpr=0&gdpr_consent=
43 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&gdpr=0&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.224.47.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-47-217.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&gdpr=0&gdpr_consent=
date
Sun, 30 Apr 2023 01:59:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 8843 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=Z2MwNzk0OGY1OTc1YmE4OTUxOTQ=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
api.segment.io/v1/ 		21 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ombTFgzuMyzShBegBMRNK25zHRqm1YzP/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.110.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-110-192.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsnationnow.com
date
Sun, 30 Apr 2023 01:59:11 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
usermatchredir
ssum-sec.casalemedia.com/ Frame 6E18 		43 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 01:59:11 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame E2B1
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=yKnKxKjizgaVMhMIUbQf&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=yKnKxKjizgaVMhMIUbQf&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 30 Apr 2023 01:59:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 30 Apr 2023 01:59:12 GMT Sun, 30 Apr 2023 01:59:12 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=yKnKxKjizgaVMhMIUbQf&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 148E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 01:59:11 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 01:59:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
rum
dsum-sec.casalemedia.com/ Frame 752A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&expiration=1685411951&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&expiration=1685411951&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&expiration=1685411951&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 752A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3LbwC4IvwXl.4YHEnopgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECuKuqkVOZXV-X3tO49Ukic&google_cver=1&google_hm=2
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECuKuqkVOZXV-X3tO49Ukic&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECuKuqkVOZXV-X3tO49Ukic&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 752A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3LbwC4IvwXl-4YHEnopgAAAC0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENCBDnyP20oP1obhXaE0khk&google_cver=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENCBDnyP20oP1obhXaE0khk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENCBDnyP20oP1obhXaE0khk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 752A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3LbwC4IvwXl-4YHEnopgAAAC0AAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4WTNBD4W84S5T4NWKQ7H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 752A
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b88892d1-de49-e0eb-55a56e6a
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b88892d1-de49-e0eb-55a56e6a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Sun, 30 Apr 2023 01:59:12 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b88892d1-de49-e0eb-55a56e6a
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
tp_out
d.adroll.com/cm/index/ Frame 752A 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:f195:b922:3681:7158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 752A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7812624609369255604&expiration=1684029552
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7812624609369255604&expiration=1684029552
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7812624609369255604&expiration=1684029552
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 752A
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c15d3720-4ec5-427e-8d75-3e9ca5ef2b96&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c15d3720-4ec5-427e-8d75-3e9ca5ef2b96&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c15d3720-4ec5-427e-8d75-3e9ca5ef2b96&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sun, 30 Apr 2023 01:59:12 GMT
server
_
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 752A 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZE3LbwC4IvwXl-4YHEnopgAAAC0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VFS5XD467RBNG239K4SS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.210.106.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-106-198.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region
us-east-1a
date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
access-control-allow-origin
https://www.newsnationnow.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
css2
fonts.googleapis.com/ 		9 KB
946 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Fira+Sans+Extra+Condensed:wght@600&family=Nunito+Sans:ital,wght@0,400;0,700;1,600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eaa1d8ff795c59d3fea27b5c11b076f9dd4fb86625e6e19e94c94f2e8bedaeec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 01:59:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Apr 2023 01:59:11 GMT
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
0657d7f3fc264bdd692723e7489a1b6d7a14cf47e85e3f1b187df1576d7cb365

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 20:23:04 GMT
server
AmazonS3
x-amz-request-id
5HBBN2F9742Z0DSE
etag
"c9126b7f358d4655e0c6e44fcf4474ad"
x-amz-server-side-encryption
AES256
x-hw
1682819951.cds088.dc2.hn,1682819951.cds226.dc2.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=600
accept-ranges
bytes
content-length
7095
x-amz-id-2
LrN5V6iGbS8xd1XwmIeM5038XrFL3n5ytG2FrzNk4ezMaX0qvHZWOOJgYmK/zzDt6arvIg53oKM=
defaultWidget.delivery.js
assets.revcontent.com/master/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
0da877ab247b2762098812231395a30607d9db556bd54c417bd34d90618d1e05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 20:23:02 GMT
server
AmazonS3
x-amz-request-id
5HB6TMYAX9DVT1C1
etag
"0da71fdb88e00fce9ff3f96b468e5be1"
x-amz-server-side-encryption
AES256
x-hw
1682819951.cds088.dc2.hn,1682819951.cds253.dc2.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=600
accept-ranges
bytes
content-length
6242
x-amz-id-2
zJQF1HnsdL9LmT5Vv4Apfn80ojy+nHyBTYhggu/q28agahK9JOOwYm888kYMBPL4r5nHcsIfzNV511hArUJRE9vrmfyDkBT4Tegschs6/oY=
commonModal.delivery.js
assets.revcontent.com/master/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/commonModal.delivery.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
c72d5ee392eeb3b437dc995ed6ca9ef6f3ecb9519619b23094e6207523f6df40

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 20:23:02 GMT
server
AmazonS3
x-amz-request-id
5HB0VG2T29W3TE4T
etag
"4bca2a60f83e1a90751948fb54c9afd8"
x-amz-server-side-encryption
AES256
x-hw
1682819951.cds088.dc2.hn,1682819951.cds074.dc2.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=600
accept-ranges
bytes
content-length
1668
x-amz-id-2
4cT6b1nH5wbdutlg2xN4H2IV+Q5tTmwL+TVI2SOOtVqLq2BpOKbA3s0AAhpajjDmoQ4usS71PzI=
/
img.revcontent.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
last-modified
Thu, 02 Jun 2022 15:22:42 GMT
etag
"1654183362"
x-hw
1682819952.cds059.dc2.hn,1682819952.cds203.dc2.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1351
csw-frame.5.4.1.js
cdn.civicscience.com/jspoll/5/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.civicscience.com/jspoll/5/csw-frame.5.4.1.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:4400:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d362655f8e40f3757ac5ee7998bec675d0b0883c42ddcaf427a1dd7a381a46dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 08:03:07 GMT
content-encoding
gzip
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 17:59:16 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
64566
etag
W/"27ace0b5651c6ff02bccb7e1efdeea98"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
sS_b7BiWN2jRbQDAOEiA_fzne4URLeQbkO1YDfR03i_19wPukEobyg==
integrator.js
adservice.google.ca/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.newsnationnow.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.newsnationnow.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		160 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=962805737880682&correlator=1604818808608710&hxva=1&scor=4401790571929939&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=5678%2Cnx.newsnation%2Cbusiness%2Ctech&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%2C728x90%2C728x90%2C728x90%2C2x2%2C728x90&ifi=1&adks=375592840%2C2862356962%2C3636560511%2C579930179%2C3750686893%2C2910733795&didk=4135163789~2519366359~842427404~3266916230~359531609~4273737504&sfv=1-0-40&ists=2&prev_scp=pos%3Dbillboard1%26fold%3Datf%26aa%3Df%26category%3Dtech%26kw%3Dmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%26hlmeta%3Dmicrosoft%2520breached%2520in%2520suspected%2520russian%2520hack%2520using%2520solarwinds%26zeus_rendercount%3D1%26amznbid%3D2%26amznp%3D2%7Cpos%3Dleader_mr1%26fold%3Dbtf%26aa%3Df%26category%3Dtech%26kw%3Dmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%26hlmeta%3Dmicrosoft%2520breached%2520in%2520suspected%2520russian%2520hack%2520using%2520solarwinds%26zeus_rendercount%3D1%26amznbid%3D2%26amznp%3D2%7Cpos%3Dleaderboard1%26fold%3Dmid%26aa%3Df%26category%3Dtech%26kw%3Dmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%26hlmeta%3Dmicrosoft%2520breached%2520in%2520suspected%2520russian%2520hack%2520using%2520solarwinds%26zeus_rendercount%3D1%26amznbid%3D2%26amznp%3D2%7Cpos%3Dleaderboard3%26fold%3Dbtf%26aa%3Df%26category%3Dtech%26kw%3Dmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%26hlmeta%3Dmicrosoft%2520breached%2520in%2520suspected%2520russian%2520hack%2520using%2520solarwinds%26zeus_rendercount%3D1%26amznbid%3D2%26amznp%3D2%7Cpos%3Dexit%26fold%3Datf%26aa%3Df%26category%3Dtech%26kw%3Dmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%26hlmeta%3Dmicrosoft%2520breached%2520in%2520suspected%2520russian%2520hack%2520using%2520solarwinds%26zeus_rendercount%3D1%26amznbid%3D2%26amznp%3D2%7Cpos%3Dadhesion%26fold%3Datf%26aa%3Df%26category%3Dtech%26kw%3Dmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%26hlmeta%3Dmicrosoft%2520breached%2520in%2520suspected%2520russian%2520hack%2520using%2520solarwinds%26zeus_rendercount%3D1%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=zeus%3Dnotapplied%26pid%3D1548892%26pagetype%3Dstory%26pagetest%3D86%26sessiontest%3D86%26pers_cid%3Dnxs-108-article-1548892%26d_code%3D-1%26nlpcat1%3Dcomputers_electronics%252Ccomputers_electronics%26nlpcat2%3Dcomputer_security%252Cnetworking%26nlpcat3%3Dnetwork_monitoring_manag%26nlpsent%3Dnegative%26upid%3Dd96feead-fe87-4252-bcc5-ed52e5512dd2%26refid%3DDirect%26imp_hash%3D1682819950099-617645%26amznbid%3D0%26amznp%3D0&ppid=669f3ecf-419f-4d5c-b8a9-74b6e95ee552-1682819949373&sc=1&cookie_enabled=1&abxe=1&dt=1682819952095&lmt=1682819952&dlt=1682819949183&idt=1368&adxs=436%2C436%2C436%2C436%2C15%2C-12245933&adys=222%2C2702%2C4129%2C4907%2C4964%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&frm=20&vis=1&psz=1600x35%7C1216x35%7C1216x35%7C1216x10%7C1600x35%7C0x-1&msz=728x0%7C728x0%7C728x0%7C728x0%7C2x0%7C0x-1&fws=4%2C4%2C4%2C4%2C4%2C644&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1514230211.1682819951&ga_sid=1682819952&ga_hid=1123915900&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
047f3578d4ee4841808f78c19ba5a78afed273605270d50d659de7007438ff6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54756
x-xss-protection
0
google-lineitem-id
-1,6197481982,6197481982,5894853967,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138419757793,138419757847,138413368649,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.newsnationnow.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1E80 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsnationnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 01:59:12 GMT
expires
Mon, 29 Apr 2024 01:59:12 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 148E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 01:59:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2023 17:49:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57002
Connection
keep-alive
Content-Length
10020
Expires
Sun, 30 Apr 2023 17:49:14 GMT
questions
www.civicscience.com/widget/api/2/ 		1 KB
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/widget/api/2/questions?target=4655&instance=civsci-id-233280733&context=%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds&mv=5&_=1682819952221&idx=0&callback=jsonp_1682819952221_44276
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.149.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-149-236.compute-1.amazonaws.com
Software
Apache/2.4.56 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
c373bc40e39ce0c8a1eb1d4fe31836987486b5167ce0f8e5907914f5f6f42608

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
content-encoding
gzip
server
Apache/2.4.56 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 013D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LH2RJSAP-Y-HTBD
  • https://s.amazon-adsystem.com/ecm3?id=LH2RJSAP-Y-HTBD&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LH2RJSAP-Y-HTBD&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F3W9H45Z9XP8FPDHCX7S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LH2RJSAP-Y-HTBD&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
/
analytics-sm.com/ 		68 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics-sm.com/?bid=cf79daac-841a-475c-a69c-8863ce3305a7&smuid=1682820223195&bt=1682819952264&url=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&url_path=%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&title=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20%7C%20NewsNation
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.159.227.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-82.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 07:35:00 GMT
via
1.1 dab7c883f718ae0143b9d40675c00658.cloudfront.net (CloudFront)
last-modified
Mon, 15 Oct 2018 15:03:36 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
27023053
etag
"e679fbd466a2d656f194a5da4fa083cd"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
no-cache
content-length
68
x-amz-cf-id
SQPYheTCFLmS9jNgZfJxg9CbcMaZo6G0crGTLsTaMeWmcDKfgSEgJw==
demconf.jpg
dpm.demdex.net/ Frame CE3D
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=82530&dpuuid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent=
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
HTTP/1.1
Server
54.186.170.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-170-143.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v044-0b796320e.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ia1m0iIeS7w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v044-0a20a0f54.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Dk6p4lALTNg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
check
pixel.tapad.com/idsync/ex/receive/ Frame CE3D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel.gif
load77.exelator.com/ Frame CE3D
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent=&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-nzt
AZySJBaqAWn/Tk4GAA
x-accel-expires
@1683443490
date
Sun, 30 Apr 2023 01:59:12 GMT
x-77-pop
newyorkUSNY
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
etag
"59f0c3fc-2b"
x-77-nzt-ray
1e192d08a64161f770cb4d640005a928
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-77-cache
HIT
x-age
413262
accept-ranges
bytes
content-length
43

Redirect headers

date
Sun, 30 Apr 2023 01:59:12 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
um
sync.teads.tv/ Frame CE3D 		23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=73&uid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent=
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.151.62 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-151-62.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Sun, 30 Apr 2023 01:59:12 GMT
pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
qmap
sync.crwdcntrl.net/ Frame CE3D
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent=&ct=y
49 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Server
52.73.235.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-235-138.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.4.33
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=61b12384-c508-406c-804b-7d3c68fe1853-644dcb6f-4341&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.40.8.239
content-length
0
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 9AED 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66859996&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4ba045b8d4225f11143a5d69036753be8773f449e1e458c851b76f0a412ed144

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 01:59:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
sync.rtk.io/ Frame 95BE 		0
0
magnetar_attract
bob.dmpxs.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fbob.dmpxs.com%2Fmagnetar_attract%3Fbob_tag_id%3Dbob_001%26apnx_uid%3D%24UID
  • https://bob.dmpxs.com/magnetar_attract?bob_tag_id=bob_001&apnx_uid=2806201715888124060
35 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bob.dmpxs.com/magnetar_attract?bob_tag_id=bob_001&apnx_uid=2806201715888124060
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Server
54.208.43.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-43-162.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
x-powered-by
Express

Redirect headers

Date
Sun, 30 Apr 2023 01:59:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2f2fd1c6-b79a-4a20-aca4-c986f49586a6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://bob.dmpxs.com/magnetar_attract?bob_tag_id=bob_001&apnx_uid=2806201715888124060
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
magnetar_attract
bob.dmpxs.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/nextardigital
  • https://match.prod.bidr.io/cookie-sync/nextardigital?_bee_ppp=1
  • https://bob.dmpxs.com/magnetar_attract?bx_uid=AADqGE7Im5cAACHzaMyfgw
35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bob.dmpxs.com/magnetar_attract?bx_uid=AADqGE7Im5cAACHzaMyfgw
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Server
54.208.43.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-43-162.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
x-powered-by
Express

Redirect headers

location
https://bob.dmpxs.com/magnetar_attract?bx_uid=AADqGE7Im5cAACHzaMyfgw
Date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
bob_001.gif
bob.dmpxs.com/ 		35 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bob.dmpxs.com/bob_001.gif?bob_session_id=1682819952299-564122&bob_cb=1682819949384731&bob_event=evar_checkin&dcode=-1&repeat_visitor=1682819952299-566227&referrer=&page_title=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20|%20NewsNation&page_url=newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/&persistentid=nxs-108-article-1548892&imp_hash=1682819950099-617645&ndn=669f3ecf-419f-4d5c-b8a9-74b6e95ee552-1682819949373&bcsessionid=9ce8fb87-f026-4bee-9d3a-6a128a188166
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.43.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-43-162.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
x-powered-by
Express
rc-logo.png
cdn.revcontent.com/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
last-modified
Thu, 27 Apr 2023 15:56:36 GMT
etag
"1682610996"
x-hw
1682819952.cds243.dc2.hn,1682819952.cds245.dc2.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=52
accept-ranges
bytes
content-length
2091
token
pixel.rubiconproject.com/ Frame 013D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UmBcTnVzRyiep_dfzGfqrw&rk=usync-na
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UmBcTnVzRyiep_dfzGfqrw&rk=usync-na
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WJZEE32PHW0290WHCPB5
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UmBcTnVzRyiep_dfzGfqrw&rk=usync-na
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 013D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBaXr4Ek-14qFgwVSrN8WTM&google_cver=1
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBaXr4Ek-14qFgwVSrN8WTM&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBaXr4Ek-14qFgwVSrN8WTM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 013D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5QJD9SWEHB2SDRMKRJNP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 013D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEgyUkpTQVAtWS1IVEJE
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ68-D-o92wWnIKIySg-1EM&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyUkpTQVAtWS1IVEJE&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyUkpTQVAtWS1IVEJE&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyUkpTQVAtWS1IVEJE&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
pixel
cm.g.doubleclick.net/ Frame 013D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmU1YWU3MzA0Nzc4NWYzOTY2ZWMwYTg1ODc1NGFhMDVkMGRlNWNiOA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmU1YWU3MzA0Nzc4NWYzOTY2ZWMwYTg1ODc1NGFhMDVkMGRlNWNiOA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmU1YWU3MzA0Nzc4NWYzOTY2ZWMwYTg1ODc1NGFhMDVkMGRlNWNiOA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 013D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=&expires=30
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 013D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/B742MQfAyK5SbqQ9KoCOFw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0ZiZ1ctE2oL2mb8YzrOH..AiGJik1x5YHluVgw--~A
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0ZiZ1ctE2oL2mb8YzrOH..AiGJik1x5YHluVgw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0ZiZ1ctE2oL2mb8YzrOH..AiGJik1x5YHluVgw--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 013D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2RJSAP-Y-HTBD
0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2RJSAP-Y-HTBD
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: C627580EA7954E3EB033A7F70153782D Ref B: YMQ01EDGE0514 Ref C: 2023-04-30T01:59:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6hA1/w2g5yhmnpPpI9w==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2RJSAP-Y-HTBD
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
usersync.gumgum.com/ Frame 148E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1---&khaos=LH2RJSAP-Y-HTBD
  • https://usersync.gumgum.com/usersync?b=mag&i=LH2RJSAP-Y-HTBD&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LH2RJSAP-Y-HTBD&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LH2RJSAP-Y-HTBD&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
4fcfdeb16960736439e92abb37ae793a.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/4fcfdeb16960736439e92abb37ae793a.jpg
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
684fd99df9c567ebe9cbcd5ef11f18b9a1ef3cec1cb141cd8f80e2cb9398eee3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-fastly;mitm=po;dur=552;cpu=0;start=2023-04-10T18:44:13.690Z;desc=miss,rtt;dur=0,cloudinary;dur=547;start=2023-04-10T18:44:13.691Z,cld-id;desc=d701d285373980fe11d497b659884d19
content-length
5916
x-request-id
d701d285373980fe11d497b659884d19
last-modified
Mon, 10 Apr 2023 18:44:15 GMT
server
Cloudinary
etag
"b3ebb803d9705b48173d59ef5e6ceab4"
x-hw
1682819952.cds229.dc2.hn,1682819952.cds179.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
643797eb2eb661-22506864.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/643797eb2eb661-22506864.jpg
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
34cda84dad1a5c0f8b20efaa771574fc356702ac4fcf84d64d2b0ff019dab334
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Fri, 14 Apr 2023 21:14:11 GMT
server
Cloudinary
etag
"48dc61b6fd5fab675f079c81d40717a3"
x-hw
1682819952.cds229.dc2.hn,1682819952.cds052.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
cld-fastly;mitm=po;dur=2;cpu=1;start=2023-04-14T21:14:22.144Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
5854
642bd704420428-06228920.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/642bd704420428-06228920.jpg
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
ce66a47f00949cdecc0cd1a56a0157672bdaee73745826dfa90b30e3f4aa6533
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 04 Apr 2023 12:48:12 GMT
server
Cloudinary
etag
"dfe1f9f16e5e7e89d6c00836d9c7cc1a"
x-hw
1682819952.cds229.dc2.hn,1682819952.cds192.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
cld-fastly;mitm=o;dur=21;cpu=0;start=2023-04-04T12:49:50.722Z;desc=miss,rtt;dur=0,cloudinary;dur=17;start=2023-04-04T12:49:50.724Z
accept-ranges
bytes
timing-allow-origin
*
content-length
7001
5f4e814e405f20-38321495.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/5f4e814e405f20-38321495.jpg
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
75c3bb778289d34347b05d95eafcad22c97fb6637a2da8e5f60af9368ee0ee2b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 11 Nov 2021 17:40:17 GMT
server
Cloudinary
etag
"00137c2ccd48732d5b359545a8d44c8c"
x-hw
1682819952.cds229.dc2.hn,1682819952.cds238.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=2;cpu=0;start=2023-02-13T14:43:23.439Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
10171
7c65cfc24ef9c90a3611384fe37a91c7.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/7c65cfc24ef9c90a3611384fe37a91c7.jpeg
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
ab02b10d61319e5aa403d4eb344b08e3214ec79d6771354fdcbb3019d4ebb6a7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=38;start=2023-04-22T09:17:55.477Z;desc=miss,rtt;dur=1;cloudinary;dur=16;start=2023-04-22T09:17:55.500Z
content-length
6119
last-modified
Sat, 22 Apr 2023 09:13:56 GMT
server
cloudflare
etag
"b385f280b3288ec898b6e3ca0ed8c42e"
x-hw
1682819952.cds229.dc2.hn,1682819952.cds175.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
cf-ray
7bbcc6c5ba02586c-IAD
timing-allow-origin
*
6446447351ef71-22811278.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/6446447351ef71-22811278.jpg
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
10d55f3972f0a7442b192affcf4f2ef10683974f58ae5dc9c87778c0ced9b248
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 24 Apr 2023 17:44:49 GMT
server
Cloudinary
etag
"780e6eddedff015a3092854832e03e37"
x-hw
1682819952.cds229.dc2.hn,1682819952.cds084.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
cld-fastly;mitm=po;dur=2;cpu=0;start=2023-04-24T17:45:40.997Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
5276
b221cedc04f6f14bbbbd6cee14c4c7af.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/b221cedc04f6f14bbbbd6cee14c4c7af.jpg
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
e5fefbe5c2b3a0676ec677ab6e4786b5de0260099b534082e07369c685f282d7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 28 Feb 2023 16:46:37 GMT
server
Cloudinary
etag
"5839b3799b6fbf63294092d00780b121"
x-hw
1682819952.cds229.dc2.hn,1682819952.cds181.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=18;cpu=0;start=2023-02-28T16:47:11.321Z;desc=miss,rtt;dur=0,cloudinary;dur=14;start=2023-02-28T16:47:11.319Z
accept-ranges
bytes
timing-allow-origin
*
content-length
10722
5ec6141388ea54-17535110.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/5ec6141388ea54-17535110.jpg
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
db00fcc4ea84dfcefe111e54a67078b49acb85b44e59ff46abe4a9b110e3fdbe
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Fri, 10 Jun 2022 15:57:19 GMT
server
Cloudinary
etag
"11b0d01f8e813f8a5cbeb601252b71c9"
x-hw
1682819952.cds229.dc2.hn,1682819952.cds243.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
cld-fastly;mitm=po;dur=2;cpu=1;start=2023-04-27T16:14:29.601Z;desc=hit,rtt;dur=7
accept-ranges
bytes
timing-allow-origin
*
content-length
5273
ef19aadae1e17a5aca5be3bd6d58d08d.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ef19aadae1e17a5aca5be3bd6d58d08d.png
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
0db6b9ae552c1cba8fa9c49d2639e8d62525bfe2a4d3a63804cab0df107b0ee2
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 11 Nov 2021 17:39:24 GMT
server
Cloudinary
etag
"054d91681e253b9adcb3236de9b50a54"
x-hw
1682819952.cds229.dc2.hn,1682819952.cds174.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=2;cpu=1;start=2022-07-19T22:26:20.529Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
5530
15758010940063837386.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15758010940063837386.jpg
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
b62d4ef790bf4c653cefa6bb1c655a2b47a716f629cb1fdefd52c800387aeb09
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Fri, 04 Nov 2022 11:05:54 GMT
server
Cloudinary
etag
"5f469514b8aac58401cd50414a1cd12c"
x-hw
1682819952.cds229.dc2.hn,1682819952.cds219.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=2;cpu=0;start=2023-02-18T20:00:29.594Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
6871
607d85a1dbf0d0-18252641.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/607d85a1dbf0d0-18252641.jpg
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
a6e07260fcbdecc8faa8944bcd02a1135ff6050ecb806a29a129b1cebc201803
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Wed, 08 Mar 2023 15:45:54 GMT
server
Cloudinary
etag
"7aa931a8e6150f7ec0395439ed7c8eae"
x-hw
1682819952.cds229.dc2.hn,1682819952.cds185.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
cld-fastly;mitm=po;dur=23;cpu=1;start=2023-04-12T10:42:59.921Z;desc=miss,rtt;dur=0,cloudinary;dur=19;start=2023-04-12T10:42:59.922Z
accept-ranges
bytes
timing-allow-origin
*
content-length
8143
15325530070980734337.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15325530070980734337.jpg
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Cloudinary /
Resource Hash
47bb94fe059f61b77d91dacf179c1495ad3bb442df65b776e50fdba41342c6b2
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 11 Nov 2021 17:39:08 GMT
server
Cloudinary
etag
"6ee8798297a52bd0f9fa11b1b77d3451"
x-hw
1682819952.cds229.dc2.hn,1682819952.cds056.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=75;cpu=0;start=2022-06-16T06:29:37.205Z;desc=miss,rtt;dur=1,cloudinary;dur=70;start=2022-06-16T06:29:37.207Z
accept-ranges
bytes
timing-allow-origin
*
content-length
10961
jot
www.civicscience.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/jot?j=587156601.784205582&n=2&s=poll&t=templates&d=%7B%22target%22%3A4655%2C%22natures%22%3A%5B%22ui-classic%22%2C%22ui-iframe%22%2C%22compliance-first%22%5D%2C%22instance%22%3A%22civsci-id-233280733%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A243%2C%22cy%22%3A2549%2C%22comp%22%3Afalse%2C%22st%22%3A%22EVPP%22%2C%22stg%22%3A%22EVPP%3BEVVP%22%2C%22session%22%3A%229a4892b0-e6fa-11ed-9dfd-09de8923458b%22%2C%22locale%22%3A%22en%22%2C%22alias%22%3A%22cookie%2F763d77a4e388fc2cdbc4aac09316f96e%22%7D
Requested by
Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js?ver=1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.40.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-40-122.compute-1.amazonaws.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
last-modified
Fri, 30 Aug 2019 14:44:32 GMT
server
Apache/2.4.39 (Amazon)
accept-ranges
bytes
etag
"0-59156a8fe3400"
content-length
0
content-type
text/plain; charset=UTF-8
csw.5.4.1.css
cdn.civicscience.com/jspoll/5/ Frame 715E 		89 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.civicscience.com/jspoll/5/csw.5.4.1.css?pv=5.4.1
Requested by
Host: cdn.civicscience.com
URL: https://cdn.civicscience.com/jspoll/5/csw-frame.5.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:4400:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b53f4461d5cca6c84559fd143366aeef0a5d816ccbab23085f0167433ca67070

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 08:03:07 GMT
content-encoding
gzip
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 17:59:16 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
64565
etag
W/"30cc35c7062644c559560424ec326092"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
cXe3mrUKvgdoNrPHpejBzfRMVgHJnkjDe4GG0rmP17kd6dyiD0KsVw==
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame FDA9 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 30 Apr 2023 01:59:12 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4573-YYZ
x-timer
S1682819953.579061,VS0,VE21
Pug
image2.pubmatic.com/AdServer/ Frame 6F93
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978758886832913290
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978758886832913290
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 01:59:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 30 Apr 2023 01:59:12 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978758886832913290
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
dcm
s.amazon-adsystem.com/ Frame 290A 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 01:59:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
P59XNM05GZ7NKBZHKNP1
Pug
image2.pubmatic.com/AdServer/ Frame 84A1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEcUdFN0ltNWNBQUNIemFNeWZndw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADqGE7Im5cAACHzaMyfgw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADqGE7Im5cAACHzaMyfgw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADqGE7Im5cAACHzaMyfgw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADqGE7Im5cAACHzaMyfgw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=7045590474520975260&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADqGE7Im5cAACHzaMyfgw&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADqGE7Im5cAACHzaMyfgw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 01:59:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 30 Apr 2023 01:59:13 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADqGE7Im5cAACHzaMyfgw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
usersync
usersync.gumgum.com/ Frame 741C 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 30 Apr 2023 01:59:12 GMT
Expires
0
Pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9AED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gvnFdT6OSEKNt06_o_oEPg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=113609
accept-ranges
bytes
content-length
5554
expires
Mon, 01 May 2023 09:32:41 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 9AED
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=13a54d7e-5d29-48ca-b783-eece86e1ae12%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&ttd_puid=13a54d7e-5d29-48ca-b783-eece86e1ae12%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&ttd_puid=13a54d7e-5d29-48ca-b783-eece86e1ae12%2C%2C
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&ttd_puid=13a54d7e-5d29-48ca-b783-eece86e1ae12%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
xuid
eb2.3lift.com/ Frame 9AED 		37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 01:59:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame 9AED
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&vxii_pid=12&vxii_pid1=10067&vxii_rcid=9e28f1eb-c040-4591-ae21-d619b7634fa4
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&vxii_pid=12&vxii_pid1=10067&vxii_rcid=9e28f1eb-c040-4591-ae21-d619b7634fa4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
18.211.206.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-206-98.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sun, 30 Apr 2023 01:59:12 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&vxii_pid=12&vxii_pid1=10067&vxii_rcid=9e28f1eb-c040-4591-ae21-d619b7634fa4
date
Sun, 30 Apr 2023 01:59:12 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 9AED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKGC2rQuH7xWSQLdMUuHESw&google_cver=1
42 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKGC2rQuH7xWSQLdMUuHESw&google_cver=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 01:59:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKGC2rQuH7xWSQLdMUuHESw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9AED
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:97F0F40EA0184676AC35881C57F6BA1C
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:97F0F40EA0184676AC35881C57F6BA1C
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 01:59:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:97F0F40EA0184676AC35881C57F6BA1C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 01:59:12 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9AED
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4114394166873606790&gdpr=0&gdpr_consent=&us_privacy=
1 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4114394166873606790&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 01:59:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4114394166873606790&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 9AED
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 01:59:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 9AED
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-tAOxJKZE2uXHv2bDnT1Cf6UnS0EbStE-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-tAOxJKZE2uXHv2bDnT1Cf6UnS0EbStE-~A&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-tAOxJKZE2uXHv2bDnT1Cf6UnS0EbStE-~A&gdpr=0
date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
82F9C575-3E8E-4842-8DB7-4EBFA3FA043E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9AED 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/82F9C575-3E8E-4842-8DB7-4EBFA3FA043E?gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:4fe1:ac42:6a21:1cf9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
page-view
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.210.106.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-106-198.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.newsnationnow.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 01:59:12 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.210.106.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-106-198.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.newsnationnow.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 01:59:12 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
page-view
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.210.106.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-106-198.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
*
date
Sun, 30 Apr 2023 01:59:12 GMT
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.210.106.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-106-198.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
*
date
Sun, 30 Apr 2023 01:59:12 GMT
x-envoy-upstream-service-time
12
server
envoy
vary
Origin
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2011
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7bfc2f205daa7133-YUL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 30 May 2023 01:59:12 GMT
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 01 May 2023 01:59:12 GMT
csw-widget.5.4.1.js
cdn.civicscience.com/jspoll/5/ 		75 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.civicscience.com/jspoll/5/csw-widget.5.4.1.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:4400:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d6b3842f44363f04ef80e8af5baff7f0b06d0b75beed3167cc1060340b2dcff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 13:50:08 GMT
content-encoding
gzip
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 17:59:16 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
43744
etag
W/"17bec68834753baeb6b392dfc3f65a69"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
MOsWx2qFn1Pzt45pyWq3ImNXeF3m7tcsqx_EXotHodcSIL-Qq8aHkA==
container.html
5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BB0A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsnationnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 01:59:12 GMT
expires
Mon, 29 Apr 2024 01:59:12 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dvtp_src.js
cdn.doubleverify.com/ Frame 0F7C 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=24193518&sid=6080257&plc=273620345&num=&adid=&advid=2276943&adsrv=1&btreg=551030907&btadsrv=doubleclick&crt=171932880&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7699 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ce414b16f3de2473752de60c5f061794d0c15b793b41c6feb2340cdb89e46772

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 01:59:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Apr 2023 11:50:49 GMT
Server
Microsoft-IIS/10.0
ETag
"80f27682fe78d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3372
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0F7C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 19:59:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0F7C 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 01:59:13 GMT
2692147425811226566
s0.2mdn.net/simgad/ Frame 0F7C 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2692147425811226566?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qnGujqMX_XuQjrDXTTkfda9w_3qEg
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b45b13290613afe888b1b76c76f394b039a5567d7014cca194a8c5a7e62f00b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 16:39:40 GMT
x-content-type-options
nosniff
age
33573
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106512
x-xss-protection
0
last-modified
Mon, 16 May 2022 16:38:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 16:39:40 GMT
31b9b552-f32e-4036-8364-726eb992b71d.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame B319 		78 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/31b9b552-f32e-4036-8364-726eb992b71d.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:c600:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46a42eb0c6a78703cc40c76b693f310ab295e7ebdcc218e88648b2bf5da5dd32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
8PeSfQ7PYRrqU0Xe4PCnZgjVvBLr3QmS
content-encoding
gzip
via
1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 01:11:30 GMT
last-modified
Wed, 08 Mar 2023 15:57:39 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
2876
x-amz-server-side-encryption
AES256
etag
W/"7aa964481cde56d3b30d0d17b0fd3886"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
VdVFmMBHrXCIUphoBdaLFhXcpQngw9gEaygQMC1xTa_Vh33tUMrM6w==
view
googleads4.g.doubleclick.net/pcs/ Frame B319 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtgwGR_uc8N6exJw5a3M22H7vCbBqFWOJx8rFUlQJZZvPe8pdYtPHAIES5UWwybY-R5X8i6uU3Q2t5vWzQ1C2B9XppnNs6X1lfbp36WvAtYLYTPqOBSxGdOrOoc0OBVt3bwXFo--ENtkOGSrd0zqLUulBZsagmGKc8uxqsPyVg-V3J5ZPo5IrZX1oCVVc-c-HEx6WVwkDS63ODc79yIQ3bKvwf7_edKE57JrmcE_8rjk81-T7X0bYtYapR5lMFqQl22sYSskPx2ezP26E-hEqJqP4GN-QF5hoVNOImQQx99VKhXrJ4lG_Qj2hkPQpxjn0H0CnJ9F71f_PqEfc0rGCB3ymt2Qnqk91slpa-TRAjXQq76F_YVOtDAXpiwTAzpVUr6J1Xlq7bSQEMBAriXIyVVSioh-g&sai=AMfl-YRQABALwypAXhxOObS6UJ47PSrTQAjkzYdwhcAgU8TyCfoBFem-ZewWhGZnarUFZQ4X8aVP5tcYE0L89fVkdm2DR35xyammjQFVcChv4oYVFW6X7M_sHrdI8ZfBuqKMIhTPC6B4c8NgYg7sadA6QQ&sig=Cg0ArKJSzPUKM_KNqFcMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dvtp_src.js
cdn.doubleverify.com/ Frame B319 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=24193518&sid=6080257&plc=273620345&num=&adid=&advid=2276943&adsrv=1&btreg=551030907&btadsrv=doubleclick&crt=115557430&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7699 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ce414b16f3de2473752de60c5f061794d0c15b793b41c6feb2340cdb89e46772

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 01:59:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Apr 2023 11:50:49 GMT
Server
Microsoft-IIS/10.0
ETag
"80f27682fe78d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3372
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B319 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 19:59:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B319 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 01:59:13 GMT
7278461310503373674
s0.2mdn.net/simgad/ Frame B319 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7278461310503373674
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17f1e4b00cad0185f45ea17a2caa736847695f01617bb2ddfeb7e498b27e5c83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70142
x-xss-protection
0
last-modified
Tue, 25 Aug 2020 10:22:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Apr 2024 01:59:13 GMT
31b9b552-f32e-4036-8364-726eb992b71d.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 8746 		78 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/31b9b552-f32e-4036-8364-726eb992b71d.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:c600:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46a42eb0c6a78703cc40c76b693f310ab295e7ebdcc218e88648b2bf5da5dd32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
8PeSfQ7PYRrqU0Xe4PCnZgjVvBLr3QmS
content-encoding
gzip
via
1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 01:11:30 GMT
last-modified
Wed, 08 Mar 2023 15:57:39 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
2876
x-amz-server-side-encryption
AES256
etag
W/"7aa964481cde56d3b30d0d17b0fd3886"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
rh39h-aMoytFnKifMEYB8OgE_ge5O7hFf-9vH4KM-aRKxbxt5NZ0gA==
view
securepubads.g.doubleclick.net/pcs/ Frame 8746 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQMdwT_MkPgQQzp8tB59gUOUB7HJhfkLwetKk2aaIO4YCU0oXaSjBPqclcmv7VwMceOm4awYU42gP1kIR_Ydmby1t0US8HmRXXlLE52ykzTJMofwOeMv1F4s1C43bIJETTtDGD9II2RMlwiWIuIh0Ib---acEjiQ-_oYMH1mtxrhno25laY4m110yEspu5mhU7rVNUykjBM54WblchFhq44zIZDPBbsTfZG7WzxRZhIWm6uOd91Krek7s_lIW3naTq_SGz8YhOcnRNH72GiSpuXbzPXahr_I5Aosl5d_QIXk6atOg7HaFNhj1DQqWUlbUXu_16_dYYKjwcJhgrTIM&sai=AMfl-YRfxpLFd68xq0a7HOp4FILh1vga4hWpox2YHABqRHX3_r90VEeBFgD00Ni8stDg8oVWWz2d0trEV65VbF-VZfHGIHzfI7qwsngdF2E0RfWDZXzUhgxeQlqmEh97_m4BECPmboBxnWDCbl1hEhiKCA&sig=Cg0ArKJSzIBZXlmFA8PIEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 8746 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
21611
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:59:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8746 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 01:59:13 GMT
13350076529443236599
tpc.googlesyndication.com/simgad/ Frame 8746 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13350076529443236599
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
215d273b9d2315f35c56a6d6890f4d09e7a8c4bdb284947fec2e79bb2df23a7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 11:14:31 GMT
x-content-type-options
nosniff
age
53082
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30696
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 13:31:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Apr 2024 11:14:31 GMT
l
www.google.com/ads/measurement/ Frame 8746 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbRIF02rqIzAUtofMbcZ1oC4zOYL4E02RsV-xgKPzoWpRR4juWHuvX_QvPG2Wi9q_xJUwnLM8f2icLlKy2xi-XKZHI7Q
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
container.html
5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B2DC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsnationnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 01:59:12 GMT
expires
Mon, 29 Apr 2024 01:59:12 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
t
api.segment.io/v1/ 		21 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ombTFgzuMyzShBegBMRNK25zHRqm1YzP/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.110.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-110-192.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsnationnow.com
date
Sun, 30 Apr 2023 01:59:13 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
truncated
/ Frame 8746 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08d135c718c4e974d5994c2085e868daa3a531b43dacdbde7ac609075de54566

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 01 May 2023 01:59:13 GMT
31b9b552-f32e-4036-8364-726eb992b71d.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame BB0A 		78 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/31b9b552-f32e-4036-8364-726eb992b71d.js
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:c600:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46a42eb0c6a78703cc40c76b693f310ab295e7ebdcc218e88648b2bf5da5dd32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
8PeSfQ7PYRrqU0Xe4PCnZgjVvBLr3QmS
content-encoding
gzip
via
1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 01:11:30 GMT
last-modified
Wed, 08 Mar 2023 15:57:39 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
2876
x-amz-server-side-encryption
AES256
etag
W/"7aa964481cde56d3b30d0d17b0fd3886"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
H5i3fJxOpbT_llsPT2ylXFjvwVLq6ngowf_SYYkgpMFGW5VbqQa1Dw==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 58F8 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGOLwktsBMAE&v=APEucNX4PeaJB6TtAXtR1Q75HUgk8VarypxDpFpDWwqukB-qhynA9fRo9PIGRGy3bPSTr_rDpnu9Vhxm55Tu4wqQu0kemCR-fg
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 01:59:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame BB0A 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 01:59:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB0A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bbfcm-Fz2E4zvvaQoj5XXhdYX9qpzNfWy33pssFHwtET_zB-dnZRqbyF1KhsiIzUyBq8YIKJTnUbcpcVGIZOvkujzZGRKAsg04OwaB3klRVQsC20A
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB0A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12238816960506731622&x=1&ct=76
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame BB0A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
21611
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:59:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame BB0A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
21611
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:59:02 GMT
l
www.google.com/ads/measurement/ Frame BB0A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqLoVmlp_WpG5nZrRYMmzMGuSLl1CMaWKEwlVYXV1064sSO8m9VtBJIyPAw8VDMSOKxq5co7c61PZtuR3UQO-S7RyubQ
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BB0A 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 01:59:13 GMT
pixel
protected-by.clarium.io/ Frame BB0A 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_WTJObjhKbWlBWThIcG5GNHNsNW43SjcxamFJLzE4NDA0NDU4Mjo3Mjh4OTA=&v=5&s=v31gv7u5cjb&id=eyJkZnAiOnsiYWQiOjE1NTk5MzgyLCJjIjpudWxsLCJsIjowLCJvIjoxODQwNDQ1ODIsIkEiOiIvNTY3OC9ueC5uZXdzbmF0aW9uL2J1c2luZXNzL3RlY2giLCJ5Ijo5MzUyNCwiY28iOjAsInMiOiJhY20tYWQtdGFnLWJpbGxib2FyZDEtYmlsbGJvYXJkMSJ9LCJ0cF9jcmlkIjpudWxsfQ%3D%3D&cb=1259829&h=www.newsnationnow.com&d=eyJ3aCI6IldUSk9iamhLYldsQldUaEljRzVHTkhOc05XNDNTamN4YW1GSkx6RTROREEwTkRVNE1qbzNNamg0T1RBPSIsIndkIjp7Im8iOjE4NDA0NDU4MiwidyI6IjcyOCIsImgiOiI5MCJ9LCJ3ciI6Mn0=
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.68.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-68-96.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
31b9b552-f32e-4036-8364-726eb992b71d.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame B2DC 		78 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/31b9b552-f32e-4036-8364-726eb992b71d.js
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:c600:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46a42eb0c6a78703cc40c76b693f310ab295e7ebdcc218e88648b2bf5da5dd32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
8PeSfQ7PYRrqU0Xe4PCnZgjVvBLr3QmS
content-encoding
gzip
via
1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 01:11:30 GMT
last-modified
Wed, 08 Mar 2023 15:57:39 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
2876
x-amz-server-side-encryption
AES256
etag
W/"7aa964481cde56d3b30d0d17b0fd3886"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, public
x-amz-cf-id
0ch6XQzIcOP5PvoCxRK99DJBGjyep_ebp35J0IHdW-G51VpwZ1L44A==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5BF1 		640 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGOLwktsBMAE&v=APEucNUgD3KLUeBAy03qdL1optYlarqFdgZcbpT3a9pBYkalGHycUcCRl8n1ZanNU03pzYYH5KZB8rgoW5UBeDfPHxZmym2Gkg
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 01:59:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B2DC 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 01:59:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2DC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AvUcykVZfW4ixITQiB74cjnN8budvyVizPutBuIenZDxUHRs7Yc_7XrUXUKxn1QSS56EZU7nJXfDP0up-JlIh0VTuUVrVZsF31DTEDIjBaYRLsGH0
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2DC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11868178320541994182&x=1&ct=76
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame B2DC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
21611
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:59:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame B2DC 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
21611
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:59:02 GMT
l
www.google.com/ads/measurement/ Frame B2DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR54S70t9OPxZeUpIc9DLCtmn3magW59Tu_V0fDWZxEpU-cDl89GSbP7MMiTq-XL8R32rYy7Mr_FQhZAiD8YBaAHiR6rw
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B2DC 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 01:59:13 GMT
pixel
protected-by.clarium.io/ Frame B2DC 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_WTJObjhKbWlBWThIcG5GNHNsNW43SjcxamFJLzE4NDA0NDU4Mjo3Mjh4OTA=&v=5&s=v31gv7u5cm8&id=eyJkZnAiOnsiYWQiOjE1NTk5MzgyLCJjIjpudWxsLCJsIjowLCJvIjoxODQwNDQ1ODIsIkEiOiIvNTY3OC9ueC5uZXdzbmF0aW9uL2J1c2luZXNzL3RlY2giLCJ5Ijo5MzUyNCwiY28iOjAsInMiOiJhY20tYWQtdGFnLWFkaGVzaW9uLWFkaGVzaW9uIn0sInRwX2NyaWQiOm51bGx9&cb=4049707&h=www.newsnationnow.com&d=eyJ3aCI6IldUSk9iamhLYldsQldUaEljRzVHTkhOc05XNDNTamN4YW1GSkx6RTROREEwTkRVNE1qbzNNamg0T1RBPSIsIndkIjp7Im8iOjE4NDA0NDU4MiwidyI6IjcyOCIsImgiOiI5MCJ9LCJ3ciI6Mn0=
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.68.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-68-96.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
gn
secure-dcr.imrworldwide.com/cgi-bin/ 		44 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=us-400338&ch=us-400338_c124_tech_S&asn=tech&fp_id=fursut4egfyaaxkpdcnpxq7jdwbu31682819951&fp_cr_tm=1682819951063&fp_acc_tm=1682819951063&fp_emm_tm=1682819951063&ve_id=&sessionId=zsb6z8kidk8m38ei3c29ryfmhjszj1682819951&prv=1&c6=vc,c124&ca=NA&c13=asid,P41DFFBE3-BFE6-4E87-A645-785182813A6E&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,rhkr7zjmqrlbksymk1cf2ynkckguu1682819951&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16828199510579022&c30=bldv,6.0.0.662&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1548892&c3=st,c&c64=starttm,1682819952&adid=1548892&c58=isLive,false&c59=sesid,&c61=createtm,1682819952&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&c66=mediaurl,&sdd=&c62=sendTime,1682819952&rnd=710704
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.156.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-156-14.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
gn
global.imrworldwide.com/cgi-bin/ 		35 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.imrworldwide.com/cgi-bin/gn?prd=metadata&c9=devid,&c13=asid,P41DFFBE3-BFE6-4E87-A645-785182813A6E&sessionId=zsb6z8kidk8m38ei3c29ryfmhjszj1682819951&c30=bldv,6.0.0.662&pgUrl=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&pgTitle=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20%7C%20NewsNation&uoo=
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.237.215.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-237-215-27.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
strict-transport-security
max-age=31536000
max-age
0
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
35
expires
0
31b9b552-f32e-4036-8364-726eb992b71d
analyticssystems.net/api/v2/ad/impression/ Frame B319 		0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/31b9b552-f32e-4036-8364-726eb992b71d?rand=384160
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93JEk%2FowckAQPIYIg8wwCt1W4bHe4pzVPd5npziFq1m4hmPCNGr5XJ3r4q3%2FMlw5qNUkKZ%2F1X%2BayvfJ5X5amlffIfJwF6Q0qrpynoBPLAKkYdFzFJJyKN06oXobZNmf75Ws75B%2BSCx%2B%2BSMb2KFULq%2FZEWg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
7bfc2f24fc9a18ea-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
F1qT1Oqgdt1yEs0ohOjx
31b9b552-f32e-4036-8364-726eb992b71d
analyticssystems.net/api/v2/ad/impression/ Frame 8746 		0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/31b9b552-f32e-4036-8364-726eb992b71d?rand=718793
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oG%2F4hWcWYPuDVMmK60mKtxr8zo9%2F53n7gri5PorM4L8IzxSX5LZb5jiRT8WrktbgcCxnkfJU7FSqjKcQGdc4BNs5b1V%2BIsThl3ZL7rbsSbO3SN4dqk3LgGwroREkywdI0aohwZ8kehDsXXxza95xnGB85Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
7bfc2f250c9f18ea-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
F1qT1Or0N_QTykUMIsXi
dv-measurements3735.js
cdn.doubleverify.com/ Frame 8164 		532 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3735.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7699 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
db3f413c23f123adf2a59f1123bb56c194ad8485ba790b7387faf1f186f5bdd6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 01:59:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Apr 2023 09:47:49 GMT
Server
Microsoft-IIS/10.0
ETag
"8050a453ed78d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102728
rum
dsum-sec.casalemedia.com/ Frame 58F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuKuqkVOZXV-X3tO49Ukic&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuKuqkVOZXV-X3tO49Ukic&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGOLwktsBMAE&v=APEucNX4PeaJB6TtAXtR1Q75HUgk8VarypxDpFpDWwqukB-qhynA9fRo9PIGRGy3bPSTr_rDpnu9Vhxm55Tu4wqQu0kemCR-fg
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuKuqkVOZXV-X3tO49Ukic&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 58F8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE3LbwC4IvwXl.4YHEnopgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuKuqkVOZXV-X3tO49Ukic&google_cver=1&google_hm=2
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuKuqkVOZXV-X3tO49Ukic&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGOLwktsBMAE&v=APEucNX4PeaJB6TtAXtR1Q75HUgk8VarypxDpFpDWwqukB-qhynA9fRo9PIGRGy3bPSTr_rDpnu9Vhxm55Tu4wqQu0kemCR-fg
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuKuqkVOZXV-X3tO49Ukic&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 58F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOUielAX-DN3R10e4rIPu0A&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOUielAX-DN3R10e4rIPu0A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGOLwktsBMAE&v=APEucNX4PeaJB6TtAXtR1Q75HUgk8VarypxDpFpDWwqukB-qhynA9fRo9PIGRGy3bPSTr_rDpnu9Vhxm55Tu4wqQu0kemCR-fg
Protocol
HTTP/1.1
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:13 GMT
AN-X-Request-Uuid
cf795557-1f92-4078-b802-c41580b9fbe6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOUielAX-DN3R10e4rIPu0A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 58F8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgwNjIwMTcxNTg4ODEyNDA2MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgwNjIwMTcxNTg4ODEyNDA2MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGOLwktsBMAE&v=APEucNX4PeaJB6TtAXtR1Q75HUgk8VarypxDpFpDWwqukB-qhynA9fRo9PIGRGy3bPSTr_rDpnu9Vhxm55Tu4wqQu0kemCR-fg
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 01:59:13 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
538880f0-014e-4044-aed7-3694fe561047
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgwNjIwMTcxNTg4ODEyNDA2MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vendors~csw-vendor-dompurify.5.4.1.js
cdn.civicscience.com/jspoll/5/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.civicscience.com/jspoll/5/vendors~csw-vendor-dompurify.5.4.1.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:4400:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3dd4120634d5432a98d8a0640210f5ec0b9de68b76767b35bcbcfc7502213cec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 08:03:08 GMT
content-encoding
gzip
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 17:59:17 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
64566
etag
W/"2f7eb6ffe544fa0ef9cda19c4dc42e25"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
zcMYdPYMpHs6kAlt6gEvgDUsAOag9LmPNT9n5JoeOtu3RG5E4hFK3g==
csw-vendor-webfontloader.5.4.1.js
cdn.civicscience.com/jspoll/5/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.civicscience.com/jspoll/5/csw-vendor-webfontloader.5.4.1.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:4400:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48c765a6456a49a85f123b9ff35da8300c3b2c7ba53f87ca3ff94af611448dd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 00:06:23 GMT
content-encoding
gzip
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 17:59:16 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
6771
etag
W/"0fc33b03dadeb36750dc5f27abc2835c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
wZFlmeJkIDk_lMHK9cWm_g7V9qNFCJy20jr9eg_TV2UDEBMy2vSjiw==
sd
us-u.openx.net/w/1.0/ Frame 5BF1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAPWdf3Rlu6tvJ5vynSHzgk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAPWdf3Rlu6tvJ5vynSHzgk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGOLwktsBMAE&v=APEucNUgD3KLUeBAy03qdL1optYlarqFdgZcbpT3a9pBYkalGHycUcCRl8n1ZanNU03pzYYH5KZB8rgoW5UBeDfPHxZmym2Gkg
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAPWdf3Rlu6tvJ5vynSHzgk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5BF1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg3ODhkODMtNDE2OC02YWFkLTUxNzktOWZjYzlmMzQwMmFm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg3ODhkODMtNDE2OC02YWFkLTUxNzktOWZjYzlmMzQwMmFm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGOLwktsBMAE&v=APEucNUgD3KLUeBAy03qdL1optYlarqFdgZcbpT3a9pBYkalGHycUcCRl8n1ZanNU03pzYYH5KZB8rgoW5UBeDfPHxZmym2Gkg
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 01:59:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg3ODhkODMtNDE2OC02YWFkLTUxNzktOWZjYzlmMzQwMmFm
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame 5BF1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEP5BMkeK3dm1j6Myu76G7C8&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEP5BMkeK3dm1j6Myu76G7C8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGOLwktsBMAE&v=APEucNUgD3KLUeBAy03qdL1optYlarqFdgZcbpT3a9pBYkalGHycUcCRl8n1ZanNU03pzYYH5KZB8rgoW5UBeDfPHxZmym2Gkg
Protocol
H2
Server
23.216.151.62 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-151-62.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Sun, 30 Apr 2023 01:59:13 GMT
pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEP5BMkeK3dm1j6Myu76G7C8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5BF1
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzYzM2ZjZTQtZjAyMC00Mzk0LWEwOTYtNmQ2YjI5NDU2MWY0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzYzM2ZjZTQtZjAyMC00Mzk0LWEwOTYtNmQ2YjI5NDU2MWY0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGOLwktsBMAE&v=APEucNUgD3KLUeBAy03qdL1optYlarqFdgZcbpT3a9pBYkalGHycUcCRl8n1ZanNU03pzYYH5KZB8rgoW5UBeDfPHxZmym2Gkg
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzYzM2ZjZTQtZjAyMC00Mzk0LWEwOTYtNmQ2YjI5NDU2MWY0
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sun, 30 Apr 2023 01:59:13 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B319 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6jbHvD6hef-I0PGe-041VVMYZkZRCUDrw9Wx7D5x5whZKK519lukRxFLuCHnXzi9pgVj5olfgFnzzbeAOsFbCyos4Sqmza5PM-IDxK8_6OdygHJZxFOZSE6FRFwwMeC5KDb_OxqJX-lSROvanG1SAQbFHBe78HUpYjMfqIjo6BUWTNe1FfjuszUPtLOt2iwSntVETqRl9ifPYZCgC4AsY8iVctD01ux6oQ7WMpX-Wu1S9udaPRWFHQ2oxBNpY0Z77Yad5eeu7onK9W-JvKUr9rGkxUw6gLX4XyTFwuaZHna2cmi6xK-TMedxFkBU0eKrX413RMzPmLT4KrHATS1zp1Q&sai=AMfl-YREH00U9NXOdXeKt3OITm4rYNgDIffnvcSStuX--7tbIPlBNGJof8czS7AyZewTpLYrilpGA-TUNd76FnBmsSJ15lQ-l1UZwbgcJXkaTfHY6sbYteFZLgaegc_1XM4Q80QCmk4D5KUcyyPH3zW6KQ&sig=Cg0ArKJSzPzr932YyCg0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 01:59:13 GMT
bob_006.gif
bob.dmpxs.com/ Frame B319 		35 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bob.dmpxs.com/bob_006.gif?dfpid=5678&c_orderid=3137484177&c_lineid=6197481982&c_adunit=22457974010&c_adunithigh=22047084413&c_bannerid=138419757847&c_adsize=728x90&dcode=-1&imp_hash=1682819950099-617645&persistent_id=nxs-108-article-1548892&page_url=https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/&cb_hash=1682819953567-7080041383
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.43.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-43-162.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
x-powered-by
Express
truncated
/ Frame B319 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe77bcd801d64df511d0fa235355e285fdcb561ec5459191ecb6fc1bc457a836

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0F7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPkwYbElovujm6IBgclfxwG7edE9_Rsh-Irmeq1giuNBdkFzyzxDSwbl-x7W3H-U0XJnS-0z8ZQeVIXXi9L51gjjYXhD7YhSu1u_LOEQrhel5mqQO3HyK024qxQtjan0tviLwiFQ4qi7zMcOhjMC64A9l9zdk4tn9VYZYQSqDiq-gYUzWrU8bTsLtxf3wtov8y6LaxrxPL3z7afXAWW4yPDNiCECgcEXcgQWmuEFu0XmXNJKlR08LI9IxTc9UqH2nSIF2oVQIr3fyUbF36_TD-xgkf3YaEGWSajugASK0zuwhXak25k_5GKxXTgnwoRp5ZgK88iwO2DncNZmLd9_LU3w&sai=AMfl-YTipqZmitqTV9XOWMipDv3nfIgOJaZ_tjzIXCRxM0_iHRYsTW3PxgR1oSm9MQBQf09pLWfi15cUSqyt3v_hF68Z5mbufoC9_72EzYS7Pxsqz3DgHhwPFkzPw2nxuNoYUDPbr9zOcrSau85JOw7loQ&sig=Cg0ArKJSzKqhE5a_o_mCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 01:59:13 GMT
bob_006.gif
bob.dmpxs.com/ Frame 0F7C 		35 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bob.dmpxs.com/bob_006.gif?dfpid=5678&c_orderid=3137484177&c_lineid=6197481982&c_adunit=22457974010&c_adunithigh=22047084413&c_bannerid=138419757793&c_adsize=728x90&dcode=-1&imp_hash=1682819950099-617645&persistent_id=nxs-108-article-1548892&page_url=https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/&cb_hash=1682819953586-5283349152
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.43.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-43-162.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
x-powered-by
Express
truncated
/ Frame 0F7C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc5729fb244b5e3e3158dd78d6633ff7e48d1a200da8c870d645152d93548a4e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
0664f728-2acc-40ce-ae48-69018052c9f2
https://www.newsnationnow.com/ Frame B319 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.newsnationnow.com/0664f728-2acc-40ce-ae48-69018052c9f2
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame 8746 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukAqu37sGeyNVlVkC8pf62bnLDfE6La9TGN5TMeYpfDt10K6_6lG1fs1joZIACaIsWM_ZlQ0CkMV77_DVPMcY6j7GMnuqPUnWRHUQQQbV5tnCDlo8aHgRq4SiKHCGvllE2wVJTDMfedB92of2blvOlVGKxzEnCW_Lut2-hcKu9-hocOCTwnw2nQfjwdSMqMfd9kVMx9qTFCttieNEKkglfav3tmgHurvtXJ4Ij8ooC_lL_-yqEUMsUDdBdkBZWwaEzZ7r98zmPhBsOYzjKQP0MIX0Pcdpc5YhrRo94fw6M82ttz8e94nM5jkO6RBD0apcYRnna-sAsHQev_7aRPkDp9g&sai=AMfl-YS10kkTadMHFXlG9EeUKPriKUWrG71cPRURqSdWHb2h-I9x_FG0D4jYw078oRzUMYOvCYeVVNCxkPaiSSHRYbml9tvGWBCxMVUZqTcCmpagT2mFbsu04Hpt282Ip9SM2qEiybrmAR1fXwZJlsiTmg&sig=Cg0ArKJSzHQNWlzgDrMVEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 01:59:13 GMT
bob_006.gif
bob.dmpxs.com/ Frame 8746 		35 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bob.dmpxs.com/bob_006.gif?dfpid=5678&c_orderid=2971101524&c_lineid=5894853967&c_adunit=22457974010&c_adunithigh=22047084413&c_bannerid=138413368649&c_adsize=728x90&dcode=-1&imp_hash=1682819950099-617645&persistent_id=nxs-108-article-1548892&page_url=https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/&cb_hash=1682819953612-2814154859
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.43.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-43-162.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
x-powered-by
Express
24898d20-fb41-4bf0-99d7-4b096b3dbda5
https://www.newsnationnow.com/ Frame 8746 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.newsnationnow.com/24898d20-fb41-4bf0-99d7-4b096b3dbda5
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
dv-measurements3735.js
cdn.doubleverify.com/ Frame 06AF 		532 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3735.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7699 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
db3f413c23f123adf2a59f1123bb56c194ad8485ba790b7387faf1f186f5bdd6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 01:59:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Apr 2023 09:47:49 GMT
Server
Microsoft-IIS/10.0
ETag
"8050a453ed78d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102728
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 993F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsnationnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
21604
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 19:59:09 GMT
expires
Sun, 28 Apr 2024 19:59:09 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 08B8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsnationnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
21604
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 19:59:09 GMT
expires
Sun, 28 Apr 2024 19:59:09 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
31b9b552-f32e-4036-8364-726eb992b71d
analyticssystems.net/api/v2/ad/impression/ Frame BB0A 		0
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/31b9b552-f32e-4036-8364-726eb992b71d?rand=180645
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ef8Wz7cX7yxk4Te8926OdsS4WZQ4zhHEHgXlWOgfcckdywJ%2BIb31tOznXln%2FdyX9Lus8IByRQSyWR1bqFpXUxyLDslBWAHd9mF%2BHitmVgCuSrGqbtywj3T7msQho6DKU2it8E6CfnoeVS71S3naIskLAGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
7bfc2f26bb99184d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
F1qT1PtrBKLw3hA4H_2B
31b9b552-f32e-4036-8364-726eb992b71d
analyticssystems.net/api/v2/ad/impression/ Frame B2DC 		0
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/31b9b552-f32e-4036-8364-726eb992b71d?rand=827828
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SeTFMYks%2B444gMarugD18OoX17QCbSkF6f%2Ft3d0HDBDp1%2FKidXg6hWmiQ9vJS%2FIzi6R7rFACFCcOfCxxCRGgl31AftUW0T0Mv5jFq7apShkEMrFwMxF1OiK3iRM%2FL%2B7024U4SVWOZrUO%2FCyQy0KT18t3eg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
7bfc2f26dbc2184d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
F1qT1Pygza_XDDQrq_wR
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB0A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7532926420080&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB0A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7532926420080&version=m202301230201&ct=76&x=1&cor=12238816960506733000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame BB0A 		66 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0axpdZw1WbarLJJ-99_9NYjqtAgAoiTqlh35QVPn1wBak6b_g82rp6Nfolr8bENCtedIwJqzbm-qMei55JEVAbQfGMQ&cry=1&dbm_d=AKAmf-BeGgTuflWHSidgLp4j8Zf_yRiKXAm_QX_lJwRfGWfc6dRVhmmSKIUoM5WkHZ5TKxgjogEHpjXKTenmlrPEnd3lPm1RqCYpB8l4ej8J4RGQBdBZd5fGcFwLIwYaShV3HEtXKnS4VCfU92vUsoDUGlXSDJeiTA1udRgxNVqNyEAQbWE_lZf1T671MNRLW-Nz7wH6Zw30XOX73Nap4IgCcnY7oahdX2hF7hCHC8StVsdJ6RxORh9AwD6t0H_eGY76BXb6EOCSYgVJ7t7K46y1U4ajpl5ECogjQ7KxfTYCefrjfaV3d-Nzyd5fbjR56Lo_xVb0ccKmnZuQMG5DfXU-DnoYu9J1Y1wfAj2YNq2UuJ5eIBXEPJrf7KRFe-x-8AFqhBEeM2ztKPjYaWzX0lrd28lREAKaU6Yts627jehckWkIHnhmjHVq77btnxuQnuQYadRj2PbOVXHlCaP1CVF6WT69u64Rn1b1MVYb2VcnX9j91FOmsv6HhRd4zMTj4mcs7wmAbf37n_t_MFhK8JfIGM8oYaq4Wap1zcGQDBi6A8O4AM4mBigdgw9I4Yn3bTU2O_QkDhMpLwJJCkWSOTNkflS2WGxIkTFlAm2Y334BdbEeJTDdpEwbUIe6v5yVUN07U_MY8ETkzbiIUcLBEmf1gijvo6mIQ9dDe4mv8KT9ASkBTeTHt8DBGhPEmvrLCrrsjH8ZxfoiyDd96OzWh5vA-u2zS-DUj5D4XQvyaTV6AQh1ot9OWJfd8hGGFUdyt733vHNa2bdgU_2MZgnFfrSAVJ-ia2e9UFvHIpihQmyt6TP8qX4tHNldhYMKBhRCcJMkSo-4BMOqGLsZ6J-ByUSVcDHOVFn70GEGk67ND_K17p9Gepw09T8e-nY9XwI66jyEKa6NTv8kEuXJsmf9WxjQintOoXIsOW9cqhwEWOzd70vjm_yyXm9yZE9kjgGmevuQbT3YwaTpxYujlHN4gYx7zTIDaqUupHXNsYG8f_uRABRPi-xYxxKaX92zqXQWIJz2W1vYNrB6QuEFUrpLhnHRSq8wqmsrnq-c70dWCrRqcq0ztUOPgsPdhhw_p42FxJrkh8ckxu4UbuaoJlrxrHjEtljebnmNmBJ08LUJ8n3ey4jal2pa9mAsGeLaSZfDak1Y9U42KggPLYWYgvrdYc3NuBInAWsQVQTihcoE4G_i3U5W7JnXSVk3OqnxmsbJM1NZ9eOvWAYnqI5DLZgRLFWvvfEnW4_3G10Ry13d-m1ED3PK3WQ3hz_rUBIiXKsVwzlYOy2w6HYY16Az7jwF-hYDTePgNeDAW38n3q23Kai5n-9J7MgIvnxmp3HWDGW0cTkIvMP_O2d819FV8ZfdALqGD2dIYlysAIKxjuVZ0Cp6D2xuj7bR3-klVs2jjWMmxikRDpy9hg3wl1YD57ydLyMYDZ8e-iSyyzlQjdzwxdJbYR1yDZCA_rbLtlhK7Oevjlya2BBntxwbpr6jEvwB9xfPBxXzDww8ic9Uyy52UXKau6WYghFbXPtQGRQm5lNPgACxtZtqExlTxN8lYC37MrYZNr2sNZui_44inucUVpByf-KWfEuqRNwpfUSiauKPLSYCIWk_dHsfiC0XmN3Eoivw4P5igMdXwBsh6lD64ME6iBxaXzuWaI-yY-xw8HKAHuAZJQGJZ0Wt8bSbRC4DGxMilQBICDdf-B3qYq5iXp9g4pTF0YFOM0hwP8Kjkf4J9EYwHqSyfaG4cJmB5gjmQr6ZcaS-pnRozuVsRssHige_IEiht0DrHSlQDo9ZoEWmeQh9siq0-MfGVNrPAnixwdjVRtu7ihfm32E-J-k9PzVMpr9IMVAiARw_Cv3ok3loliIyR_z6NnLmXLAbTn7e_HmOoft9H8Pui2Dr3vv1TRcPRGATNTJoWebUbjw5oJyf37aJDJZrFVq60kW5whrw1KZ0a-9TpTGntLwDjalWkgxc7hQik5qUswp_J9rx30pg57fNYmNu8AVwgS2JwN7547o2Nqrd13llQ_Bcs5JnkZbLtJwiMzoEquu2AE9bmsLaHZO9wEYELxL2TS1YwoQFK7yiANTWgs5O3zieZCfIK_hxvJAhbEo1Obqx1trbDf_YI5mv6s7zkPVpaPyeY9pWnpWvs4YV3-OFqvaHaNGZMgI_gVCLKFDGdtT40IlcC30ziqhgiEqPPSI606JS0dpj6lwRYndWCtmSvdybS3Cr-3lUy72q9AYatPBXt5SDPDaV1tPOILLpHfadKJnXqq1WnpPAFmb9uB8sHWNF-YGXc9d2OQVfV61IkVcLUbgbfO72AcXOMGmPjI4x0gbxnUPggLO8a2jY_D7emZxihBR5its87pgyoQZlNyv31xVkRYW-zPCDDhDbQNXfQ1IwGkdWrkzPlsoX4RkODGkpYq7aN36_HevNFvy2D6j2IFhooH68_gIP09YzlCGmXwW3RiPoYH2w8cAM8g5l2rYGL-eLMHFRVkFv-G5mTDR4QjwBWw0ayHDsSesGBteoLpGWyBu2wpzkCobtb3EFAx7yOJBFJX_OQIh03im9uGp6qpiPkY6mxgGwX38urTufwyoLe6Xbft9z1pZFEAdDOUP2VicIzDSbWySXEk7bKYHzZw104BAeD-MvFOTD-UETVP2URlIT_5t1wwR_ai2QNZsW_ks-z8yeYc-jqYTtHtEJDPFeRJzBrffyODlSh91o5qYaw_WZJKWgMD4XVGNXbkmKeLAQuqSd1sYhRuJRdoNd2tPtIjHXzkaScEYPMTaK7iHzfZ1MKPAyDvofNiwlpazn8TJyiYuDQK2GWpXsV1IRqi3EEC05TS_2oz8fhrTO7YWgIzsBILxVckSIT2hBMO9zj3opq0XBl4xSCnbGxudH_LvINY0nvpDuowJhhRzx26io5G2Z0wVT4LrKXRQJ4RCqdQy77a6a2ziZos4Ws6Yvg9gML5pDiRRoFEw4YGr0s1iJClgwghFdETIoEhOo48KZoht72fIqCkCZNAJF4pQ6Y0U22Vpb4rOevlqCpuOzNn4JIx87ZFvMSViDxNf5Edg2EtcHBrHSRMXNV9hmvrLmAIAqzXsmTNPoyAjwgwlXG1nRCGb5I4iF-EA9rDWDWdiGE3-Z_E-o8SaTDwm9Zp0H-UIrb9SValT1YzLa5b6FeTs7RLvxiXNebiH5P5Hf_yryipfDITxZu6sFhZkn6XcKulbsA0wycMV0SfWEmH0DOHv0xAT4YxZFY9HN9yRxRYUVsyMk6Sb1AIOfo4MZnK5MDFblMMkn7JrlT4Nkf_lr5iPWJV7Cp_T3HAOdPorNN0GncIioc4o_Y6UDQp4UGcvSdgikufX3LNcZwQAJN48bduiVzAornkkR6SXGukYmu8uvPddx9HjYuAdljMa_ye8wvGRgk_2ecWnPaAi4pAgIkoQUpGQqmUINzL7-5Naq-kvb3wV8G6UwAcjaizBhrHRnl8nW9sbx3eJ8tlNCXfi-Q8xCTxSJ6YfDPsyfVO_r_EvkL_jp5skwk_Bb5wMzR4ntlgo9Qf0kb848LTeII-WNXhEnV4TeVnXvTOK_G9Vk5ay1nxQNQeH_iGe9cEABS1RXuAGF4ePEhXas2kessNPpkxHYPN16XTPnt82Kw9JYulNxFjvttfT7Yx3bUch10_atax2m4iJYf8LexRu5iqoldMPYkiVsJzPifZw1fBUjwt_xATZwTsk88hxdy2bR4fqrdiirzQQk5Uqh7I1UszY_-bREyv65Kh5pAily9HENwNClbVmseYztGubDwCciW8AzsS48RP-XrUBkSRjTB1mr&cid=CAQSTQBygQiDgkFoZVu58ntEVfEq08pxPXVpPcJQSPt1CjxUvLGkIeJ4N6hlQc_lQeDkTw49ssvOZcleXjwY90uioEKQWJBi7_gXpqYFW1gjGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.newsnationnow.com%2F&ds=l&xdt=1&iif=1&cor=12238816960506733000&adk=3690638929&idt=117&cac=0&dtd=12
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8f40d7ed81fa0cea7c219b89b2b011894d953d1763aca7e20690f75f57edd14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31522
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d0cfa3ad-067c-4e22-a587-a9d2c8bf6a0b
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/ Frame BB0A 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/d0cfa3ad-067c-4e22-a587-a9d2c8bf6a0b
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2DC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=92618608337&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2DC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=92618608337&version=m202301230201&ct=76&x=1&cor=11868178320541995000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B2DC 		66 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3BAFXmFWJckD3kziQ_Icdm3CreYDjH0pOMrsuS-4d02Uc_WiMho8ooUc5wFUOPSGwzBdDpL83t49JGhGDpWfxjt3trw&cry=1&dbm_d=AKAmf-D6IUXLyUE0PtKvobFlb-9Bo8L8bEbhuO4OJQWTJBQ7rvoJU8u1N0OeEgYDz2heM-g9zDX2xoQfLAx_el1_QZtG50hXPXp81zp-LXv7_v4v68txIh6wu9vDbweZZdZeVobRC-HaGkb3CdgWoftgCK6fmxswHSBeK_DJqicQixVU4YF6iEGiaLhZ3nMCDtweq1IE5cwPIC-i0XycW_NAF1vmoQu8fJ09g3nfOhsd6YE0NGPnf7awWPvWXFNoJGGmt0WHuVbkClabI5A3oJthrgOyTlq4-zPnVBL-la-B_z7v75qNTO9F_n0cyFWV7lPayUmfh73GWQoRq8iSlud7ytyt_h41vIdPsMUwYrSXmSEu0CckEwA4BIybl3BaN_aSdFaYP2CBQ_fzl9S03nwgCUpOnzZPIIn_-y3Inf1GsLGhfq28G3PQMMhWf-GFzZwimTBG1s02H8AShZrSYYbpFyoLpjbCYeUy-lOw010W7tDsfdZErbQeItRjcfeDv3BnMQSwEPOdNhxz73q6flOxHEMi-2Vq10FPFzeUUQPBckSZJG8DBgvPE6AG3tA8IXCQ99XPJNKc5chWxnJ6ttYYle1oPOjc5mHOU9DtwVaToyPzIB6LUygEdiuNxooHaBAYa4fcEJk7Q_aS3sIlzuFe9mUzOPp1aXJy0_Ksz5aPPUZFeLXsRnt14YapkGDZkeHACHIS6XOVYOx8w97FBwRbSE6JC_1W9n1FlrDCQasRDF32jJi04QoxhdiBP_Q2TVhG6aI2wuQh-9U88iXnF6CkamWnik3LNJ--2I5lFcFyFfeLQmryrPbVvizF7bK-3IvykbRcFZsTH3weeJMnLW4eGKWvPb-funl4mvyea9zM5l8Np_j-kWb7RvISfjYAZWUZBe_xofP0PQzyrFyH3FnNPNS2RPsyRwRAEgPHZeh0WZmW5gxAfqpU1OY3yV6CDuQwC5q2amZ-CRP7MB3iweH3FFF-fD_Ph-K1r7j-Fhos3aIIk0Y7z_kTBrs_6xT7bZNhKfjyfCu0G7ZhUvCjTyvbEHQurtDPx9H272c9aGjxjlMbaIJGHLExXVB0R4YlpOacVywTs5sf5FYG2YrzyiGZ_NOCDpwxd4iuGhTj2sZkWy2H6OspZswY_aFq3zZTRbQqsoX7_Qj-0dZyy2Xezv4gMfrhlyuVv62FrVnvbXxCZ17xcWqSYsy7Gvz3VjfPwHlzY9a1tDZnBtYoLHmKDWw-EB8WsFEbHHULGK_giZVvQWDHo-AK6GYZZmVtnS_L3lGxwkuwddYREtphKIZ6JJk2DEFPeQBZOyCiWjw1XgTOIcn1VtTexDpHwOnDgb84zmLsjM8HS4kfqs5lFH0mMClADH_NHzX84rBNhVnR7QFqMlIrYDdSmRE5QDXdpTQURDfnc4yrDL5lQoUOS-q-KUCDF3N9SZA9zUk-fCTXuuFNNA_jh2YtkQ9a4YTDO4DXPy0uqp3dyOdLFd0GVoE6GTaCY2ZLgbRKpwTO2DTEUmXP25vcyg8O4GryWWegUZTOSVczPOY4jCqBRkR22BvImX0Scpv6D0Wiaytq41chlQqgh_an03BejhhBmUtwAeNNlqQAsJFnauPzlYburzfuVCtT--wGBgCD9Zau7HUnGDPSP8R0ZAmNZ9okeyuBWTg2Gd92BpaCDoS3Ud6TQnncNNzU8qMtgWC8hnpJpi3X_2bMnQTr8weJyLwTbFK3xtE2OIjqMNjqBMYoACq5AEWpdWp8qLtlqvLrvhMHDQDIENX8RwU2jIt6fkKm-hDVWiwsSJm-YD-fZz4eNSfAjbThSud7KoxOqfDTvd6Xdv_ymtEQXAdsdrDdmC6lY7YneeKn2o1Ib4_pTv14Qn6Aifvin0CdB_fhO5KfaijVaV9aBARkZgwZvzbKmEg4xt3511E6OokZbeQ0aU78W1McXgL5TEy291zTyEcAllUUm5vJ_g91nUGGGPXflIjSXCn3wJo8eUEV2jDM6V7jOJwGsWLp3uxNe0CKC_-n9nxJ2_GGsLs64WXuFNjOoIoz4-FbiIDpzM1QcOA6mJGe5vvRRh30j_BvXL1ovhnpOoZyfX8_TFLcoPxgYETZcqKVJlbz5SoY-OHJH2nPxpjlbM6D6-flRrFK1tplPtfytY-V6cXKH7Xc3GLJcQm-oR7nZAqjxxHvkw2QbN9K2WXZVlPfScugwVGICzoEZqzvlLWx857iOz2MJt0yPuYoCyqWWFJRJmO7NGuPZ0nv7MwtInstgekZRsAQhGcQVBtbRQ8AgCBiamXI-4amb2Xl0tKQ8fWapxH8heqIPIgNemxDlKLwxnxiogd8Nq0NMJ5a_mNQjAiAVlEcWAZYY2fPRBUCLy3gtzmQWHMM1PbfWEz-P-WwjQFwYO68GxgigSL3PFoHZb2tmOCW6Xi-UbdF4-HsjKsTarQHahUWt--yYiHdnwb9cWj3MMWLyu9fFx0_XRZzJwIdJJMbj-dxrsI2yamodGlHZVC9itWDZNA84Y8RHQUZRi9jPAG3Q9E0r6WF8lQAGCB1DUdoOh_SmwW0C-QWGzvXKk7g-amw7pO4tIUDAB4UMEeeGWN_xbKiIozMWz9b3Is9n3heIumRhxI47mjyHoDT8XbLDTAtDLudVQXuYyZdx25q3Dvf-F5GsVpTopFdV5LlnEl3u8QoBlYRPUZYChGZT_4xo9nI-ix4EWRiiinb36QFsVcHwDFw5afI7r2_ykwzjveH3x4fwyjPiW2l4dlNrFqfcjG52M3iUSdKsscw7ns-QBg9YJzg3lDNVu8Thr_fKrUlbIPPgnzSgrn6jxofLCLlRt4hf3M0mdMO4dCg689ao9ppesx1o99MqYJUaJLVRiORawKhuAK-QY4L4HTz26Ss0LpvlmisDLPltz_XZbJstl42l0dvCPC8HRCaIJ6s3ZDjbWrikM9lyuwG0aTYvSyjK61pvWf98gZnUfmKeLpTz88fJ9vEdLw_XianzscoDR7q0G_ToWj5ZMg6nyJXmnaVheuFVpmzdmzjTeNEKF-6zDessS4qw6iidRzJz5WMFNJVSjhQNJwTJJ8cTqkVIUEXVnOH6vuixJ5QM2pgsnguTITbgi26xid-kWWhEdnF_BdyU8P_lOvWSnyMQzS9hI1poJ8IdaM82hipyXIcvPD88aA8_hYsU0TN10t2S6q0xspbbBg2udN83En1kSgjeHEqCSXeOgVr3aAFzY3Z6FL1qG5MljSu0jiqH47BOLHOlTqgb4Lf7V2sjto8nnIp15l-mQWvjst8qhjQWJMzV-ACb75xscMH19ApBQxlcQlNm_ivE4OdiD_Xx_o2hW6VBUUgn6FvYkPq8zRwAWQnS5lNPGEo9O5pn6tc4IjC3WVnx5oZbQIvbhiIIw1TYfAZfu9PHSUngdPNPnngUyekps-UEmqx9wq31d3dekW9ImBuRHusVnSok1-6E4M1vzyDZMxPU1tN1j3pU5PFqRuiXF3DY1Rv-f2sglgCGMuVEshzNkNt73AZDvCbSqtFTiAEvT8dv_sOFkompK68dmoub6ux8fRbVcFL-tYutqqvivltKyO_4b5Zq6DLlVbZgeqEqc5lXkVFitxhCxerHm334UHuUkCxdw_bbVytRMVt-ScqHOzbAUa2ab1rPH1z-B6qTAAEUf4fdu-Xfka1_TRnQUbkeAoPizX5CM-1OB98s4eHv4bLKr9201z1ljwfiv2zVQn3mg3OZ0_yw5-ShEsnLl-GCgWORfH8C5T0BiL53wwvv5F8Z1dqXwdmSGjQQaUfw14RIF-yNhwNSWjK-_aLsw6vJycKlvwASPvxwA&cid=CAQSTQBygQiDgkFoZVu58ntEVfEq08pxPXVpPcJQSPt1CjxUvLGkIeJ4N6hlQc_lQeDkTw49ssvOZcleXjwY90uioEKQWJBi7_gXpqYFW1gjGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.newsnationnow.com%2F&ds=l&xdt=1&iif=1&cor=11868178320541995000&adk=2004672170&idt=79&cac=0&dtd=5
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8917ee6c52d68cf3833bc2b76b12f964d722504fb5daff07756fcbe82a1cc20d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31579
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ab74a1a6-0b42-4393-ad41-ae626e9e9f5b
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/ Frame B2DC 		789 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/ab74a1a6-0b42-4393-ad41-ae626e9e9f5b
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
789
Content-Type
application/javascript
visit.js
tps.doubleverify.com/ Frame 8164 		724 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=393&ttfrms=42&brid=3&brver=112.0.5615.121&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3F6HD%3F2E%3A%40%3F%3F%40H%5D4%40%3ETau3FD%3A%3F6DDTauE649Tau%3E%3A4C%40D%407E%5C3C624965%5C%3A%3F%5CDFDA64E65%5CCFDD%3A2%3F%5C924%3C%5CFD%3A%3F8%5CD%40%3D2CH%3A%3F5DTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3F6HD%3F2E%3A%40%3F%3F%40H%5D4%40%3ETar9EEADTbpTauTauHHH%5D%3F6HD%3F2E%3A%40%3F%3F%40H%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5D%3F6HD%3F2E%3A%40%3F%3F%40H%5D4%40%3ETau3FD%3A%3F6DDTauE649Tau%3E%3A4C%40D%407E%5C3C624965%5C%3A%3F%5CDFDA64E65%5CCFDD%3A2%3F%5C924%3C%5CFD%3A%3F8%5CD%40%3D2CH%3A%3F5DTau&srcurlD=0&aUrlD=0&ssl=https:&dfs=20&ddur=122&uid=1682819953858345&jsCallback=dvCallback_1682819953858379&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=3735&tgjsver=3735&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&fwc=0&fcl=1441&flt=37&fec=1526&fcifrms=16&brh=2&sdf=2&dvp_epl=534&noc=4&nav_pltfrm=Win32&ctx=13311291&cmp=24193518&sid=6080257&plc=273620345&crt=171932880&btreg=551030907&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=65104830454.67503&dvp_tukv=12551827765.17495&dvp_tuid=63458732959&jurtd=296338849
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3735.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
52701ac57c398a0ac28495752bb9289b87fb7894f73e794bda86ea44f69b6314

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:14 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
04/29/2023 01:59:14
visit.js
tps.doubleverify.com/ Frame 06AF 		724 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=305&ttfrms=9&brid=3&brver=112.0.5615.121&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3F6HD%3F2E%3A%40%3F%3F%40H%5D4%40%3ETau3FD%3A%3F6DDTauE649Tau%3E%3A4C%40D%407E%5C3C624965%5C%3A%3F%5CDFDA64E65%5CCFDD%3A2%3F%5C924%3C%5CFD%3A%3F8%5CD%40%3D2CH%3A%3F5DTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3F6HD%3F2E%3A%40%3F%3F%40H%5D4%40%3ETar9EEADTbpTauTauHHH%5D%3F6HD%3F2E%3A%40%3F%3F%40H%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5D%3F6HD%3F2E%3A%40%3F%3F%40H%5D4%40%3ETau3FD%3A%3F6DDTauE649Tau%3E%3A4C%40D%407E%5C3C624965%5C%3A%3F%5CDFDA64E65%5CCFDD%3A2%3F%5C924%3C%5CFD%3A%3F8%5CD%40%3D2CH%3A%3F5DTau&srcurlD=0&aUrlD=0&ssl=https:&dfs=20&ddur=99&uid=1682819953938621&jsCallback=dvCallback_1682819953938695&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=3735&tgjsver=3735&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&fwc=0&fcl=1441&flt=37&fec=1526&fcifrms=16&brh=2&sdf=2&dvp_epl=534&noc=4&nav_pltfrm=Win32&ctx=13311291&cmp=24193518&sid=6080257&plc=273620345&crt=115557430&btreg=551030907&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=148357258292.50705&dvp_tukv=9526873.49641647&dvp_tuid=1120490197935&jurtd=352830886
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3735.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
6017001d3364a193d0b50a880d464d2b20767005e1d685530434770989270ca9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:14 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
04/29/2023 01:59:14
css
fonts.googleapis.com/ Frame 715E 		5 KB
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,500
Requested by
Host: cdn.civicscience.com
URL: https://cdn.civicscience.com/jspoll/5/csw-vendor-webfontloader.5.4.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1fdb9df737a2bd90a7eaf85346dd80688fb0f45c8d851bbc8ac91d6ced8ec11e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 01:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 00:36:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Apr 2023 01:59:13 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame BB0A 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
21607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:59:07 GMT
16189363864795397796
s0.2mdn.net/simgad/ Frame BB0A 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16189363864795397796
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c64e9b136e7a97550020cc37d103f00e93082d70e92ab729810a8b87f3ea5dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 12:56:32 GMT
x-content-type-options
nosniff
age
46962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66940
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 14:02:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 12:56:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame BB0A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
21607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:59:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BB0A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuQyWwIQof-iK3N8AiE2qeu-WFR8LyBgnkXmlTYh3rV8n4JW-tJAXcOS5mPu6BFpPd6NPeut-5lR3ZhXvAZXXSHQQ0oqJhR_PmPTiWcfxxAcWnEGxeVIZ89OiWDc_Wagg7WJWZZmy7znP0VJxdUdVM2ltXkGK8CwFLLWpLGHJF2XGISvst7iz7SZK74XQOcUzzjFaKt_4Pg8-IbnZcOj1hIZmMVXOJNZaBd47a_GVIfX2hHGspuzLTWbtD6x6GCoBBjnjTE1bBKm1TFQgn8mlt4zadUatNW4GHLrUEN-2-mxMAXQp_I_jXM5C5Zv8eDgFLKCuRUg1M9HbjzmjPF7_P1KVDXaTPfwBc4k7lL81RjrnjGeeEgksNtGJ85FEheYd0-hgovKgKrIrxl6ARM0--NsuHrbSnnGBrYnS01a3lW5wan9prQ5DBHaxmWhoc591WGcgqhmPC92S_HobZvRBZXpCxj6aKf88Un4wyUp8rnGBrUoBUbzNKZZ012JiL9f76mvxIxYTdDnU9DKglee_2XrcWtOqzfqY2oV1jx5u5C6c17ruTSBQ3HSiOgszZxDClhLwoHCpsYvTYPpHGc_Ocr2qnoIQEUha1ohxtBRfwaASIjXg2qml_ZJqhOi1nu52gqDCzJ568I9oWbG37uHQyr7z40a9cAjdUwV-J5yZ1pKE9agTSf3Mm0IWe11H1d_Tv-Q-i265iQIF3gnik-G-bmeEAMkKH8mQWx9VH5ez1ZrqS4H6cbxCpmpcj5WRINhvf4lDH5NPRIZXSPo-jeV_zKpkH614iiLcrkYw8KgG1DDR750skC9J-e8JAw0pKtdIbu0PHiTmVXerCGW0N9pApuI0dobo-PFKHQAljiuW6oDED30eBspqQc-W5VfIUFzV5uvUjzt6BX4qhL_938DROTmxsAp7geG6CyTEj0hxweMcuW7Xj-f1Z6dtAgiwhe_aFRWXREd-rMWkl6ZIArgV1zOH9swXaq7UvFtdp0v77udfxhDdBhkoazSxmXVsqJ3sJXIXiQloXSas5srYSRKcRVJvJqi-rIWPY0jHvMCaymOhAemf5BJ-bLR_K8JBsi1znYo8MalyuYK--0LrwWgX1iySpPILVhU6F-kYLQ18RIOVfivADGhijZseFvp-TdISkE3Qzm6FA1l-hAig8LYHqOje0h4G3ElUL_uieoGlvYmLFZkNFzTZLhzJzbDj_PoubnczaYtXHevDlW8MKE81S-WyBP0G6MZ7uWZ-5kxf52kuGJNjsBmZBaRWYpClsIJp3wg-aPsmzKBZu21q_r8ttk9WH3VBp-33Vn137nNqvHi_a-bYeRnZ97joQVbyh8Kny2ojWS&sai=AMfl-YQC9m7msMlGHZHrV4DoDWQQdyVbu8lZ6oQn3UQFVLHHKbY3N5IJfCRqaDtXtJCJo9NlUQEuso21vuCTItY9YQACE43szsUUMviKd7HEFaarbXjOpH5IRVasyCNS1uNcw6VzZQ7b7_fArNQ3WpglLOaYxNJtInxPctj-Njl8FwxBxS6GdB5f3G5jmTLpAWeLl_2379xHivG-J9Iy36bs35aQUJHkt26GcW0N6wduhptwCNjFM37v0Hlv8Jv80TZbyJaBIvhmIJX4G34mf4OJjpccrzApyOfGQ47YNvNchuoAE0RTni1HN03yRwIT&sig=Cg0ArKJSzFrLkKWlps_dEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230426.13555&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0axpdZw1WbarLJJ-99_9NYjqtAgAoiTqlh35QVPn1wBak6b_g82rp6Nfolr8bENCtedIwJqzbm-qMei55JEVAbQfGMQ&cry=1&dbm_d=AKAmf-BeGgTuflWHSidgLp4j8Zf_yRiKXAm_QX_lJwRfGWfc6dRVhmmSKIUoM5WkHZ5TKxgjogEHpjXKTenmlrPEnd3lPm1RqCYpB8l4ej8J4RGQBdBZd5fGcFwLIwYaShV3HEtXKnS4VCfU92vUsoDUGlXSDJeiTA1udRgxNVqNyEAQbWE_lZf1T671MNRLW-Nz7wH6Zw30XOX73Nap4IgCcnY7oahdX2hF7hCHC8StVsdJ6RxORh9AwD6t0H_eGY76BXb6EOCSYgVJ7t7K46y1U4ajpl5ECogjQ7KxfTYCefrjfaV3d-Nzyd5fbjR56Lo_xVb0ccKmnZuQMG5DfXU-DnoYu9J1Y1wfAj2YNq2UuJ5eIBXEPJrf7KRFe-x-8AFqhBEeM2ztKPjYaWzX0lrd28lREAKaU6Yts627jehckWkIHnhmjHVq77btnxuQnuQYadRj2PbOVXHlCaP1CVF6WT69u64Rn1b1MVYb2VcnX9j91FOmsv6HhRd4zMTj4mcs7wmAbf37n_t_MFhK8JfIGM8oYaq4Wap1zcGQDBi6A8O4AM4mBigdgw9I4Yn3bTU2O_QkDhMpLwJJCkWSOTNkflS2WGxIkTFlAm2Y334BdbEeJTDdpEwbUIe6v5yVUN07U_MY8ETkzbiIUcLBEmf1gijvo6mIQ9dDe4mv8KT9ASkBTeTHt8DBGhPEmvrLCrrsjH8ZxfoiyDd96OzWh5vA-u2zS-DUj5D4XQvyaTV6AQh1ot9OWJfd8hGGFUdyt733vHNa2bdgU_2MZgnFfrSAVJ-ia2e9UFvHIpihQmyt6TP8qX4tHNldhYMKBhRCcJMkSo-4BMOqGLsZ6J-ByUSVcDHOVFn70GEGk67ND_K17p9Gepw09T8e-nY9XwI66jyEKa6NTv8kEuXJsmf9WxjQintOoXIsOW9cqhwEWOzd70vjm_yyXm9yZE9kjgGmevuQbT3YwaTpxYujlHN4gYx7zTIDaqUupHXNsYG8f_uRABRPi-xYxxKaX92zqXQWIJz2W1vYNrB6QuEFUrpLhnHRSq8wqmsrnq-c70dWCrRqcq0ztUOPgsPdhhw_p42FxJrkh8ckxu4UbuaoJlrxrHjEtljebnmNmBJ08LUJ8n3ey4jal2pa9mAsGeLaSZfDak1Y9U42KggPLYWYgvrdYc3NuBInAWsQVQTihcoE4G_i3U5W7JnXSVk3OqnxmsbJM1NZ9eOvWAYnqI5DLZgRLFWvvfEnW4_3G10Ry13d-m1ED3PK3WQ3hz_rUBIiXKsVwzlYOy2w6HYY16Az7jwF-hYDTePgNeDAW38n3q23Kai5n-9J7MgIvnxmp3HWDGW0cTkIvMP_O2d819FV8ZfdALqGD2dIYlysAIKxjuVZ0Cp6D2xuj7bR3-klVs2jjWMmxikRDpy9hg3wl1YD57ydLyMYDZ8e-iSyyzlQjdzwxdJbYR1yDZCA_rbLtlhK7Oevjlya2BBntxwbpr6jEvwB9xfPBxXzDww8ic9Uyy52UXKau6WYghFbXPtQGRQm5lNPgACxtZtqExlTxN8lYC37MrYZNr2sNZui_44inucUVpByf-KWfEuqRNwpfUSiauKPLSYCIWk_dHsfiC0XmN3Eoivw4P5igMdXwBsh6lD64ME6iBxaXzuWaI-yY-xw8HKAHuAZJQGJZ0Wt8bSbRC4DGxMilQBICDdf-B3qYq5iXp9g4pTF0YFOM0hwP8Kjkf4J9EYwHqSyfaG4cJmB5gjmQr6ZcaS-pnRozuVsRssHige_IEiht0DrHSlQDo9ZoEWmeQh9siq0-MfGVNrPAnixwdjVRtu7ihfm32E-J-k9PzVMpr9IMVAiARw_Cv3ok3loliIyR_z6NnLmXLAbTn7e_HmOoft9H8Pui2Dr3vv1TRcPRGATNTJoWebUbjw5oJyf37aJDJZrFVq60kW5whrw1KZ0a-9TpTGntLwDjalWkgxc7hQik5qUswp_J9rx30pg57fNYmNu8AVwgS2JwN7547o2Nqrd13llQ_Bcs5JnkZbLtJwiMzoEquu2AE9bmsLaHZO9wEYELxL2TS1YwoQFK7yiANTWgs5O3zieZCfIK_hxvJAhbEo1Obqx1trbDf_YI5mv6s7zkPVpaPyeY9pWnpWvs4YV3-OFqvaHaNGZMgI_gVCLKFDGdtT40IlcC30ziqhgiEqPPSI606JS0dpj6lwRYndWCtmSvdybS3Cr-3lUy72q9AYatPBXt5SDPDaV1tPOILLpHfadKJnXqq1WnpPAFmb9uB8sHWNF-YGXc9d2OQVfV61IkVcLUbgbfO72AcXOMGmPjI4x0gbxnUPggLO8a2jY_D7emZxihBR5its87pgyoQZlNyv31xVkRYW-zPCDDhDbQNXfQ1IwGkdWrkzPlsoX4RkODGkpYq7aN36_HevNFvy2D6j2IFhooH68_gIP09YzlCGmXwW3RiPoYH2w8cAM8g5l2rYGL-eLMHFRVkFv-G5mTDR4QjwBWw0ayHDsSesGBteoLpGWyBu2wpzkCobtb3EFAx7yOJBFJX_OQIh03im9uGp6qpiPkY6mxgGwX38urTufwyoLe6Xbft9z1pZFEAdDOUP2VicIzDSbWySXEk7bKYHzZw104BAeD-MvFOTD-UETVP2URlIT_5t1wwR_ai2QNZsW_ks-z8yeYc-jqYTtHtEJDPFeRJzBrffyODlSh91o5qYaw_WZJKWgMD4XVGNXbkmKeLAQuqSd1sYhRuJRdoNd2tPtIjHXzkaScEYPMTaK7iHzfZ1MKPAyDvofNiwlpazn8TJyiYuDQK2GWpXsV1IRqi3EEC05TS_2oz8fhrTO7YWgIzsBILxVckSIT2hBMO9zj3opq0XBl4xSCnbGxudH_LvINY0nvpDuowJhhRzx26io5G2Z0wVT4LrKXRQJ4RCqdQy77a6a2ziZos4Ws6Yvg9gML5pDiRRoFEw4YGr0s1iJClgwghFdETIoEhOo48KZoht72fIqCkCZNAJF4pQ6Y0U22Vpb4rOevlqCpuOzNn4JIx87ZFvMSViDxNf5Edg2EtcHBrHSRMXNV9hmvrLmAIAqzXsmTNPoyAjwgwlXG1nRCGb5I4iF-EA9rDWDWdiGE3-Z_E-o8SaTDwm9Zp0H-UIrb9SValT1YzLa5b6FeTs7RLvxiXNebiH5P5Hf_yryipfDITxZu6sFhZkn6XcKulbsA0wycMV0SfWEmH0DOHv0xAT4YxZFY9HN9yRxRYUVsyMk6Sb1AIOfo4MZnK5MDFblMMkn7JrlT4Nkf_lr5iPWJV7Cp_T3HAOdPorNN0GncIioc4o_Y6UDQp4UGcvSdgikufX3LNcZwQAJN48bduiVzAornkkR6SXGukYmu8uvPddx9HjYuAdljMa_ye8wvGRgk_2ecWnPaAi4pAgIkoQUpGQqmUINzL7-5Naq-kvb3wV8G6UwAcjaizBhrHRnl8nW9sbx3eJ8tlNCXfi-Q8xCTxSJ6YfDPsyfVO_r_EvkL_jp5skwk_Bb5wMzR4ntlgo9Qf0kb848LTeII-WNXhEnV4TeVnXvTOK_G9Vk5ay1nxQNQeH_iGe9cEABS1RXuAGF4ePEhXas2kessNPpkxHYPN16XTPnt82Kw9JYulNxFjvttfT7Yx3bUch10_atax2m4iJYf8LexRu5iqoldMPYkiVsJzPifZw1fBUjwt_xATZwTsk88hxdy2bR4fqrdiirzQQk5Uqh7I1UszY_-bREyv65Kh5pAily9HENwNClbVmseYztGubDwCciW8AzsS48RP-XrUBkSRjTB1mr&cid=CAQSTQBygQiDgkFoZVu58ntEVfEq08pxPXVpPcJQSPt1CjxUvLGkIeJ4N6hlQc_lQeDkTw49ssvOZcleXjwY90uioEKQWJBi7_gXpqYFW1gjGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.newsnationnow.com%2F&ds=l&xdt=1&iif=1&cor=12238816960506733000&adk=3690638929&idt=117&cac=0&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 30 Apr 2023 01:59:14 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 30 Apr 2023 01:59:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BB0A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21583
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 19:59:31 GMT
16189363864795397796
s0.2mdn.net/simgad/ Frame B2DC 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16189363864795397796
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c64e9b136e7a97550020cc37d103f00e93082d70e92ab729810a8b87f3ea5dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 12:56:32 GMT
x-content-type-options
nosniff
age
46962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66940
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 14:02:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 12:56:32 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame B2DC 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
21607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:59:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame B2DC 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
21607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:59:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B2DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4iH6swvYfxhsOh1opgEmF1qVqX4M5TkZ69ZFL51chICWM8nrJ7KRSFbLhUUUJsNLNqJ59D2RE6XhGHakcZTt3MhvoxXcl9RgV_t_utyw8Fkp5wZsgTrznZNNn6Z5ZvmKhwW4YEZ_ap_Q_vpD9OCLR6ETqJvv5bfyKJ6obO54eaBu-sk-jz6EVQi3BRinpfh6Xjzf7cr9nS-Aaa5P9qOY7QgHzCsg5YJGbsgfy6J2cVi8VhLUDYizswcaIafKHV6cRB_l4TX0hPhYr8JoDOPQdW3Y8lg5-CbE6ry7wSzD_bGTSIkCO15lmBS588aZ66d4oxfPnDy24HY4Bu2UjxLWIQfKGmOQiZQt4XZD0e3-Qy-E7_pymSWjMNb7UZfHSrk3a5qlTxpJ5gdL2m0gBWcXwzl_vbp0vg2crc9QOO1bsgBWrgtGABLbzq10yA1zSWS1oEwE8LJfjYsor6cIDZJ6fqZtIul-WxM84u7eBhHY51qIaP5yilOLZ05WQNZ0xBe5731BlXFGxGSRRRMlGQ2dvupujlLqnG-Fc-bRHglmZcuaHcEIlJkV9z4NUCpGO0Q4X4PPRGewa6tK5e4ixDAdsNMTVQUyF8MrMC0F1523_r-LX-OD-Psscu08X-TZtsTM5zACVnVCpH81KM0rC1R8xnTWk5LLJcOcTrNeWpsbj-RtUKtB0PpO2Y7md1irAHOJZICg52YOAdC4P1bCfchyiD6ZDK6ix3hqz26xwpwFAMYBTpQrEg3phiSLHYXvLh5gkcMC8iNuklPQTEZ2vk8zrQUdZrRdDeYPLkm5xEr2nDbdmqyuBHWssdpqHPl8iXh9iOBwNNwiPbjXAfIAZtYDtLrG0W1ainrV8qYxgpPCWfSw26c9P5fWnwg-k8KnEzISqKnDIsSGaeXO3Ht_Feq086ES7WyJYHq1kDvnM7J2LSmnce4XAPkB7kaC9bCBVVFny8gwI3SYKUuwOprZ0LtTYIl8M863iXMEFX5KK2Q20LpNOOfRy_Yj_WY0blG-2oMowGnOjC3TkZ6hxwvG_Qp1gUSz6UOjFl-trK7b9OO0JJJnPsdcNvzNlgMLcbqCLZEM-YUW-mL4e-fnQYdPXyidprZTNPanstZows4oZhfC8qi06QukvUJaWtOYh-HtdjYx3S2m_I5RkTQhtly9lJWtGFnp6EySc4cIStgMDwSgI1gEwox3bmrbYHE754A4EqT7MGx09zVcF7scCW9if5V3R2Fq6O7QYU-e8DMsHLYxlXjw3vqYTVEaYEWo89NnEbXydXspom94uHslruTNJ034AR1HkmQA248As1vHe0yDL1cY63PJHOCTDn-Kk_uRAZ8z1c1JqubKTRw&sai=AMfl-YRjdJxUWF_4Ip3DmQSzvo5nnPF8IEIurFZwqhCg0RgyQk46CRj3ZPGyWln-DaIYt6fNDRAE204pVyGaduUOd5juWwtKlJMAEp1OXtBFWN4pcKvgbxOCjSKV_yC6xaur2it-OsG73ArvaV0iZaho3yGVFp2Fu_NHLIVrv5ifB2yQI-sCRByae5ODf0gt4k0D7pX8qZJas0MEstKlSC9quDbev1rpes2bOlBg2ptEl63zrmKOqvizz3D_ecO0qneGXO8AP_WtyHyT9u3F_awFV35ydPNnsE9uQebgzqpQ14to4WyF2hL5AUOyYTV-&sig=Cg0ArKJSzPqOx0-8h8MBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230426.28571&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3BAFXmFWJckD3kziQ_Icdm3CreYDjH0pOMrsuS-4d02Uc_WiMho8ooUc5wFUOPSGwzBdDpL83t49JGhGDpWfxjt3trw&cry=1&dbm_d=AKAmf-D6IUXLyUE0PtKvobFlb-9Bo8L8bEbhuO4OJQWTJBQ7rvoJU8u1N0OeEgYDz2heM-g9zDX2xoQfLAx_el1_QZtG50hXPXp81zp-LXv7_v4v68txIh6wu9vDbweZZdZeVobRC-HaGkb3CdgWoftgCK6fmxswHSBeK_DJqicQixVU4YF6iEGiaLhZ3nMCDtweq1IE5cwPIC-i0XycW_NAF1vmoQu8fJ09g3nfOhsd6YE0NGPnf7awWPvWXFNoJGGmt0WHuVbkClabI5A3oJthrgOyTlq4-zPnVBL-la-B_z7v75qNTO9F_n0cyFWV7lPayUmfh73GWQoRq8iSlud7ytyt_h41vIdPsMUwYrSXmSEu0CckEwA4BIybl3BaN_aSdFaYP2CBQ_fzl9S03nwgCUpOnzZPIIn_-y3Inf1GsLGhfq28G3PQMMhWf-GFzZwimTBG1s02H8AShZrSYYbpFyoLpjbCYeUy-lOw010W7tDsfdZErbQeItRjcfeDv3BnMQSwEPOdNhxz73q6flOxHEMi-2Vq10FPFzeUUQPBckSZJG8DBgvPE6AG3tA8IXCQ99XPJNKc5chWxnJ6ttYYle1oPOjc5mHOU9DtwVaToyPzIB6LUygEdiuNxooHaBAYa4fcEJk7Q_aS3sIlzuFe9mUzOPp1aXJy0_Ksz5aPPUZFeLXsRnt14YapkGDZkeHACHIS6XOVYOx8w97FBwRbSE6JC_1W9n1FlrDCQasRDF32jJi04QoxhdiBP_Q2TVhG6aI2wuQh-9U88iXnF6CkamWnik3LNJ--2I5lFcFyFfeLQmryrPbVvizF7bK-3IvykbRcFZsTH3weeJMnLW4eGKWvPb-funl4mvyea9zM5l8Np_j-kWb7RvISfjYAZWUZBe_xofP0PQzyrFyH3FnNPNS2RPsyRwRAEgPHZeh0WZmW5gxAfqpU1OY3yV6CDuQwC5q2amZ-CRP7MB3iweH3FFF-fD_Ph-K1r7j-Fhos3aIIk0Y7z_kTBrs_6xT7bZNhKfjyfCu0G7ZhUvCjTyvbEHQurtDPx9H272c9aGjxjlMbaIJGHLExXVB0R4YlpOacVywTs5sf5FYG2YrzyiGZ_NOCDpwxd4iuGhTj2sZkWy2H6OspZswY_aFq3zZTRbQqsoX7_Qj-0dZyy2Xezv4gMfrhlyuVv62FrVnvbXxCZ17xcWqSYsy7Gvz3VjfPwHlzY9a1tDZnBtYoLHmKDWw-EB8WsFEbHHULGK_giZVvQWDHo-AK6GYZZmVtnS_L3lGxwkuwddYREtphKIZ6JJk2DEFPeQBZOyCiWjw1XgTOIcn1VtTexDpHwOnDgb84zmLsjM8HS4kfqs5lFH0mMClADH_NHzX84rBNhVnR7QFqMlIrYDdSmRE5QDXdpTQURDfnc4yrDL5lQoUOS-q-KUCDF3N9SZA9zUk-fCTXuuFNNA_jh2YtkQ9a4YTDO4DXPy0uqp3dyOdLFd0GVoE6GTaCY2ZLgbRKpwTO2DTEUmXP25vcyg8O4GryWWegUZTOSVczPOY4jCqBRkR22BvImX0Scpv6D0Wiaytq41chlQqgh_an03BejhhBmUtwAeNNlqQAsJFnauPzlYburzfuVCtT--wGBgCD9Zau7HUnGDPSP8R0ZAmNZ9okeyuBWTg2Gd92BpaCDoS3Ud6TQnncNNzU8qMtgWC8hnpJpi3X_2bMnQTr8weJyLwTbFK3xtE2OIjqMNjqBMYoACq5AEWpdWp8qLtlqvLrvhMHDQDIENX8RwU2jIt6fkKm-hDVWiwsSJm-YD-fZz4eNSfAjbThSud7KoxOqfDTvd6Xdv_ymtEQXAdsdrDdmC6lY7YneeKn2o1Ib4_pTv14Qn6Aifvin0CdB_fhO5KfaijVaV9aBARkZgwZvzbKmEg4xt3511E6OokZbeQ0aU78W1McXgL5TEy291zTyEcAllUUm5vJ_g91nUGGGPXflIjSXCn3wJo8eUEV2jDM6V7jOJwGsWLp3uxNe0CKC_-n9nxJ2_GGsLs64WXuFNjOoIoz4-FbiIDpzM1QcOA6mJGe5vvRRh30j_BvXL1ovhnpOoZyfX8_TFLcoPxgYETZcqKVJlbz5SoY-OHJH2nPxpjlbM6D6-flRrFK1tplPtfytY-V6cXKH7Xc3GLJcQm-oR7nZAqjxxHvkw2QbN9K2WXZVlPfScugwVGICzoEZqzvlLWx857iOz2MJt0yPuYoCyqWWFJRJmO7NGuPZ0nv7MwtInstgekZRsAQhGcQVBtbRQ8AgCBiamXI-4amb2Xl0tKQ8fWapxH8heqIPIgNemxDlKLwxnxiogd8Nq0NMJ5a_mNQjAiAVlEcWAZYY2fPRBUCLy3gtzmQWHMM1PbfWEz-P-WwjQFwYO68GxgigSL3PFoHZb2tmOCW6Xi-UbdF4-HsjKsTarQHahUWt--yYiHdnwb9cWj3MMWLyu9fFx0_XRZzJwIdJJMbj-dxrsI2yamodGlHZVC9itWDZNA84Y8RHQUZRi9jPAG3Q9E0r6WF8lQAGCB1DUdoOh_SmwW0C-QWGzvXKk7g-amw7pO4tIUDAB4UMEeeGWN_xbKiIozMWz9b3Is9n3heIumRhxI47mjyHoDT8XbLDTAtDLudVQXuYyZdx25q3Dvf-F5GsVpTopFdV5LlnEl3u8QoBlYRPUZYChGZT_4xo9nI-ix4EWRiiinb36QFsVcHwDFw5afI7r2_ykwzjveH3x4fwyjPiW2l4dlNrFqfcjG52M3iUSdKsscw7ns-QBg9YJzg3lDNVu8Thr_fKrUlbIPPgnzSgrn6jxofLCLlRt4hf3M0mdMO4dCg689ao9ppesx1o99MqYJUaJLVRiORawKhuAK-QY4L4HTz26Ss0LpvlmisDLPltz_XZbJstl42l0dvCPC8HRCaIJ6s3ZDjbWrikM9lyuwG0aTYvSyjK61pvWf98gZnUfmKeLpTz88fJ9vEdLw_XianzscoDR7q0G_ToWj5ZMg6nyJXmnaVheuFVpmzdmzjTeNEKF-6zDessS4qw6iidRzJz5WMFNJVSjhQNJwTJJ8cTqkVIUEXVnOH6vuixJ5QM2pgsnguTITbgi26xid-kWWhEdnF_BdyU8P_lOvWSnyMQzS9hI1poJ8IdaM82hipyXIcvPD88aA8_hYsU0TN10t2S6q0xspbbBg2udN83En1kSgjeHEqCSXeOgVr3aAFzY3Z6FL1qG5MljSu0jiqH47BOLHOlTqgb4Lf7V2sjto8nnIp15l-mQWvjst8qhjQWJMzV-ACb75xscMH19ApBQxlcQlNm_ivE4OdiD_Xx_o2hW6VBUUgn6FvYkPq8zRwAWQnS5lNPGEo9O5pn6tc4IjC3WVnx5oZbQIvbhiIIw1TYfAZfu9PHSUngdPNPnngUyekps-UEmqx9wq31d3dekW9ImBuRHusVnSok1-6E4M1vzyDZMxPU1tN1j3pU5PFqRuiXF3DY1Rv-f2sglgCGMuVEshzNkNt73AZDvCbSqtFTiAEvT8dv_sOFkompK68dmoub6ux8fRbVcFL-tYutqqvivltKyO_4b5Zq6DLlVbZgeqEqc5lXkVFitxhCxerHm334UHuUkCxdw_bbVytRMVt-ScqHOzbAUa2ab1rPH1z-B6qTAAEUf4fdu-Xfka1_TRnQUbkeAoPizX5CM-1OB98s4eHv4bLKr9201z1ljwfiv2zVQn3mg3OZ0_yw5-ShEsnLl-GCgWORfH8C5T0BiL53wwvv5F8Z1dqXwdmSGjQQaUfw14RIF-yNhwNSWjK-_aLsw6vJycKlvwASPvxwA&cid=CAQSTQBygQiDgkFoZVu58ntEVfEq08pxPXVpPcJQSPt1CjxUvLGkIeJ4N6hlQc_lQeDkTw49ssvOZcleXjwY90uioEKQWJBi7_gXpqYFW1gjGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.newsnationnow.com%2F&ds=l&xdt=1&iif=1&cor=11868178320541995000&adk=2004672170&idt=79&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 30 Apr 2023 01:59:14 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 30 Apr 2023 01:59:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B2DC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21583
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 19:59:31 GMT
sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
pagead2.googlesyndication.com/bg/ Frame 993F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 14:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
42399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14209
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 14:12:35 GMT
sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
pagead2.googlesyndication.com/bg/ Frame 08B8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 14:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
42399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14209
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 14:12:35 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 715E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsnationnow.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 16:01:20 GMT
x-content-type-options
nosniff
age
35874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 16:01:20 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 715E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsnationnow.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:15:01 GMT
x-content-type-options
nosniff
age
24253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 19:15:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BB0A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuQyWwIQof-iK3N8AiE2qeu-WFR8LyBgnkXmlTYh3rV8n4JW-tJAXcOS5mPu6BFpPd6NPeut-5lR3ZhXvAZXXSHQQ0oqJhR_PmPTiWcfxxAcWnEGxeVIZ89OiWDc_Wagg7WJWZZmy7znP0VJxdUdVM2ltXkGK8CwFLLWpLGHJF2XGISvst7iz7SZK74XQOcUzzjFaKt_4Pg8-IbnZcOj1hIZmMVXOJNZaBd47a_GVIfX2hHGspuzLTWbtD6x6GCoBBjnjTE1bBKm1TFQgn8mlt4zadUatNW4GHLrUEN-2-mxMAXQp_I_jXM5C5Zv8eDgFLKCuRUg1M9HbjzmjPF7_P1KVDXaTPfwBc4k7lL81RjrnjGeeEgksNtGJ85FEheYd0-hgovKgKrIrxl6ARM0--NsuHrbSnnGBrYnS01a3lW5wan9prQ5DBHaxmWhoc591WGcgqhmPC92S_HobZvRBZXpCxj6aKf88Un4wyUp8rnGBrUoBUbzNKZZ012JiL9f76mvxIxYTdDnU9DKglee_2XrcWtOqzfqY2oV1jx5u5C6c17ruTSBQ3HSiOgszZxDClhLwoHCpsYvTYPpHGc_Ocr2qnoIQEUha1ohxtBRfwaASIjXg2qml_ZJqhOi1nu52gqDCzJ568I9oWbG37uHQyr7z40a9cAjdUwV-J5yZ1pKE9agTSf3Mm0IWe11H1d_Tv-Q-i265iQIF3gnik-G-bmeEAMkKH8mQWx9VH5ez1ZrqS4H6cbxCpmpcj5WRINhvf4lDH5NPRIZXSPo-jeV_zKpkH614iiLcrkYw8KgG1DDR750skC9J-e8JAw0pKtdIbu0PHiTmVXerCGW0N9pApuI0dobo-PFKHQAljiuW6oDED30eBspqQc-W5VfIUFzV5uvUjzt6BX4qhL_938DROTmxsAp7geG6CyTEj0hxweMcuW7Xj-f1Z6dtAgiwhe_aFRWXREd-rMWkl6ZIArgV1zOH9swXaq7UvFtdp0v77udfxhDdBhkoazSxmXVsqJ3sJXIXiQloXSas5srYSRKcRVJvJqi-rIWPY0jHvMCaymOhAemf5BJ-bLR_K8JBsi1znYo8MalyuYK--0LrwWgX1iySpPILVhU6F-kYLQ18RIOVfivADGhijZseFvp-TdISkE3Qzm6FA1l-hAig8LYHqOje0h4G3ElUL_uieoGlvYmLFZkNFzTZLhzJzbDj_PoubnczaYtXHevDlW8MKE81S-WyBP0G6MZ7uWZ-5kxf52kuGJNjsBmZBaRWYpClsIJp3wg-aPsmzKBZu21q_r8ttk9WH3VBp-33Vn137nNqvHi_a-bYeRnZ97joQVbyh8Kny2ojWS&sai=AMfl-YQC9m7msMlGHZHrV4DoDWQQdyVbu8lZ6oQn3UQFVLHHKbY3N5IJfCRqaDtXtJCJo9NlUQEuso21vuCTItY9YQACE43szsUUMviKd7HEFaarbXjOpH5IRVasyCNS1uNcw6VzZQ7b7_fArNQ3WpglLOaYxNJtInxPctj-Njl8FwxBxS6GdB5f3G5jmTLpAWeLl_2379xHivG-J9Iy36bs35aQUJHkt26GcW0N6wduhptwCNjFM37v0Hlv8Jv80TZbyJaBIvhmIJX4G34mf4OJjpccrzApyOfGQ47YNvNchuoAE0RTni1HN03yRwIT&sig=Cg0ArKJSzFrLkKWlps_dEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=129&vt=11&dtpt=128&dett=2&cstd=0&cisv=r20230426.13555&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0axpdZw1WbarLJJ-99_9NYjqtAgAoiTqlh35QVPn1wBak6b_g82rp6Nfolr8bENCtedIwJqzbm-qMei55JEVAbQfGMQ&cry=1&dbm_d=AKAmf-BeGgTuflWHSidgLp4j8Zf_yRiKXAm_QX_lJwRfGWfc6dRVhmmSKIUoM5WkHZ5TKxgjogEHpjXKTenmlrPEnd3lPm1RqCYpB8l4ej8J4RGQBdBZd5fGcFwLIwYaShV3HEtXKnS4VCfU92vUsoDUGlXSDJeiTA1udRgxNVqNyEAQbWE_lZf1T671MNRLW-Nz7wH6Zw30XOX73Nap4IgCcnY7oahdX2hF7hCHC8StVsdJ6RxORh9AwD6t0H_eGY76BXb6EOCSYgVJ7t7K46y1U4ajpl5ECogjQ7KxfTYCefrjfaV3d-Nzyd5fbjR56Lo_xVb0ccKmnZuQMG5DfXU-DnoYu9J1Y1wfAj2YNq2UuJ5eIBXEPJrf7KRFe-x-8AFqhBEeM2ztKPjYaWzX0lrd28lREAKaU6Yts627jehckWkIHnhmjHVq77btnxuQnuQYadRj2PbOVXHlCaP1CVF6WT69u64Rn1b1MVYb2VcnX9j91FOmsv6HhRd4zMTj4mcs7wmAbf37n_t_MFhK8JfIGM8oYaq4Wap1zcGQDBi6A8O4AM4mBigdgw9I4Yn3bTU2O_QkDhMpLwJJCkWSOTNkflS2WGxIkTFlAm2Y334BdbEeJTDdpEwbUIe6v5yVUN07U_MY8ETkzbiIUcLBEmf1gijvo6mIQ9dDe4mv8KT9ASkBTeTHt8DBGhPEmvrLCrrsjH8ZxfoiyDd96OzWh5vA-u2zS-DUj5D4XQvyaTV6AQh1ot9OWJfd8hGGFUdyt733vHNa2bdgU_2MZgnFfrSAVJ-ia2e9UFvHIpihQmyt6TP8qX4tHNldhYMKBhRCcJMkSo-4BMOqGLsZ6J-ByUSVcDHOVFn70GEGk67ND_K17p9Gepw09T8e-nY9XwI66jyEKa6NTv8kEuXJsmf9WxjQintOoXIsOW9cqhwEWOzd70vjm_yyXm9yZE9kjgGmevuQbT3YwaTpxYujlHN4gYx7zTIDaqUupHXNsYG8f_uRABRPi-xYxxKaX92zqXQWIJz2W1vYNrB6QuEFUrpLhnHRSq8wqmsrnq-c70dWCrRqcq0ztUOPgsPdhhw_p42FxJrkh8ckxu4UbuaoJlrxrHjEtljebnmNmBJ08LUJ8n3ey4jal2pa9mAsGeLaSZfDak1Y9U42KggPLYWYgvrdYc3NuBInAWsQVQTihcoE4G_i3U5W7JnXSVk3OqnxmsbJM1NZ9eOvWAYnqI5DLZgRLFWvvfEnW4_3G10Ry13d-m1ED3PK3WQ3hz_rUBIiXKsVwzlYOy2w6HYY16Az7jwF-hYDTePgNeDAW38n3q23Kai5n-9J7MgIvnxmp3HWDGW0cTkIvMP_O2d819FV8ZfdALqGD2dIYlysAIKxjuVZ0Cp6D2xuj7bR3-klVs2jjWMmxikRDpy9hg3wl1YD57ydLyMYDZ8e-iSyyzlQjdzwxdJbYR1yDZCA_rbLtlhK7Oevjlya2BBntxwbpr6jEvwB9xfPBxXzDww8ic9Uyy52UXKau6WYghFbXPtQGRQm5lNPgACxtZtqExlTxN8lYC37MrYZNr2sNZui_44inucUVpByf-KWfEuqRNwpfUSiauKPLSYCIWk_dHsfiC0XmN3Eoivw4P5igMdXwBsh6lD64ME6iBxaXzuWaI-yY-xw8HKAHuAZJQGJZ0Wt8bSbRC4DGxMilQBICDdf-B3qYq5iXp9g4pTF0YFOM0hwP8Kjkf4J9EYwHqSyfaG4cJmB5gjmQr6ZcaS-pnRozuVsRssHige_IEiht0DrHSlQDo9ZoEWmeQh9siq0-MfGVNrPAnixwdjVRtu7ihfm32E-J-k9PzVMpr9IMVAiARw_Cv3ok3loliIyR_z6NnLmXLAbTn7e_HmOoft9H8Pui2Dr3vv1TRcPRGATNTJoWebUbjw5oJyf37aJDJZrFVq60kW5whrw1KZ0a-9TpTGntLwDjalWkgxc7hQik5qUswp_J9rx30pg57fNYmNu8AVwgS2JwN7547o2Nqrd13llQ_Bcs5JnkZbLtJwiMzoEquu2AE9bmsLaHZO9wEYELxL2TS1YwoQFK7yiANTWgs5O3zieZCfIK_hxvJAhbEo1Obqx1trbDf_YI5mv6s7zkPVpaPyeY9pWnpWvs4YV3-OFqvaHaNGZMgI_gVCLKFDGdtT40IlcC30ziqhgiEqPPSI606JS0dpj6lwRYndWCtmSvdybS3Cr-3lUy72q9AYatPBXt5SDPDaV1tPOILLpHfadKJnXqq1WnpPAFmb9uB8sHWNF-YGXc9d2OQVfV61IkVcLUbgbfO72AcXOMGmPjI4x0gbxnUPggLO8a2jY_D7emZxihBR5its87pgyoQZlNyv31xVkRYW-zPCDDhDbQNXfQ1IwGkdWrkzPlsoX4RkODGkpYq7aN36_HevNFvy2D6j2IFhooH68_gIP09YzlCGmXwW3RiPoYH2w8cAM8g5l2rYGL-eLMHFRVkFv-G5mTDR4QjwBWw0ayHDsSesGBteoLpGWyBu2wpzkCobtb3EFAx7yOJBFJX_OQIh03im9uGp6qpiPkY6mxgGwX38urTufwyoLe6Xbft9z1pZFEAdDOUP2VicIzDSbWySXEk7bKYHzZw104BAeD-MvFOTD-UETVP2URlIT_5t1wwR_ai2QNZsW_ks-z8yeYc-jqYTtHtEJDPFeRJzBrffyODlSh91o5qYaw_WZJKWgMD4XVGNXbkmKeLAQuqSd1sYhRuJRdoNd2tPtIjHXzkaScEYPMTaK7iHzfZ1MKPAyDvofNiwlpazn8TJyiYuDQK2GWpXsV1IRqi3EEC05TS_2oz8fhrTO7YWgIzsBILxVckSIT2hBMO9zj3opq0XBl4xSCnbGxudH_LvINY0nvpDuowJhhRzx26io5G2Z0wVT4LrKXRQJ4RCqdQy77a6a2ziZos4Ws6Yvg9gML5pDiRRoFEw4YGr0s1iJClgwghFdETIoEhOo48KZoht72fIqCkCZNAJF4pQ6Y0U22Vpb4rOevlqCpuOzNn4JIx87ZFvMSViDxNf5Edg2EtcHBrHSRMXNV9hmvrLmAIAqzXsmTNPoyAjwgwlXG1nRCGb5I4iF-EA9rDWDWdiGE3-Z_E-o8SaTDwm9Zp0H-UIrb9SValT1YzLa5b6FeTs7RLvxiXNebiH5P5Hf_yryipfDITxZu6sFhZkn6XcKulbsA0wycMV0SfWEmH0DOHv0xAT4YxZFY9HN9yRxRYUVsyMk6Sb1AIOfo4MZnK5MDFblMMkn7JrlT4Nkf_lr5iPWJV7Cp_T3HAOdPorNN0GncIioc4o_Y6UDQp4UGcvSdgikufX3LNcZwQAJN48bduiVzAornkkR6SXGukYmu8uvPddx9HjYuAdljMa_ye8wvGRgk_2ecWnPaAi4pAgIkoQUpGQqmUINzL7-5Naq-kvb3wV8G6UwAcjaizBhrHRnl8nW9sbx3eJ8tlNCXfi-Q8xCTxSJ6YfDPsyfVO_r_EvkL_jp5skwk_Bb5wMzR4ntlgo9Qf0kb848LTeII-WNXhEnV4TeVnXvTOK_G9Vk5ay1nxQNQeH_iGe9cEABS1RXuAGF4ePEhXas2kessNPpkxHYPN16XTPnt82Kw9JYulNxFjvttfT7Yx3bUch10_atax2m4iJYf8LexRu5iqoldMPYkiVsJzPifZw1fBUjwt_xATZwTsk88hxdy2bR4fqrdiirzQQk5Uqh7I1UszY_-bREyv65Kh5pAily9HENwNClbVmseYztGubDwCciW8AzsS48RP-XrUBkSRjTB1mr&cid=CAQSTQBygQiDgkFoZVu58ntEVfEq08pxPXVpPcJQSPt1CjxUvLGkIeJ4N6hlQc_lQeDkTw49ssvOZcleXjwY90uioEKQWJBi7_gXpqYFW1gjGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.newsnationnow.com%2F&ds=l&xdt=1&iif=1&cor=12238816960506733000&adk=3690638929&idt=117&cac=0&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 01:59:14 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 126A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
21612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 19:59:02 GMT
etag
48472445140208031
expires
Sun, 30 Apr 2023 19:59:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BB0A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bc971508d0cf8cf9dfce9bc781eb96f4059c17ff5f0f5687cfada4b64637d42

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0DC1 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
21612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 19:59:02 GMT
etag
48472445140208031
expires
Sun, 30 Apr 2023 19:59:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B2DC 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d065f7cc6b79b09f5b6a153979752b530d4a8e93c48d540c7e91cca22e497f57

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame B2DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4iH6swvYfxhsOh1opgEmF1qVqX4M5TkZ69ZFL51chICWM8nrJ7KRSFbLhUUUJsNLNqJ59D2RE6XhGHakcZTt3MhvoxXcl9RgV_t_utyw8Fkp5wZsgTrznZNNn6Z5ZvmKhwW4YEZ_ap_Q_vpD9OCLR6ETqJvv5bfyKJ6obO54eaBu-sk-jz6EVQi3BRinpfh6Xjzf7cr9nS-Aaa5P9qOY7QgHzCsg5YJGbsgfy6J2cVi8VhLUDYizswcaIafKHV6cRB_l4TX0hPhYr8JoDOPQdW3Y8lg5-CbE6ry7wSzD_bGTSIkCO15lmBS588aZ66d4oxfPnDy24HY4Bu2UjxLWIQfKGmOQiZQt4XZD0e3-Qy-E7_pymSWjMNb7UZfHSrk3a5qlTxpJ5gdL2m0gBWcXwzl_vbp0vg2crc9QOO1bsgBWrgtGABLbzq10yA1zSWS1oEwE8LJfjYsor6cIDZJ6fqZtIul-WxM84u7eBhHY51qIaP5yilOLZ05WQNZ0xBe5731BlXFGxGSRRRMlGQ2dvupujlLqnG-Fc-bRHglmZcuaHcEIlJkV9z4NUCpGO0Q4X4PPRGewa6tK5e4ixDAdsNMTVQUyF8MrMC0F1523_r-LX-OD-Psscu08X-TZtsTM5zACVnVCpH81KM0rC1R8xnTWk5LLJcOcTrNeWpsbj-RtUKtB0PpO2Y7md1irAHOJZICg52YOAdC4P1bCfchyiD6ZDK6ix3hqz26xwpwFAMYBTpQrEg3phiSLHYXvLh5gkcMC8iNuklPQTEZ2vk8zrQUdZrRdDeYPLkm5xEr2nDbdmqyuBHWssdpqHPl8iXh9iOBwNNwiPbjXAfIAZtYDtLrG0W1ainrV8qYxgpPCWfSw26c9P5fWnwg-k8KnEzISqKnDIsSGaeXO3Ht_Feq086ES7WyJYHq1kDvnM7J2LSmnce4XAPkB7kaC9bCBVVFny8gwI3SYKUuwOprZ0LtTYIl8M863iXMEFX5KK2Q20LpNOOfRy_Yj_WY0blG-2oMowGnOjC3TkZ6hxwvG_Qp1gUSz6UOjFl-trK7b9OO0JJJnPsdcNvzNlgMLcbqCLZEM-YUW-mL4e-fnQYdPXyidprZTNPanstZows4oZhfC8qi06QukvUJaWtOYh-HtdjYx3S2m_I5RkTQhtly9lJWtGFnp6EySc4cIStgMDwSgI1gEwox3bmrbYHE754A4EqT7MGx09zVcF7scCW9if5V3R2Fq6O7QYU-e8DMsHLYxlXjw3vqYTVEaYEWo89NnEbXydXspom94uHslruTNJ034AR1HkmQA248As1vHe0yDL1cY63PJHOCTDn-Kk_uRAZ8z1c1JqubKTRw&sai=AMfl-YRjdJxUWF_4Ip3DmQSzvo5nnPF8IEIurFZwqhCg0RgyQk46CRj3ZPGyWln-DaIYt6fNDRAE204pVyGaduUOd5juWwtKlJMAEp1OXtBFWN4pcKvgbxOCjSKV_yC6xaur2it-OsG73ArvaV0iZaho3yGVFp2Fu_NHLIVrv5ifB2yQI-sCRByae5ODf0gt4k0D7pX8qZJas0MEstKlSC9quDbev1rpes2bOlBg2ptEl63zrmKOqvizz3D_ecO0qneGXO8AP_WtyHyT9u3F_awFV35ydPNnsE9uQebgzqpQ14to4WyF2hL5AUOyYTV-&sig=Cg0ArKJSzPqOx0-8h8MBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=146&vt=11&dtpt=144&dett=2&cstd=0&cisv=r20230426.28571&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3BAFXmFWJckD3kziQ_Icdm3CreYDjH0pOMrsuS-4d02Uc_WiMho8ooUc5wFUOPSGwzBdDpL83t49JGhGDpWfxjt3trw&cry=1&dbm_d=AKAmf-D6IUXLyUE0PtKvobFlb-9Bo8L8bEbhuO4OJQWTJBQ7rvoJU8u1N0OeEgYDz2heM-g9zDX2xoQfLAx_el1_QZtG50hXPXp81zp-LXv7_v4v68txIh6wu9vDbweZZdZeVobRC-HaGkb3CdgWoftgCK6fmxswHSBeK_DJqicQixVU4YF6iEGiaLhZ3nMCDtweq1IE5cwPIC-i0XycW_NAF1vmoQu8fJ09g3nfOhsd6YE0NGPnf7awWPvWXFNoJGGmt0WHuVbkClabI5A3oJthrgOyTlq4-zPnVBL-la-B_z7v75qNTO9F_n0cyFWV7lPayUmfh73GWQoRq8iSlud7ytyt_h41vIdPsMUwYrSXmSEu0CckEwA4BIybl3BaN_aSdFaYP2CBQ_fzl9S03nwgCUpOnzZPIIn_-y3Inf1GsLGhfq28G3PQMMhWf-GFzZwimTBG1s02H8AShZrSYYbpFyoLpjbCYeUy-lOw010W7tDsfdZErbQeItRjcfeDv3BnMQSwEPOdNhxz73q6flOxHEMi-2Vq10FPFzeUUQPBckSZJG8DBgvPE6AG3tA8IXCQ99XPJNKc5chWxnJ6ttYYle1oPOjc5mHOU9DtwVaToyPzIB6LUygEdiuNxooHaBAYa4fcEJk7Q_aS3sIlzuFe9mUzOPp1aXJy0_Ksz5aPPUZFeLXsRnt14YapkGDZkeHACHIS6XOVYOx8w97FBwRbSE6JC_1W9n1FlrDCQasRDF32jJi04QoxhdiBP_Q2TVhG6aI2wuQh-9U88iXnF6CkamWnik3LNJ--2I5lFcFyFfeLQmryrPbVvizF7bK-3IvykbRcFZsTH3weeJMnLW4eGKWvPb-funl4mvyea9zM5l8Np_j-kWb7RvISfjYAZWUZBe_xofP0PQzyrFyH3FnNPNS2RPsyRwRAEgPHZeh0WZmW5gxAfqpU1OY3yV6CDuQwC5q2amZ-CRP7MB3iweH3FFF-fD_Ph-K1r7j-Fhos3aIIk0Y7z_kTBrs_6xT7bZNhKfjyfCu0G7ZhUvCjTyvbEHQurtDPx9H272c9aGjxjlMbaIJGHLExXVB0R4YlpOacVywTs5sf5FYG2YrzyiGZ_NOCDpwxd4iuGhTj2sZkWy2H6OspZswY_aFq3zZTRbQqsoX7_Qj-0dZyy2Xezv4gMfrhlyuVv62FrVnvbXxCZ17xcWqSYsy7Gvz3VjfPwHlzY9a1tDZnBtYoLHmKDWw-EB8WsFEbHHULGK_giZVvQWDHo-AK6GYZZmVtnS_L3lGxwkuwddYREtphKIZ6JJk2DEFPeQBZOyCiWjw1XgTOIcn1VtTexDpHwOnDgb84zmLsjM8HS4kfqs5lFH0mMClADH_NHzX84rBNhVnR7QFqMlIrYDdSmRE5QDXdpTQURDfnc4yrDL5lQoUOS-q-KUCDF3N9SZA9zUk-fCTXuuFNNA_jh2YtkQ9a4YTDO4DXPy0uqp3dyOdLFd0GVoE6GTaCY2ZLgbRKpwTO2DTEUmXP25vcyg8O4GryWWegUZTOSVczPOY4jCqBRkR22BvImX0Scpv6D0Wiaytq41chlQqgh_an03BejhhBmUtwAeNNlqQAsJFnauPzlYburzfuVCtT--wGBgCD9Zau7HUnGDPSP8R0ZAmNZ9okeyuBWTg2Gd92BpaCDoS3Ud6TQnncNNzU8qMtgWC8hnpJpi3X_2bMnQTr8weJyLwTbFK3xtE2OIjqMNjqBMYoACq5AEWpdWp8qLtlqvLrvhMHDQDIENX8RwU2jIt6fkKm-hDVWiwsSJm-YD-fZz4eNSfAjbThSud7KoxOqfDTvd6Xdv_ymtEQXAdsdrDdmC6lY7YneeKn2o1Ib4_pTv14Qn6Aifvin0CdB_fhO5KfaijVaV9aBARkZgwZvzbKmEg4xt3511E6OokZbeQ0aU78W1McXgL5TEy291zTyEcAllUUm5vJ_g91nUGGGPXflIjSXCn3wJo8eUEV2jDM6V7jOJwGsWLp3uxNe0CKC_-n9nxJ2_GGsLs64WXuFNjOoIoz4-FbiIDpzM1QcOA6mJGe5vvRRh30j_BvXL1ovhnpOoZyfX8_TFLcoPxgYETZcqKVJlbz5SoY-OHJH2nPxpjlbM6D6-flRrFK1tplPtfytY-V6cXKH7Xc3GLJcQm-oR7nZAqjxxHvkw2QbN9K2WXZVlPfScugwVGICzoEZqzvlLWx857iOz2MJt0yPuYoCyqWWFJRJmO7NGuPZ0nv7MwtInstgekZRsAQhGcQVBtbRQ8AgCBiamXI-4amb2Xl0tKQ8fWapxH8heqIPIgNemxDlKLwxnxiogd8Nq0NMJ5a_mNQjAiAVlEcWAZYY2fPRBUCLy3gtzmQWHMM1PbfWEz-P-WwjQFwYO68GxgigSL3PFoHZb2tmOCW6Xi-UbdF4-HsjKsTarQHahUWt--yYiHdnwb9cWj3MMWLyu9fFx0_XRZzJwIdJJMbj-dxrsI2yamodGlHZVC9itWDZNA84Y8RHQUZRi9jPAG3Q9E0r6WF8lQAGCB1DUdoOh_SmwW0C-QWGzvXKk7g-amw7pO4tIUDAB4UMEeeGWN_xbKiIozMWz9b3Is9n3heIumRhxI47mjyHoDT8XbLDTAtDLudVQXuYyZdx25q3Dvf-F5GsVpTopFdV5LlnEl3u8QoBlYRPUZYChGZT_4xo9nI-ix4EWRiiinb36QFsVcHwDFw5afI7r2_ykwzjveH3x4fwyjPiW2l4dlNrFqfcjG52M3iUSdKsscw7ns-QBg9YJzg3lDNVu8Thr_fKrUlbIPPgnzSgrn6jxofLCLlRt4hf3M0mdMO4dCg689ao9ppesx1o99MqYJUaJLVRiORawKhuAK-QY4L4HTz26Ss0LpvlmisDLPltz_XZbJstl42l0dvCPC8HRCaIJ6s3ZDjbWrikM9lyuwG0aTYvSyjK61pvWf98gZnUfmKeLpTz88fJ9vEdLw_XianzscoDR7q0G_ToWj5ZMg6nyJXmnaVheuFVpmzdmzjTeNEKF-6zDessS4qw6iidRzJz5WMFNJVSjhQNJwTJJ8cTqkVIUEXVnOH6vuixJ5QM2pgsnguTITbgi26xid-kWWhEdnF_BdyU8P_lOvWSnyMQzS9hI1poJ8IdaM82hipyXIcvPD88aA8_hYsU0TN10t2S6q0xspbbBg2udN83En1kSgjeHEqCSXeOgVr3aAFzY3Z6FL1qG5MljSu0jiqH47BOLHOlTqgb4Lf7V2sjto8nnIp15l-mQWvjst8qhjQWJMzV-ACb75xscMH19ApBQxlcQlNm_ivE4OdiD_Xx_o2hW6VBUUgn6FvYkPq8zRwAWQnS5lNPGEo9O5pn6tc4IjC3WVnx5oZbQIvbhiIIw1TYfAZfu9PHSUngdPNPnngUyekps-UEmqx9wq31d3dekW9ImBuRHusVnSok1-6E4M1vzyDZMxPU1tN1j3pU5PFqRuiXF3DY1Rv-f2sglgCGMuVEshzNkNt73AZDvCbSqtFTiAEvT8dv_sOFkompK68dmoub6ux8fRbVcFL-tYutqqvivltKyO_4b5Zq6DLlVbZgeqEqc5lXkVFitxhCxerHm334UHuUkCxdw_bbVytRMVt-ScqHOzbAUa2ab1rPH1z-B6qTAAEUf4fdu-Xfka1_TRnQUbkeAoPizX5CM-1OB98s4eHv4bLKr9201z1ljwfiv2zVQn3mg3OZ0_yw5-ShEsnLl-GCgWORfH8C5T0BiL53wwvv5F8Z1dqXwdmSGjQQaUfw14RIF-yNhwNSWjK-_aLsw6vJycKlvwASPvxwA&cid=CAQSTQBygQiDgkFoZVu58ntEVfEq08pxPXVpPcJQSPt1CjxUvLGkIeJ4N6hlQc_lQeDkTw49ssvOZcleXjwY90uioEKQWJBi7_gXpqYFW1gjGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.newsnationnow.com%2F&ds=l&xdt=1&iif=1&cor=11868178320541995000&adk=2004672170&idt=79&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 01:59:14 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7E78 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
21605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 19:59:09 GMT
expires
Sun, 28 Apr 2024 19:59:09 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1262
check.analytics.rlcdn.com/check/ 		25 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1262
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-8.yul62.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 01:59:14 GMT
via
1.1 c83536c4e12f4a229fa27266fc5fdd56.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-amzn-trace-id
Root=1-644dcb72-7cf2b4177d508afb4fb1ee40
x-amzn-requestid
e79a3b81-7848-4809-a139-ded94e580cee
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
EKy58HhIDoEF2tA=
content-length
25
x-amz-cf-id
BF978FTMRl5PpHfetWMWZ2HfMxri-uhiMjYN6V2Ndjyu1XfeusK1Xw==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C61D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.newsnationnow.com
URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
21605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 19:59:09 GMT
expires
Sun, 28 Apr 2024 19:59:09 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 126A
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEBSYABZ-jhTQZNDE-z8_9Gw&google_cver=1&google_push=ATf1kGM0ekOlPUzYCG-EyXeZwVUjgdDfrhHLRxGHWQhwSuG_AqGmnVZIziqeEJj-RYkGxn3jQag03V3eN0nuKZhr7QzBZs-ojyUz
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDg0MTg4MjdBMEFGRDcyMw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDg0MTg4MjdBMEFGRDcyMw==
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDg0MTg4MjdBMEFGRDcyMw==
date
Sun, 30 Apr 2023 01:59:14 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 126A
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHl23Egvwtxqp1YuysAytPM&google_cver=1&google_push=ATf1kGNqPUy3h2oJbWK1N2XjiswcOGXG-WCsLMKpPR0bBcstgyDKcAP-Dqjw5M89NdaSTPgi72a2WQJC-PLQUqHU...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=g4xviK_ISe6bW4nuvSP07Q2&google_push=ATf1kGNqPUy3h2oJbWK1N2XjiswcOGXG-WCsLMKpPR0bBcstgyDKcAP-Dqjw5M89NdaSTPgi72a2WQJC-PLQUqHUEVkfMPVAjcuK
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=g4xviK_ISe6bW4nuvSP07Q2&google_push=ATf1kGNqPUy3h2oJbWK1N2XjiswcOGXG-WCsLMKpPR0bBcstgyDKcAP-Dqjw5M89NdaSTPgi72a2WQJC-PLQUqHUEVkfMPVAjcuK
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 01:59:14 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=g4xviK_ISe6bW4nuvSP07Q2&google_push=ATf1kGNqPUy3h2oJbWK1N2XjiswcOGXG-WCsLMKpPR0bBcstgyDKcAP-Dqjw5M89NdaSTPgi72a2WQJC-PLQUqHUEVkfMPVAjcuK
x-host
tde-deliveryengine-production-69d487867f-w6bz9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 126A
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJlT6JDCN44M1tfRR8vcWes&c_param1=ATf1kGP1I1-qzAIambon-58e7V5a3VgAbRA0KKT1qNIHBKuWi6E7AHkf9D9QqeoMKOrVjrdV2iopyJj3x8aML0JiFe7QsuYt8Nag&gdpr=%%GDPR%%&...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGP1I1-qzAIambon-58e7V5a3VgAbRA0KKT1qNIHBKuWi6E7AHkf9D9QqeoMKOrVjrdV2iopyJj3x8aML0JiFe7QsuYt8Nag
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGP1I1-qzAIambon-58e7V5a3VgAbRA0KKT1qNIHBKuWi6E7AHkf9D9QqeoMKOrVjrdV2iopyJj3x8aML0JiFe7QsuYt8Nag
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGP1I1-qzAIambon-58e7V5a3VgAbRA0KKT1qNIHBKuWi6E7AHkf9D9QqeoMKOrVjrdV2iopyJj3x8aML0JiFe7QsuYt8Nag
date
Sun, 30 Apr 2023 01:59:14 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 126A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ68-D-o92wWnIKIySg-1EM&google_cver=1&google_push=ATf1kGOdOxuK1ppNOGezYahduLGLYuDkPa0upsNqQ1dP5EVUSDdj1FkuKZnO5DTCMJAXtdUduG8...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyUkpTQVAtWS1IVEJE&google_push=ATf1kGOdOxuK1ppNOGezYahduLGLYuDkPa0upsNqQ1dP5EVUSDdj1FkuKZnO5DTCMJAXtdUduG8d7WBUebYrzCid-acoitt0OPjY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyUkpTQVAtWS1IVEJE&google_push=ATf1kGOdOxuK1ppNOGezYahduLGLYuDkPa0upsNqQ1dP5EVUSDdj1FkuKZnO5DTCMJAXtdUduG8d7WBUebYrzCid-acoitt0OPjY
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyUkpTQVAtWS1IVEJE&google_push=ATf1kGOdOxuK1ppNOGezYahduLGLYuDkPa0upsNqQ1dP5EVUSDdj1FkuKZnO5DTCMJAXtdUduG8d7WBUebYrzCid-acoitt0OPjY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
Expires
0
pixel
cm.g.doubleclick.net/ Frame 126A
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGNtuTD4ZhcyOTd2StgX3oEJ8caWMCQhNRcGhEZ9GabFPi2VbaOI3AhRqS5Ws6O_fygwxM0dtUAEVR...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGNtuTD4ZhcyOTd2StgX3oEJ8caWMCQhNRcGhEZ9GabFPi2VbaOI3AhRqS5Ws6O_fygwxM0dtUAEVRfyC1IAlDszEMKkAbdyOQ&google_hm=2171f362-a4cc-4148-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGNtuTD4ZhcyOTd2StgX3oEJ8caWMCQhNRcGhEZ9GabFPi2VbaOI3AhRqS5Ws6O_fygwxM0dtUAEVRfyC1IAlDszEMKkAbdyOQ&google_hm=2171f362-a4cc-4148-8d35-d41073c8fa9b
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:14 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-54
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGNtuTD4ZhcyOTd2StgX3oEJ8caWMCQhNRcGhEZ9GabFPi2VbaOI3AhRqS5Ws6O_fygwxM0dtUAEVRfyC1IAlDszEMKkAbdyOQ&google_hm=2171f362-a4cc-4148-8d35-d41073c8fa9b
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 126A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH...
  • https://sync.targeting.unrulymedia.com/csync/RX-fefba385-d67b-4953-8954-bd76b135de3f-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGMB4itMg_zKVbCRg_BGl...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMB4itMg_zKVbCRg_BGlj8Ce8vwfmHNoSbG-kNFBalPYvZDPy6e3ht3fubNtk0IOlMp2Y6ECbOm7b2TVX6irviF78XXm3sv6w&google_hm=Bf77o4XWe0lTiVS9drE13j8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMB4itMg_zKVbCRg_BGlj8Ce8vwfmHNoSbG-kNFBalPYvZDPy6e3ht3fubNtk0IOlMp2Y6ECbOm7b2TVX6irviF78XXm3sv6w&google_hm=Bf77o4XWe0lTiVS9drE13j8
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 01:59:14 GMT
Server
Tengine
ETag
RXfefba385d67b49538954bd76b135de3f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMB4itMg_zKVbCRg_BGlj8Ce8vwfmHNoSbG-kNFBalPYvZDPy6e3ht3fubNtk0IOlMp2Y6ECbOm7b2TVX6irviF78XXm3sv6w&google_hm=Bf77o4XWe0lTiVS9drE13j8
Content-Type
text/html
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 126A
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEOGAkKoK6CgaaCierZyXA4M&google_cver=1&google_push=ATf1kGNAguuo1dn5QGHmhpgHCFJdyh2Wbe3SRge-ICnO6b-uLY-4OvxX2ZfJ-9x_J7cjnR8TIJedWu6YjZw_VzGRGtBbVba2BPgNCw
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGNAguuo1dn5QGHmhpgHCFJdyh2Wbe3SRge-ICnO6b-uLY-4OvxX2ZfJ-9x_J7cjnR8TIJedWu6YjZw_VzGRGtBbVba2BPgNCw&google_hm=5d3fda4793c339f35...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGNAguuo1dn5QGHmhpgHCFJdyh2Wbe3SRge-ICnO6b-uLY-4OvxX2ZfJ-9x_J7cjnR8TIJedWu6YjZw_VzGRGtBbVba2BPgNCw&google_hm=5d3fda4793c339f35382892a6bfbf613
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGNAguuo1dn5QGHmhpgHCFJdyh2Wbe3SRge-ICnO6b-uLY-4OvxX2ZfJ-9x_J7cjnR8TIJedWu6YjZw_VzGRGtBbVba2BPgNCw&google_hm=5d3fda4793c339f35382892a6bfbf613
date
Sun, 30 Apr 2023 01:59:14 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
attr
cm.g.doubleclick.net/pixel/ Frame 126A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IAywObCgJLS4it2z23hRkvGYD5yka9irjSnPbidGL0EFPCofRUg80gEZgOQYhaVZCg-Bd9
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 0DC1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG_rpd5nA1yz-FEro_bmTuY&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG_rpd5nA1yz-FEro_bmTuY&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RTEwRzRJYXoxUFNXbGs1&google_gid=CAESEG_rpd5nA1yz-FEro_bmTuY&google_cver=1&google_push=ATf1kGMG59IuV4UYnKs7QcETfZB-61jWUU2-9Qh1lTxdB74...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RTEwRzRJYXoxUFNXbGs1&google_gid=CAESEG_rpd5nA1yz-FEro_bmTuY&google_cver=1&google_push=ATf1kGMG59IuV4UYnKs7QcETfZB-61jWUU2-9Qh1lTxdB74eIh7MGcw7Y4QLMh_gFqdzE8n3W05OPEHlrJZNsq_2oxdtBEDF3Dk
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:14 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0dbd7bdfaca2bd81c@us-west-2c@dxedge-app-us-west-2-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RTEwRzRJYXoxUFNXbGs1&google_gid=CAESEG_rpd5nA1yz-FEro_bmTuY&google_cver=1&google_push=ATf1kGMG59IuV4UYnKs7QcETfZB-61jWUU2-9Qh1lTxdB74eIh7MGcw7Y4QLMh_gFqdzE8n3W05OPEHlrJZNsq_2oxdtBEDF3Dk
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0DC1
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHl23Egvwtxqp1YuysAytPM&google_cver=1&google_push=ATf1kGPbD-M9YLc5ryuDq1Nt8NVt-tYIlc9MsR9vw2vn2m5XRcBjRh1rGoDaDUrGfLfAoPknMromqITJAi36nt8y...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dOJDvdWLQJWKusH1h8ZDXg2&google_push=ATf1kGPbD-M9YLc5ryuDq1Nt8NVt-tYIlc9MsR9vw2vn2m5XRcBjRh1rGoDaDUrGfLfAoPknMromqITJAi36nt8yvGG3ZfBp7KaJ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dOJDvdWLQJWKusH1h8ZDXg2&google_push=ATf1kGPbD-M9YLc5ryuDq1Nt8NVt-tYIlc9MsR9vw2vn2m5XRcBjRh1rGoDaDUrGfLfAoPknMromqITJAi36nt8yvGG3ZfBp7KaJ
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 01:59:14 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dOJDvdWLQJWKusH1h8ZDXg2&google_push=ATf1kGPbD-M9YLc5ryuDq1Nt8NVt-tYIlc9MsR9vw2vn2m5XRcBjRh1rGoDaDUrGfLfAoPknMromqITJAi36nt8yvGG3ZfBp7KaJ
x-host
tde-deliveryengine-production-69d487867f-72qdr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0DC1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHQqL_lsOAmly8Ob5-yWEw0&google_cver=1&google_push=ATf1kGMl18GTn-oMiPcs3skQghSPnvfSudwo5HyX1D4bU-_sXzRlIqxW-fkl0jpRjvjMqgXGvuM6cVgk...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgxMjYyNDYwOTM2OTI1NTYwNA&google_push=ATf1kGMl18GTn-oMiPcs3skQghSPnvfSudwo5HyX1D4bU-_sXzRlIqxW-fkl0jpRjvjMqgXGvuM6cV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgxMjYyNDYwOTM2OTI1NTYwNA&google_push=ATf1kGMl18GTn-oMiPcs3skQghSPnvfSudwo5HyX1D4bU-_sXzRlIqxW-fkl0jpRjvjMqgXGvuM6cVgkSf_JdsYglGlFtREjzcpl
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgxMjYyNDYwOTM2OTI1NTYwNA&google_push=ATf1kGMl18GTn-oMiPcs3skQghSPnvfSudwo5HyX1D4bU-_sXzRlIqxW-fkl0jpRjvjMqgXGvuM6cVgkSf_JdsYglGlFtREjzcpl
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0DC1
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIoY_hf977BWSYKEXaqbky0&google_cver=1&google_push=ATf1kGO0mmgwdXb65s8oZAJeoaLHpuIF7I0JoctSQHuKYWZAn-948Bz06fbdmkHjpnNlCABljbN3PxeqaZCbFDkZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=2947bdb4&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGO0mmgwdXb65s8oZAJeoaLHpuIF7I0JoctSQHuKYWZA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=2947bdb4&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGO0mmgwdXb65s8oZAJeoaLHpuIF7I0JoctSQHuKYWZAn-948Bz06fbdmkHjpnNlCABljbN3PxeqaZCbFDkZ83y2IvRi_Gqh
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 01:59:14 GMT
via
1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=2947bdb4&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGO0mmgwdXb65s8oZAJeoaLHpuIF7I0JoctSQHuKYWZAn-948Bz06fbdmkHjpnNlCABljbN3PxeqaZCbFDkZ83y2IvRi_Gqh
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
K2s7ta_vRx8AYDakApAcLSefDiLwjzVYSZSuEshZH3b00sAVd4Bcwg==
pixel
cm.g.doubleclick.net/ Frame 0DC1
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEOGAkKoK6CgaaCierZyXA4M&google_cver=1&google_push=ATf1kGMBJPIB-7dM9bYxhKErERH04SpCSahnsQ3A2a61mX_oFr3hANmuB8PNh09UzTNDuyyc40VY7SAzzF5rI4jNWJ4VI6gEdy1M
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGMBJPIB-7dM9bYxhKErERH04SpCSahnsQ3A2a61mX_oFr3hANmuB8PNh09UzTNDuyyc40VY7SAzzF5rI4jNWJ4VI6gEdy1M&google_hm=97748cccb384a5e39ab...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGMBJPIB-7dM9bYxhKErERH04SpCSahnsQ3A2a61mX_oFr3hANmuB8PNh09UzTNDuyyc40VY7SAzzF5rI4jNWJ4VI6gEdy1M&google_hm=97748cccb384a5e39ab1a785cdc990da
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGMBJPIB-7dM9bYxhKErERH04SpCSahnsQ3A2a61mX_oFr3hANmuB8PNh09UzTNDuyyc40VY7SAzzF5rI4jNWJ4VI6gEdy1M&google_hm=97748cccb384a5e39ab1a785cdc990da
date
Sun, 30 Apr 2023 01:59:14 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame 0DC1
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEMmgJRf7UQonWhgihWxnwg8&google_cver=1&google_push=ATf1kGOPDNOrVkkhkOyVwCBXeV9frKBdcprIOQ3GnkBQVkJDX8P8SVA5Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOPDNOrVkkhkOyVwCBXeV9frKBdcprIOQ3GnkBQVkJDX8P8SVA5Yc6dUTS0JXz1IphkOaBpGWAI4Yj4EoHiPMxkjBIzIGzR&google_hm=QlMuNGE2ZC04NTc0LT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOPDNOrVkkhkOyVwCBXeV9frKBdcprIOQ3GnkBQVkJDX8P8SVA5Yc6dUTS0JXz1IphkOaBpGWAI4Yj4EoHiPMxkjBIzIGzR&google_hm=QlMuNGE2ZC04NTc0LTQ5YjItYTliMQ==
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOPDNOrVkkhkOyVwCBXeV9frKBdcprIOQ3GnkBQVkJDX8P8SVA5Yc6dUTS0JXz1IphkOaBpGWAI4Yj4EoHiPMxkjBIzIGzR&google_hm=QlMuNGE2ZC04NTc0LTQ5YjItYTliMQ==
Date
Sun, 30 Apr 2023 01:59:14 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 0DC1
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEKBXlarVZWxW_uljtSvFAm4&google_cver=1&google_push=ATf1kGOsRtvOkE3rtUaqmv9W88z6xPIZtt2Og7iXEEvJhfoxK2gaXuD1OgHn_VLXEmmPZFIl4716MD4RXh_qOcGJyRzHxjY5i...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGOsRtvOkE3rtUaqmv9W88z6xPIZtt2Og7iXEEvJhfoxK2gaXuD1OgHn_VLXEmmPZFIl4716MD4RXh_qOcGJyRzHxjY5igxboA&google_hm=9a244197be68...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGOsRtvOkE3rtUaqmv9W88z6xPIZtt2Og7iXEEvJhfoxK2gaXuD1OgHn_VLXEmmPZFIl4716MD4RXh_qOcGJyRzHxjY5igxboA&google_hm=9a244197be68358dfeab67af3138f206
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ATf1kGOsRtvOkE3rtUaqmv9W88z6xPIZtt2Og7iXEEvJhfoxK2gaXuD1OgHn_VLXEmmPZFIl4716MD4RXh_qOcGJyRzHxjY5igxboA&google_hm=9a244197be68358dfeab67af3138f206
date
Sun, 30 Apr 2023 01:59:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 0DC1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-UZzVG8VaL37smhakyVwlpF-ToZeFNCxedBa1KRZ6m9fIW7K-_1txOOhNGAB9EoMwXfQ4Ha0
Requested by
Host: 5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
URL: https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
t
api.segment.io/v1/ 		21 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ombTFgzuMyzShBegBMRNK25zHRqm1YzP/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.110.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-110-192.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsnationnow.com
date
Sun, 30 Apr 2023 01:59:14 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.newsnationnow.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.newsnationnow.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Sun, 30 Apr 2023 01:59:14 GMT
simple
api.sail-personalize.com/v1/personalize/ 		288 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=6.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
e2ac609b5ca271090852b4166e4569ec79f84e372277ba386c151cbc9c6ceb37

Request headers

x-lib-version
v1.0.1
accept-language
en-CA,en;q=0.9
authorization
Bearer 1b7f118addf58b8b1ae5ad9e6fad27ec
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://www.newsnationnow.com/
x-referring-url
https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
196
expires
-1
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c20c45870b413bbdc61e95127c7daac93c75193bfd649d4fd9dfb99aee16f5eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11262
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 493B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.newsnationnow.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.newsnationnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 01:59:14 GMT
server
Kestrel
server-processing-duration-in-ticks
348224
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame 7E78 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
280242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:08:32 GMT
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame C61D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
280242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:08:32 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 01:59:14 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 9AED 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sid
mug.criteo.com/ Frame 493B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=newsnationnow.com&sn=ChromeSyncframe&so=0&topUrl=www.newsnationnow.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Rn4Ej3xJSGFpZzBpVE1UaE4zOUNBTlNTamREOVdubCtzd0JOOTRYWXFEeW1lMjFXVWxFOExUaVdwZDRIOWRPaGZnWHlOSkFCcHBRTzVENko3bWpldHYrMDNWSk9mMFNaenVpd0lYdDFGOFpKcnUzZVV4S0o3YnNYTHN5MC...
455 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Rn4Ej3xJSGFpZzBpVE1UaE4zOUNBTlNTamREOVdubCtzd0JOOTRYWXFEeW1lMjFXVWxFOExUaVdwZDRIOWRPaGZnWHlOSkFCcHBRTzVENko3bWpldHYrMDNWSk9mMFNaenVpd0lYdDFGOFpKcnUzZVV4S0o3YnNYTHN5MC94cUpueGxDRXl2RzRtbWFDRHpDSXB5UHZ2Zy9DUGRUZlE0QUwyb3pGc2dtazlzYThtSTRiYVcxRXc4TVgxM1VyQWp5aXY3aTVZT0xDNlQ5cnZlQU5wcTMvenAxNkhkbjhpUFF4T2FTQU8wQ1VKM2k2OHIzTUxLa0xwKzFmVXRWSkhSYU9lTGM3aVRYSXFkU3B2Q0E3ZzhndzlLT3NKYXF6aTVNNm1BalZvdWk0QXNxUGxhaz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
071fa6ee748fff543b5a107ab59132542756ac0ebe86f1708b79afd9d93139b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2558587
expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Rn4Ej3xJSGFpZzBpVE1UaE4zOUNBTlNTamREOVdubCtzd0JOOTRYWXFEeW1lMjFXVWxFOExUaVdwZDRIOWRPaGZnWHlOSkFCcHBRTzVENko3bWpldHYrMDNWSk9mMFNaenVpd0lYdDFGOFpKcnUzZVV4S0o3YnNYTHN5MC94cUpueGxDRXl2RzRtbWFDRHpDSXB5UHZ2Zy9DUGRUZlE0QUwyb3pGc2dtazlzYThtSTRiYVcxRXc4TVgxM1VyQWp5aXY3aTVZT0xDNlQ5cnZlQU5wcTMvenAxNkhkbjhpUFF4T2FTQU8wQ1VKM2k2OHIzTUxLa0xwKzFmVXRWSkhSYU9lTGM3aVRYSXFkU3B2Q0E3ZzhndzlLT3NKYXF6aTVNNm1BalZvdWk0QXNxUGxhaz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
351912
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6961 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsnationnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
21609
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 19:59:05 GMT
expires
Sun, 28 Apr 2024 19:59:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 289A 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/31b9b552-f32e-4036-8364-726eb992b71d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2c19221e712d2f822b4b12520e26bbef9a6848faf76892d4dead3fdd063ba0c0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sUGGCitv46FLQ112dP4kVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsnationnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-sUGGCitv46FLQ112dP4kVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 01:59:14 GMT
expires
Sun, 30 Apr 2023 01:59:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 08B8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvE4vcMtNZL6ZCsK5zwWdz4JYAAAAADgB4AQC&bg=!NjWlNWHNAAYfNdXmPzU7ADkAdvg8WrGOqiyUG145Fe8mEY47917wTJY0QH0y_oX4_cNLJRKuftlKQrQrPRvHFL_WpkmmVSUwgTkCAAACClIAAAADaAEHCgBDVB4Q894NAZHPjZ4MTrX-KKarzwRiPeEdgw7d2NVRduk7-z2j07icFXA5Asj6K7xRODpHxzXTiJGc_ny52HZxZd8xEpkDGy3E_bYPf5p-dJtjmjUKFOcybp6slhG6l5p7Re7ASyNROrnJbizqvlc-W0UKP3-KGceXt2nFs-4P0a-BSZ3qI_x1xIaeGey_rxtYXwPlXcv5rzyGBn7N6WvbU7UWT9jaTFQNt5ZPl665eIUzS49ZYAS9GhFZ2qm7zvJYZcpBUsmswkm921TsBoDoQHGSfLOoj9GNsIZlnMBOJDRJrzUMjqY-m5um1wFAg7xAyME1wr6GDwVSNqNM3y8BF24hofJoGFVrXTFUoT6-y672euIs2HbjfhT8vVFXxKk3OwhYNZ9C4X7MgqKlYkjEzFSf_EA2twYgbavLLlgZGMywrr7FFZFPfXfp8EuPMwi9g9xXqLk0vtpIdlgHKY6ImpfJAHt_Q_-_xXsbJXeDqpPz0jKRfMShXXZ18vUnJn_KPRTgHGbgzDQq7j1k-qoS8zlByXN_9bw6h-mLLcpSw7Yj_yvtt-aDOBgKpFqV9W6EkxX_VDfSQz2jKwD9PSppgbHZ6J0FhILq-BoHNbGK0pBfdpAA66l3ggrMrFXwDeICH8J5yrBIAMMQGTkmPday_q5x02QpZY8oXBPaghFFgK1fBoVqXPOLCXYtDV7AZ6e1goVMd7ZWvCmw3NLhX2nlVcKAjgbNSs8lLGMz3yJ8ru6hqLrwUyJtWY942pgKfFBZiEM8HatodMs6EGFZPwzvSRPutkJCVgnPPkJBrnVPsrY75TtUglGwUCrxU7-CCgifGV_H_oJspuWl0VDdqV3ZjTwoIABy-YDxjRfxKYN2cbY-TuCUuHVEaDX6_r27a0wZyK8j-1LFH3jQ2UNNIKWp1BImm53j0zaB6LxLzt6vF9xr2YTjlrXL4jC5am1AACCvf9YGD3Nu9w_XrAQT4sRAQ_wXwV0YW6vcHo7x3pP2tAVaTAMJT2_vbWbqtk25i_fmtDc9g0QJ-G7LMjtqjttyklOOUOZ30PoVrnGsdbrhzijCQ6_LRtTbNO1AE4dh3D-qN9EfPL_z15P58sTpmXWzMsMXGtvcs-gIQWMNMlZBLG2sG80F4XksPZSRvMfx_U_qlA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 993F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSxPwcMtNZL2ZCsK5zwWdz4JYAAAAADgB4AQC&bg=!RUalRhLNAAYfNdXmPzU7ADkAdvg8WsQLV3X4hYxeiet2Z_HB96LoUj6bXY8QVHHdbqKLDeLc3-WrHy20gtn5F4gL7xNspw6dnmoCAAACSVIAAAACaAEHmQL-87vtuFC5GRlWxTqo0zPUF0VhCtgpu8c_DgmNrTdMij0Yj_ZTtKSEwbH7Ovjqnw2I9mYIE74FEtG5PpiQtsdbXJYd8oQPHDx09KDaYLQ-_BMd0lokNZR-oeizp0jymZ65eV-OykWqF8Foksi2xAAsV3d9YNNicXncuM4t8r6I_qe6vo7nWhepj19zAgo0RSQI7fofFI3de6HvgiswnKoUWUBZRQ8fhhzUX2Z5aEogpw-0e5X4agDf6yFAGbQSd9C7msVCkiJLSlYc3OoofgSIRBEwNQfBtnUs8nKaqrv9CG07JVSVB2oGZVmGpO5okqlGmd3q3EhSLKdoL4TjH0kAEIUySbcX2Jr47ZesPiirBeGSbtJJUg6roZJS2mUjx0YVfNWzQR_IY-SchZT0SwgL5bs2g6dK7n7m0bh6r0eD5ac3MFUdW_0hD6FfvYAAsXbE8L4eu_SRq2q1yY1TlZWlsctBDXufZoq7QMfvD8GkrW1UBlV--EqJ_SxvFQT-hJIcgE08rRYSI46SquN7q-cGF9NzQmtgVsCj1W-Mld8F9-J7oMxcb6zQRNcq5e1M6CfKG4iAM0llz_a2IzuQ1XbJu0PAp9pEbE_JxZZOl_SRmpxY4XaE4V2KagTXXiCtDCLhTU2_TFdtIB6woNunXXw00RrBGwTy8JIAsFHC1_mtZ7s14xeI11MGYHFPWQjylQu2gr3uWNJsUc_XQrCwxsfX4NAQ4lFOIOuJnbbBLMXyrKgyOI726MRnbbAWTV1qPC95qldxDpIYeJpHrrTiS0O8T611i-e4w0JS3Esujsxt0S2JvRBTojv4btQNYBlGYiCCPq8qy6QbF1JOISW3pkjR1Wwa0ZNYtSDkZzkI0xEUrMhzcHsBC3GnD2CgS4zmc31jm4xwV6gUnpeYER71UM7u3ixFf8z6IZgxGX4CR5DCiOKKTqzIEyREKCkyqlyiKYiNAM74vDFzdWcYBztQMe8zekQrQr0R_FmpmtM3OOoRE7Czg0dyrrK2D4b_mH1abg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 289A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250101&jk=962805737880682&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame 6961 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
280243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:08:32 GMT
envelope
api.rlcdn.com/api/identity/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1262
Requested by
Host: www.nxsttv.com
URL: https://www.nxsttv.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-7.32.0-20230406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsnationnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 01:59:15 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.newsnationnow.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=image
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=gc07948f5975ba895194
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D13a54d7e-5d29-48ca-b783-eece86e1ae12%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2806201715888124060&pt=13a54d7e-5d29-48ca-b783-eece86e1ae12%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2806201715888124060&pt=13a54d7e-5d29-48ca-b783-eece86e1ae12%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Date
Sun, 30 Apr 2023 01:59:15 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
72cc6282-df4b-4a80-b6fd-81dbaa73ae4f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2806201715888124060&pt=13a54d7e-5d29-48ca-b783-eece86e1ae12%2C%2C
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=726939&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259307703854
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259307703854
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:15 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
670
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259307703854
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7bfc2f30acececee-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&us_privacy=1---&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&dongle=0cfd&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 01:59:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/441/434/8/2.gif?puid=2171f362-a4cc-4148-8d35-d41073c8fa9b&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/7/3.gif?puid=2806201715888124060&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=0d3b310b-bf7a-405b-b93b-9457c9f6b19e&ttl=%%TTL%%
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F5%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/441/429/5/5.gif?puid=82F9C575-3E8E-4842-8DB7-4EBFA3FA043E&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/112/4/6.gif?puid=22D37AD76CA25579&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-6040W6kX2gaWsq9yAk3V-qjusrQu52a6b56osqPB-A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F3%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/3/3/7.gif?puid=a664644d-cb70-4300-9a13-233ed2a6eae5&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F2%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/441/108/2/8.gif?puid=13a54d7e-5d29-48ca-b783-eece86e1ae12&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AADqGE7Im5cAACHzaMyfgw
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=a664644d-cb70-4300-9a13-233ed2a6eae5&gdpr=0&consent=&id5id=ID5-6040W6kX2gaWsq9yAk3V-qjusrQu52a6b56osqPB-A
49 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=a664644d-cb70-4300-9a13-233ed2a6eae5&gdpr=0&consent=&id5id=ID5-6040W6kX2gaWsq9yAk3V-qjusrQu52a6b56osqPB-A
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:16 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-54
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=a664644d-cb70-4300-9a13-233ed2a6eae5&gdpr=0&consent=&id5id=ID5-6040W6kX2gaWsq9yAk3V-qjusrQu52a6b56osqPB-A
date
Sun, 30 Apr 2023 01:59:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E78 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvVSYcctNZJugL5KMyQOfkJq4BgAAAAA4AeAEAg&bg=!WVqlWg7NAAb9Sbh13Uk7ADkAdvg8Wl4OYacJwUHV0zHio1YsaOO0Q0hxdbJNGadHU4cYAKl3uIsiSqvZilquARpcFRSo_s-c0MMCAAABOVIAAAADaAEHmQMuRPRnxJtQkVvtBsBHggM1evQhwPf1epZ3-iONx6-qfUPhBxjt0uEoKNHzLS3Vcm0-OTE2NogPTHeyWNw4pf0p8WTXQQpBz_NeoNG3Iuo0ZMTyPMxA6NvlcpJ3JCoagkS6RbnRp3dywE-otTRavgM7S_YpOUmtANoZpYnGPBu-XOUXjg1nvQMngTmq4j8nqOOApOeGJ1FJGeKM1ZDpdeu07Qmeb3OQbHlW1zcts2zBPjw6Gas_cdUCtC7DH9Z0LGGgpyPhWAVNHNSQJMfQoTaYB-SpdgXhwKqVWb2PBbmIBkgcR-R3i9SFeb0rpHTQPIFIXAoAUrNA-tpC_33ULmXOsD2LRcKbOtQXS8wsPrJlR-omXjaxRyE36h1sWroz2ZsLTO9AM0tQCsonsicTBwHG0CAPk9Cf0YmeNt9KI0we4zbJ17hR_mii1IMMDin5Kgr4eLFoLtssfNAA9yTYb_o4azdORUeLEGlhqUWlpFnIlPa3D4epjLl1AfaKCGZP-A_1ThsyvGjdOJvB9JKpZe5cgnANt5U9xYorlj-M7XFddgLnoWYRtL0X7P3xj3b2Qu3deMxofkEbak8tReTsMHRjSk_JIi9IIshF1HHMGjmcCR5w2WFEX9x4I71m2wmlgV_oow0mQNLLYKwOi_2eDy-MJT2aTHkTm7WWJvUMeUqOjZeIHxIJl3i7d5reF-uZbb3sPW5AbwOk6pdxH4m8PAaxFXuEuFDRdZOBUX4AIbwt8EXAd54OB09cci-ndsReFqwIMhrpUusDZZsKQWMbiByGHhGGFBf0dwsFs-Yp3DjtilSs390b7V_YdeIOnBuejxLyIT_1nGGXuyTrNssGdXj91yYAeTJJwpZpR5Zx88lVvtgfIOynGxmg13X6ZzWOKEuakLoyAade6NMev7AjFJ3oavS_Jg_nXiQbigLT8ZDF6Xcp5XXpo7vuNCsHS74h6u1Mc-8_FzpDWdkKwfae1Jzjo7FuHMZoBuyBWOonSxEqBke0EVUDs9FlBMhMMkjMHmTEkUwhw2L8E3k3Yrx8llXHvdSxcbAfskRz5VMyZApaKrk9uZVFMb-hK2O4Ux2gog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C61D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvT2NcctNZNSvMoSt_gTXyoPwDgAAAAA4AeAEAg&bg=!WlmlWQ3NAAb9Sbh13Uk7ADkAdvg8WieUFcWP-uBPFc8fFV5iDmL6mNIN1S11aaxXGC0uIDoSt_58jAL38E0b4EiaMEnSEQ08hOQCAAABH1IAAAACaAEHmQMdYwQC5C94_R2H1L6CogMaQVbb-nDleykwvnTqj3ufweCtZK3lrDkpU_1zDGZ-Gk8awIDLbQZ3tiCIzndd7bGk94evGnaBbSvlhJ-0hJoL1R5AzxVr2z9g1qevNUdNaf-OhtN0VDeb5iafRPkW-dDe17dyicyuZ6Nc-DNKj9WJEbc7VRK3ycNxB0qwCki_bx3ZhQtg1dEv92fskzQKtJ9IoRFaxZfJd8N9xyuWa9_tg5I1gDxqfivySA4nPOdMTQaHYHa_3qCRu-miJDO-0uBqKHdyoPGR4-hwMVHe8p0W6yu6DCkk2TV0YvfAr0H6FIUXd3IVk6n7-2ZUM0lJlgfGZAbJk4CVpSa5k7sbZkm91KnYAAYKeYsUX6BLEpoRrLcJ7upXywcazq6BSDUnrLCBzgeboObbwz8W5lVfTRVGjOpP1VsPU7SSBa4ieg_LF3wUtHpWTYIveFE6ydHlLcHtNNsZDf8dVuQHyPvLuMCSlbujHZXUnoMCFuxMMvG6f3ZwbNcTPQ7zoAdHwUJmb7LWop40JZ1VHZ5frXCjczLV00cV1GYFnBW3ljtyIMC2ODXg_FAFt9VhzWLx1qgFSlGH3XR2J05bMxttJZKvYbbLGL2AEzhyFk4MqnDVeSblS7beHyyQexfiBeUgc1y8T7dtblzibUoPaxtRLcFPxF6hXjgFK8KFlzxeD2wBPUUa0c4eg1w7x9ZEwwnJ5TtU8V-SUPD9Md7B33QsAoSE-ZyQRyEdMQgJLdENGSW_7L2DfHE_-KnF2LlNbujnRGnOmIjOAQOudEACRBDOpp7XU_g0-K49snO1cPPZPi2R2mIoYyTAdukWe2HQPiacPJN1Jrr9NvTws3G8F0PT5Q8Mvg06t4IUfVdcxG_hU148_pT6QwvRrsEWAt-46tWvABavTVDXc4ghAzRVOEGd_kmHodAaj3bgRmgFsMxp2Rj9cdo_dcAwGVKP5nipLb531HXaJTltQ9A0XBAJLXTsDIuYGvPP0uGajbHFxGyIZ44rVGAsOlOzbSFLs_jTz8nl6VH1_PGMEsyLsdeSqkRUR6URLDA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 6961 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5WoBTw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:59:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame BB0A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0OUnqGwdXJGFHnM0rfE0bU2qJvKAoqe5LXUeZO2l8KRH6e1IvTC7EooHQeSGVORN0c3P6mhDra9I1JqqPnJ8svLezcWbv_S9FigZtJHtbjb-wsQUwVR_7pQ&sai=AMfl-YQNhledwKpERQ2RDJ6uqS5Weair727m3b7wn1e1T1ySvT9KsC1_jM9IHs9nk3dFdw19CtCVWGJnxSheSLIbepCcNRkeE8QHaQDRnM7yNaNgmeLNpuRs_4M0zE5XrgLqMFEkUO9AQUs8C5D3NlU&sig=Cg0ArKJSzII-S64o_iIwEAE&cid=CAQSTQBygQiDgkFoZVu58ntEVfEq08pxPXVpPcJQSPt1CjxUvLGkIeJ4N6hlQc_lQeDkTw49ssvOZcleXjwY90uioEKQWJBi7_gXpqYFW1gjGAE&id=lidar2&mcvt=1000&p=254,436,344,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=375592840&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682819952921&rpt=1279&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B2DC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhO6LTuDuOifyxAX0SayTMs60jOHEBihRB3zCBEUPgb_UgufWuBhRTVWik7Ih_Cxb2mMlKozOVwca3U-53tGySxW1FShnyCBK2xxf2e8dtQRhD0txT6VSakw&sai=AMfl-YSsc3ujJ-0jf8Eu0ufyLmK2HG47iaKtQPsGpOg5W-XlqkX2p0oLXBNsfpyZB1cJb2PTeNW_Jw0QEXH7YIxDrW3ZLjX556ck4gNCrK2KqfIZOkAe1pIt6XGzfF_9kLpF-VBS2Lq8f1Kjhmge6SQ&sig=Cg0ArKJSzBtNtBJnCH-ZEAE&cid=CAQSTQBygQiDgkFoZVu58ntEVfEq08pxPXVpPcJQSPt1CjxUvLGkIeJ4N6hlQc_lQeDkTw49ssvOZcleXjwY90uioEKQWJBi7_gXpqYFW1gjGAE&id=lidar2&mcvt=1000&p=1085,436,1175,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2910733795&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682819953052&rpt=1198&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB0A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7532926420080&version=m202301230201&ct=76&x=1&cor=12238816960506733000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2DC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=92618608337&version=m202301230201&ct=76&x=1&cor=11868178320541995000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 01:59:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250101&jk=962805737880682&bg=!9fal9qLNAAb9Sbh13Uk7ADkAdvg8WoYK3S7SjCAGONlz6C7OYylv44nL0pGOzvbcOW0oTM1m_xlqUDrsvBusXRmYaBEG_kdJ2-wCAAAAY1IAAAACaAEHmQL3-lVrhOFN2i62ZucouPFWE1MJC432RbOtS1Nc_uRd6cEjEyC_zNWonM-SC6VmGU8oH8EjEJ9hSAaJS49xLkc67_hOWpls2qcmoqyzJmnz3PlTeaYXaTGHM8jAdxIq6fp00bv6h2R_40CG3mxI_c5C-XwNrdnoYuIT9ZjuZkYP30eDfRUy2tRnM87fhWPzV52yrO6Xmle7GoYj8d-gfFE75SghL3NvyNUlEfI--AyceqDH1eVbS_xh0W5d4bL_Q0cZTXweBHFe4any3QKitLys4x6rzabfFs8hKKI8_SlLeypqfXaWc3BAwsYtd3SwEi_PxvZ9nU1OQkDrrAjbCtEILhc0j5JWkiTcFHenVxpeIHsDGOWYICesK-ZUkjMvx1JFadMkxuKF6GW5mqeSurL-eR-pZCPvWj0bLDpBeP-vIMi75r4pjXHgcuKUCCMDH57WacjwcUcQOoRUWmumOWysKMgkL2NT-Mzj0T2CUFHcXPaj8SkP2bD4hepbuKS_c_CtBgHOBXpFmDEdaKQf1XT00cPVbtstkjTHtGZXKiiNyvfUg1aU6QBBg6U5Yxi1BpPo9cI3Bgw84F8Vu1vFaggHKYFzEkod1u4Sv6bse8BfQOnrI7H7HEeO1dQC0p82R2nxszixvHfEeB0A0EypIXGibtWrEi6pTYiTxwAS_61jioeM4EGy6UmAWkR4OSHADc5SReR1T7fKQh_1bST39LAFL4RMYA269ysp1XxeSLaMGtbdIyAHPYoD11bzkJC9434jFBKDTwn5pHdP1qf7Ta7YEB63YjBaq-x4hyB3rCcC9HgAlEaFW_mPZPa_5zV7t2aFBwPtE4mCuXlShRRmQF63WGcjG-4DZWnSI1E94aqqbFVKRkg1AscVjL1rmUQj-xHDtpKDvyHzx_gdqNuI3dps4z1R6zvKFNdNNyqNEq9ICSkpAwC902N9z42IXP-EAHbmlD1hPRpLheD4BpLbCCFhKEDxHOxaq7Fvk6Ia3IVm0PPsSEsqp0q2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
event.png
tpsc-ue1.doubleverify.com/ Frame 06AF 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=1435077f81724b18ae468373c8e0648d&flavor=0&gdpr=&gdpr_consent=&vdur=282&eoid=14&msrjs=3735&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=99&tetms=11&msltms=28&vltms=282&sei=290&vetms=145&tuviims=314&tuviems=741&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=17&isumms=17&nvr=2&elmtp=6&isbxdms=2518&b0=2647&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2647&sftb=2647&msrdp=4&naral=128&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=16&engscrlms=220&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&vstsz=755&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3435&cbust=1682819957367253
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3735.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:17 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
04/29/2023 01:59:17
event.png
tpsc-ue1.doubleverify.com/ Frame 8164 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=4c4fa825b4974981aba32b75a66068dd&flavor=0&gdpr=&gdpr_consent=&vdur=379&eoid=14&msrjs=3735&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=122&tetms=12&msltms=41&vltms=379&sei=289&vetms=132&tuviims=435&tuviems=946&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=66&isumms=66&nvr=2&elmtp=6&isbxdms=2568&b0=2698&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2698&sftb=2698&msrdp=4&naral=128&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=64&engscrlms=320&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&vstsz=755&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3552&cbust=1682819957373229
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3735.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.newsnationnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 30 Apr 2023 01:59:17 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
04/29/2023 01:59:17

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
sync.rtk.io
URL
https://sync.rtk.io/cs

Verdicts & Comments Add Verdict or Comment

397 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 boolean| credentialless boolean| gaCloudMode string| zzz_ndn object| OneTrustStub function| OptanonWrapper function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed function| addVideoPlayer function| uuid4 function| populatePage function| populateAdSlots function| populatePrivacy function| populateIdentity function| setPermutiveGeoDataInUDL function| populateNXSTData object| NXSTdata string| page_url string| cats string| bob_kw string| bob_desc string| bob_story_author string| cat_data string| bob_base string| bob_cb function| setupS2NApi boolean| isPrebidEnabled boolean| isPrebidVideoEnabled object| prebidData string| clientID boolean| isAdRefreshEnabled boolean| isAdLazyloadEnabled boolean| isAdSponsorshipEnabled object| adRefreshConfig object| adLazyloadConfig object| adExclusionIds string| apsPubID boolean| isApsEnabled object| apstag object| _sf_async_config object| googletag object| dataLayer function| OneSignal object| preloadAnvato function| loadAnvato object| SecondStreetSDK boolean| isMobileReadMoreEnabled boolean| isGdprPrebidEnabled object| amScripts function| setCookie function| getCookie object| rtkcategories object| pbjs object| wpJsonpNxsApp object| blueConicPreListeners function| BCClass object| blueConicClient object| launchPad object| launchPadConfiguration object| node function| __launchpad string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| pbjsChunk object| _pbjsGlobals object| confiant undefined| $ function| jQuery object| tag function| setImmediate function| clearImmediate object| WebComponents object| ShadyCSS function| filterCSS function| filterXSS function| saveAs object| anvp function| AnvatoPlayer function| checkSizeClasses object| NXST_RAMPS object| sailthru_vars object| nSdkInstance object| nielsenMetadata object| NOLBUNDLE number| prebidDisplayTimeout number| amazonDisplayTimeout number| prebidVideoTimeout number| amazonVideoTimeout object| wpApiSettings object| wp object| lakana object| nexstar object| nsApiSettings object| __otccpaooLocation object| bc_json554 object| Sailthru function| zzz_bob_loadScript string| bob_base_url object| dcode_array object| bob_log string| z_b_i_h string| p_name object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt object| nexstarA9 object| nexstarPrebid object| nexstarHtlbid boolean| apstagLOADED object| apscustom object| _aps object| _cb_shared function| opt_getSlotById function| opt_insightsAvailable function| opt_setupRefresh undefined| timeout undefined| opt_dateObj undefined| opt_month undefined| opt_day undefined| opt_year undefined| opt_today undefined| opt_activeDates string| p1695910024 string| p1695910079 number| p1695910080 function| oAddDVTag_ function| oGetPageStats_ function| p1695910109 function| oGetSlotRenderedLineItemIdByDivId_ function| p1695910104 function| p1695910101 function| oDeleteHardcodeRefresh_ function| oRefreshHardcode_ function| p1695910098 function| p1695910081 function| p1695910077 function| p1695910134 function| p1695910075 function| p1695910087 function| p1695910084 function| p1695910082 function| p1695910058 function| p1695910063 function| p1695910049 function| p1695910048 function| p1695910046 function| p1695910039 function| oEnableNullChecklistener_ function| p1695910091 function| p1695910030 function| oPageUnload function| p1695909959 function| p1695909964 function| oSetDataParam function| p1695910083 number| p1695909949 string| p1695909950 object| p1695909951 object| p1695909952 boolean| p1695909953 number| p1695909955 number| p1695909956 object| p1695909977 string| p1695910019 number| p1695909960 object| p1695910027 string| p1695909995 string| p1695909996 object| p1695910033 number| p1695910034 boolean| p1695910038 number| p1695910040 boolean| p1695910042 boolean| p1695910092 boolean| p1695910067 boolean| p1695910094 boolean| oObserverChanges_ boolean| p1695910093 boolean| p1695910095 boolean| oAudienceListenerEnabled_ object| p1695910044 string| oDevice string| p1695910132 number| p1695910135 string| oParentHostname_ string| oParentPathname_ boolean| p1695910045 boolean| p1695910047 number| p1695910062 boolean| p1695910064 number| p1695910065 object| p1695910054 object| oAdSlots_ object| otkjs boolean| p1695910085 boolean| p1695910086 object| optimeraInsights string| p1695910096 object| oLoadedAdImpressionDivs_ object| oTrackSlots_ object| p1695910107 object| p1695910108 boolean| oEnableInfiniteScrollUrls_ boolean| p1695910103 object| p1695910106 object| p1695910110 boolean| oHasStnVideo_ object| p1695910133 boolean| oActivateK_ object| oRPMCids_ object| oRPMHosts_ string| oUniqueId_ string| p1695910004 function| p1695909957 string| p1695909958 boolean| p1695910026 boolean| p1695910006 object| p1695910005 number| p1695910008 undefined| p1695910112 undefined| p1695910113 object| opbjs object| oaudLibjs object| ovpjs number| p1695910007 object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| postscribe object| google_tag_manager_external object| core object| fastdom function| sprintf function| vsprintf boolean| walesHasMessages object| csData string| cfr object| _comscore object| el object| teads_analytics object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| Ellipsis object| newsnation function| jsComponentFrameworkLimiter object| p1695910032 boolean| creativeVendorLibraryLoaded object| webpackJsonpCSW object| civicscience boolean| __bt_already_invoked object| _cbm object| mejsL10n object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer number| __oneSignalSdkLoadCount function| __jp0 object| addthis_config object| addthis_share number| anvatofloatCount object| anvatoUnfloatTrigger string| anvatoVideoTitle string| anvatoVideoAssetId undefined| google_measure_js_timing object| Optanon object| OneTrust object| oDv number| p1695909961 object| prodKObj string| oUrl_ function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| live_now_script_object function| rotateLiveAlerts function| loadLiveAlerts object| _stq object| Criteo object| COMSCORE object| ns_p function| x00_0x21a4 function| x00_0x5e97 object| _Scanner object| regeneratorRuntime object| permutive object| analytics object| wpJsonRciWidget object| ua_result function| __NEXT_PRELOADREADY object| revcontent function| renderRCWidget function| st_go function| linktracker_init object| wpcom string| civic_science_iframe_active number| oIndex4_ number| p1695909976 object| hLinks function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents boolean| __@@##MUH object| _bcp function| BlueConicEngagement function| RuleService function| FormRuleService object| justDetectAdblock object| bcConnectionUtil function| BlueConicDataLayerUtil object| JSONPath function| md5 string| _contentURL string| _title object| evaluatedNLP object| owpbjsChunk object| owpbjs object| PWT function| dspCriteoRTUSCallback function| dspCMCallback function| normalize object| bc_json555 object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks string| ssaUrl string| $$d2cxFn function| sm_beacon object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| BOB_808 object| bob_001_scr object| url_vars undefined| input_object function| zzz_bob_check function| zzz_bob_get_http_protocol function| call_bob function| add_rtk_pix number| itag function| confiantDfpWrap object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_132 object| Criteo_prebid_132 function| consentGranted string| nxsConsentGroups object| GoogleGcLKhOms object| google_image_requests

211 Cookies

Domain/Path Name / Value
blue.newsnationnow.com/DG/DEFAULT Name: BCSessionID
Value: 9ce8fb87-f026-4bee-9d3a-6a128a188166
nexstar.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 9ce8fb87-f026-4bee-9d3a-6a128a188166
.3lift.com/sync Name: sync
Value: CgkIOhCe84r__DA=
.www.newsnationnow.com/ Name: ndn
Value: 669f3ecf-419f-4d5c-b8a9-74b6e95ee552-1682819949373
www.newsnationnow.com/ Name: last_visit_bc
Value: 1682819949401
www.newsnationnow.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.newsnationnow.com/ Name: referralId
Value: Direct
.onesignal.com/ Name: __cf_bm
Value: mhHzFNLP2nFqUsc.PQRlF_bvF7KcFHYPy1R9CJn7Z.8-1682819949-0-ARjYmXiHJSkZZHm2GmvZlMRW9EyWSfIKZQclLQPf5LtPMRCTtixptfeEQ1IPNGORT4RegcBGE0oqBfsRWZtpSJI=
bob.dmpxs.com/ Name: bob_c_id
Value: 1d9f2e20498547c8becce97a2448d2f1becdf0af03786bddf1ca06aeb6f0c4d3123cf3e44ec926
www.newsnationnow.com/ Name: usprivacy
Value: 1---
.scorecardresearch.com/ Name: UID
Value: 1B2272c0ff5f9306161e1401682819950
.newsnationnow.com/ Name: seg_sessionid
Value: 1f137f6c-804f-4868-b02e-da1e25d33dc8
.newsnationnow.com/ Name: _cb
Value: zOUCrCRGK4JDIPQ3c
.newsnationnow.com/ Name: _chartbeat2
Value: .1682819950841.1682819950841.1.Bt-aCmBuqbGzB-94oKC4xNy-CDTQOv.1
.newsnationnow.com/ Name: _cb_svref
Value: null
www.newsnationnow.com/ Name: __atuvc
Value: 1%7C18
www.newsnationnow.com/ Name: __atuvs
Value: 644dcb6ed7a2f2b2000
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: OkD6KCdmh_BQUvb_UV4sfwVbbCcZSoDbKb_tnWwKCBO6HBs9VsZZfbyEEstj6rZa4hNJeODTsrRyrpDalL1a_rdRipBZ-W2arPu1ZvSLcHEqa9jqS-Y2Xw
.gumgum.com/ Name: vst
Value: u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b
.addthis.com/ Name: ouid
Value: 644dcb6e0001f45fce8fb6c47488fec1d97f0d88a5b6e770e631
.addthis.com/ Name: di2
Value: aVVwu#%!k#$M`#!AgP2TIPv7LW6Lj6Hq#1:R#19w
.addthis.com/ Name: um
Value: j.'2023043001591098400289982935'
.addthis.com/ Name: uid
Value: 644dcb6e22acc9a9
.addthis.com/ Name: na_id
Value: 2023043001591098400289982935
.addthis.com/ Name: vc
Value: 2
.newsnationnow.com/ Name: nol_fpid
Value: fursut4egfyaaxkpdcnpxq7jdwbu31682819951|1682819951063|1682819951063|1682819951063
.addthis.com/ Name: uvc
Value: 1%7C18
www.newsnationnow.com/ Name: _tfpvi
Value: NmEzYTY2YWQtZWEwMS00ZmE4LTllZGYtZWIxOTFhZjE1ZjkxIzYtMw%3D%3D
.www.newsnationnow.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sun+Apr+30+2023+01%3A59%3A11+GMT%2B0000+(GMT)&version=202210.1.0&isIABGlobal=false&hosts=&consentId=ed904e68-2289-4019-94d2-ea7680ad6942&interactionCount=0&landingPath=https%3A%2F%2Fwww.newsnationnow.com%2Fbusiness%2Ftech%2Fmicrosoft-breached-in-suspected-russian-hack-using-solarwinds%2F&groups=C0001%3A1%2CSPD_BG%3A1%2CC0002%3A1%2CC0004%3A1%2CC0003%3A1
.yahoo.com/ Name: A3
Value: d=AQABBG_LTWQCEJYXSQ0We9kyIzCAn4rGV74FEgEBAQEcT2RXZAAAAAAA_eMAAA&S=AQAAAuBUJ7_7cZlREkIWeCRhgtg
www.newsnationnow.com/ Name: BCSessionID
Value: 9ce8fb87-f026-4bee-9d3a-6a128a188166
.amazon-adsystem.com/ Name: ad-id
Value: A0nWn0uWN0l4j5Yvr8a893A
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.addthis.com/ Name: loc
Value: MDAwMDBOQUNBUUMyMjU1MTA2NDQ2MjAwMDBDSA==
.newsnationnow.com/ Name: ajs_user_id
Value: %22669f3ecf-419f-4d5c-b8a9-74b6e95ee552-1682819949373%22
.newsnationnow.com/ Name: ajs_anonymous_id
Value: %221ab37753-8759-4789-a7f8-69b02b8f6005%22
.newsnationnow.com/ Name: _ga
Value: GA1.2.1514230211.1682819951
nexstar.blueconic.net/ Name: AWSALBCORS
Value: Lc5Pl576DKyHHOrKvTKfvocklrEKm1NfoIjkF/s4AYPjNx0U50P+DUJG6APZJM9o2DlVeXiOHlKUw+q6tOMAUKhMtw9OoxvDmSgF2ZVF9IQlUwrFXmNCX07fPneT
.revcontent.com/ Name: rcuuid
Value: 301f9ffa-bbfd-4ece-9bb4-ff2c0be5ab44
.revcontent.com/ Name: __ID
Value: 3cfcf84b23ed0d963cf4304d30397cb6
.doubleclick.net/ Name: IDE
Value: AHWqTUm0IOXR0E73fAvvclfIJ4nZCl9VcxBcAmEnkj94QKmMu1OQv2HVmKFQP1QWXcw
blue.newsnationnow.com/ Name: AWSALB
Value: 4cnR5IvGn4LP1SRtQAyLvIKGg1IlELuMlSUX7WDoqf2AOYWA9xEfu/y0+nrxFJCu2uXtLgBs9UI5TRffV8WFRWP/F9ToRcTpSSzl23v16jL2AGHcy35cKLl3Cdg/
blue.newsnationnow.com/ Name: AWSALBCORS
Value: 4cnR5IvGn4LP1SRtQAyLvIKGg1IlELuMlSUX7WDoqf2AOYWA9xEfu/y0+nrxFJCu2uXtLgBs9UI5TRffV8WFRWP/F9ToRcTpSSzl23v16jL2AGHcy35cKLl3Cdg/
.cm.lotlinx.com/ Name: LX_GHM
Value: c35937372363d8537f530582
.revcontent.com/ Name: adb_blk
Value: false
.media.net/ Name: visitor-id
Value: 3258215511455387000V10
.adnxs.com/ Name: uuid2
Value: 2806201715888124060
.openx.net/ Name: i
Value: 37bb6110-2198-0bfe-1e4f-0d9d31f1ff32|1682819951
.undertone.com/ Name: UTID
Value: 6623047a2d71446d91fcca52f2f99e89
.undertone.com/ Name: UTID_ENC
Value: 61okxmozodkakyzi4y1hw1gnd
.openx.net/ Name: pd
Value: v2|1682819951|vMgavPkWgy
.sharethrough.com/ Name: stx_user_id
Value: 1fe6f55a-454d-4190-84a8-f0c8e9bfe713
.bidswitch.net/ Name: c
Value: 1682819951
.bidswitch.net/ Name: tuuid_lu
Value: 1682819951
.simpli.fi/ Name: suid
Value: 97F0F40EA0184676AC35881C57F6BA1C
.postrelease.com/ Name: visitor
Value: bb30f702-d383-4c5b-9d50-28ae5b6074f9
.postrelease.com/ Name: status
Value: 1
.3lift.com/ Name: tluid
Value: 292355670861132343203
.yieldmo.com/ Name: yieldmo_id
Value: gc07948f5975ba895194%7C1682819951692%7C0%7C
.casalemedia.com/ Name: CMID
Value: ZE3LbwC4IvwXl.4YHEnopgAA
.casalemedia.com/ Name: CMPS
Value: 045
.casalemedia.com/ Name: CMPRO
Value: 045
.imrworldwide.com/ Name: IMRID
Value: 99ef4240-e6fa-11ed-9089-211968bd856e
.mfadsrvr.com/ Name: tuuid
Value: 3fda7304-241e-494b-ba29-937617e680e8
.mfadsrvr.com/ Name: c
Value: 1682819951
.mfadsrvr.com/ Name: tuuid_lu
Value: 1682819951
.sitescout.com/ Name: ssi
Value: 61b12384-c508-406c-804b-7d3c68fe1853#1682819951775
.newsnationnow.com/ Name: seg_nexstar_sessionid
Value: true
.bidswitch.net/ Name: tuuid
Value: 31d2f336-b910-431f-84a5-4d822ced4596
.sitescout.com/ Name: _ssuma
Value: eyIzNCI6MTY4MjgxOTk1MTgxNiwiMiI6MTY4MjgxOTk1MTgxNiwiNCI6MTY4MjgxOTk1MTgxNiwiMzkiOjE2ODI4MTk5NTE4MTYsIjciOjE2ODI4MTk5NTE4MTZ9
.admanmedia.com/ Name: admtr
Value: 98255888-350f-4733-b66b-28f3b9e014a6
.admanmedia.com/ Name: ac_r
Value: CS71
.technoratimedia.com/ Name: tads_uidp_44
Value: LH1M0IXM-14-BSLG
.technoratimedia.com/ Name: tads_uidp_88
Value: 1580628552371835052015
.technoratimedia.com/ Name: tads_uidp_77
Value: UQZ2Q6HZcRk7nq3bTYZk4bEnb0-uAzwa0SlIWJvu8lM
.technoratimedia.com/ Name: tads_uidp_45
Value: 273AD849-4BB0-43EA-B111-7FCE0400B7E9
.technoratimedia.com/ Name: tads_uidp_46
Value: 817603694903584593
.technoratimedia.com/ Name: tads_uidp_79
Value: 25773e0b-ead9-4995-b85a-c02cc8c6a0f4
.technoratimedia.com/ Name: tads_uidp_37
Value: 33bf6465-2f05-3822-aa6d-cd3f08c26482
.technoratimedia.com/ Name: tads_uidp_48
Value: 3e3c2309-7521-4252-a132-80b232c4dd9f
.technoratimedia.com/ Name: tads_uidp_49
Value: AAABvS4SfcHwFwMo7Pl8AAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: 59965636-703a-43b9-8549-355bc2b76bbd
.technoratimedia.com/ Name: tads_uidp_80
Value: y-tEKYB5ZE2uFp4yK9FCd9pIsn8994xr3M~A
.technoratimedia.com/ Name: tads_uidp_70
Value: 1673948501052-981480834937-007220-006-006384
.technoratimedia.com/ Name: tads_uidp_82
Value: ZEyS-iLniqTfsuKVTQOFzgAA&3532
.technoratimedia.com/ Name: tads_uidp_50
Value: b67b047e-b05e-44ce-afd7-746aebab1791
.technoratimedia.com/ Name: tads_uidp_61
Value: 212152665977935
.technoratimedia.com/ Name: tads_uidp_62
Value: 3257517871454975000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: JBAH7dbIT_RtuwP5G4Yt7UWhgH_JkGVL
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-01516a04-3471-442c-a439-cb0b25415859-005
.technoratimedia.com/ Name: tads_uid
Value: 5597529CCA40456999768DE69389154D
.technoratimedia.com/ Name: tads_uid_cd
Value: 20190828051959+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.mathtag.com/ Name: uuid
Value: a664644d-cb70-4300-9a13-233ed2a6eae5
.adsrvr.org/ Name: TDID
Value: 0d3b310b-bf7a-405b-b93b-9457c9f6b19e
.zemanta.com/ Name: zuid
Value: emhcbg7rl3Ki7JE6L2It
.outbrain.com/ Name: obuid
Value: 1c4d5f1a-8352-44f7-b57c-5f2b190d078d
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZE3LbwAGdnRvhAAn
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6e2f6c46-28b0-583d-4aef-12173050d3ad.lN%2FmJ6m7E8OxVFpdFXFSPdRE60zlviULh3kgKyNDU60
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Abi9sRiiwWD1K7xIXMFDTrZU4mbk.JmK7gCoIztUKTPxZ2ycX8GUXe5O1g9cCvOxb7i16ns8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Abi9sRiiwWD1K7xIXMFDTrZU4mbk.JmK7gCoIztUKTPxZ2ycX8GUXe5O1g9cCvOxb7i16ns8
.ipredictive.com/ Name: cu
Value: 8eba1813-6438-44ac-a501-d1055090e5f7|1682819951858
.deepintent.com/ Name: CDIUSER
Value: di_e4ebf00ba4e84704954fc
.rubiconproject.com/ Name: khaos
Value: LH2RJSAP-Y-HTBD
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1682819951
.contextweb.com/ Name: V
Value: dTKB7HO9FSyL
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 6b9da7bdd37b2779
.openx.net/ Name: univ_id
Value: 537072971|0d3b310b-bf7a-405b-b93b-9457c9f6b19e|1682819952048175
.adform.net/ Name: C
Value: 1
.360yield.com/ Name: tuuid
Value: eb05c266-35b1-4de6-bbf3-266efdf9c20a
.360yield.com/ Name: tuuid_lu
Value: 1682819952
.brand-display.com/ Name: _knxq_
Value: b88892d1-de49-e0eb-55a56e6a.1682819952.0.1682819952.1682819952
.ads.yieldmo.com/ Name: ptrrc
Value: LH2RJSAP-Y-HTBD
.creativecdn.com/ Name: u
Value: yKnKxKjizgaVMhMIUbQf
.creativecdn.com/ Name: ts
Value: 1682819952
.bluekai.com/ Name: bku
Value: ikG99cenEVxV4ETU
.bluekai.com/ Name: bkpa
Value: KJhz06NwyM9R9mO4DTXxlgnBYpc3befGtt7SgzY+bhootvjj0yadF4ciy4mEjhNX5srQZIph0xXfBNNLd8W+/plTgBb7cvgTLnMOnf+nMaIO6szYM9egBIWIt2VlZXyzpzoIEQERnqQkls5nQwUMpPtBJXYLsz4KtmFFGtyQBOzFDaqqUJUPDSRJP2i500nkeKvhSO/r19WBUmDi64XX6dLle+CoiV5Ix+WVgNuPtvqbf2V3nMro94/zSbVSgzJY1Y6acv3VfAXGbIq2jyOkW6LL
.ads.yieldmo.com/ Name: ptrc
Value: CAESEEiLMyuAGW5pwIvaugyjG2A
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 82F9C575-3E8E-4842-8DB7-4EBFA3FA043E
.adform.net/ Name: uid
Value: 7812624609369255604
match.sharethrough.com/ Name: AWSALBCORS
Value: 2+HBDvN9Rq1Ohny0sQM2yU7c92twirt8lFTfLEbPRaFxH/GYMbDPfrq/afnsoZ3Gfx2+QonQIsj2MSTrU08ffbrtp1lnLTixyBhWKnBJTf0ZmckTMx/KtiinIU5d
.newsnationnow.com/ Name: sm_uuid
Value: 1682820223195
.www.newsnationnow.com/ Name: repeat_visitor
Value: 1682819952299-566227
.www.newsnationnow.com/ Name: bob_session_id
Value: 1682819952299-564122
.nrich.ai/ Name: _nauid
Value: 924b113e-57b3-49c2-ab80-8a6f6b4116c8
.socdm.com/ Name: SOC
Value: ZE3LcMCo8X4AAHdCi2gAAAAA
.tapad.com/ Name: TapAd_TS
Value: 1682819952345
.tapad.com/ Name: TapAd_DID
Value: 13a54d7e-5d29-48ca-b783-eece86e1ae12
.pubmatic.com/ Name: DPSync3
Value: 1684022400%3A263_262_201%7C1683417600%3A248
.pubmatic.com/ Name: SyncRTB3
Value: 1684022400%3A54_71_21_13_22_46_250_166_220%7C1683417600%3A223_2
.csync.loopme.me/ Name: viewer_token
Value: c15d3720-4ec5-427e-8d75-3e9ca5ef2b96
.exelator.com/ Name: EE
Value: "01842ddb569c471059ffb6dcbe67010b"
bob.dmpxs.com/ Name: apnx_uid
Value: 2806201715888124060
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHA0MLEKCUlydTMMtnE3NDA1DItLcksJTkp1czcwNAgaXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQaEl%252BUWb6ImfHxUUpaQyLSopPBR9%252B%252FhEAnLcrIw%253D%253D"
.teads.tv/ Name: tt_viewer
Value: c633fce4-f020-4394-a096-6d6b294561f4
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: a84bfcf4946b713c7db99e482c035bd8
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSLQwSUpLTjOxNDFLMjc0TjZPSbK0TDWxMEo2MDZNSrFgAIIU39MFIBoKAGNACw0%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI8T1dAKSgAAAXxwHt"
.turn.com/ Name: uid
Value: 4114394166873606790
.bidr.io/ Name: bito
Value: AADqGE7Im5cAACHzaMyfgw
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: pi
Value: 160648:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-fefba385-d67b-4953-8954-bd76b135de3f-005%22%2C%22nxtrdr%22%3Afalse%7D
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2bdd:18z8~2bdd"
bob.dmpxs.com/ Name: bx_uid
Value: AADqGE7Im5cAACHzaMyfgw
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEKGC2rQuH7xWSQLdMUuHESw&KRTB&22987-CAESEKGC2rQuH7xWSQLdMUuHESw&KRTB&23025-CAESEKGC2rQuH7xWSQLdMUuHESw&KRTB&23386-CAESEKGC2rQuH7xWSQLdMUuHESw
.demdex.net/ Name: demdex
Value: 28513503418605444460754516728204689885
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bGUNi0N3vFE3+1WuCoMxA8a+JUixCbOKdpLfYM1RPAn/BOWUihdA1Db7+yPBpLN10Jaed1vzwbKVbeAh7mkZRRbJhsHlJbldDekttcQesnW66Zr5ZVxLWDe
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-0d3b310b-bf7a-405b-b93b-9457c9f6b19e&KRTB&22918-0d3b310b-bf7a-405b-b93b-9457c9f6b19e&KRTB&23031-0d3b310b-bf7a-405b-b93b-9457c9f6b19e
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:97F0F40EA0184676AC35881C57F6BA1C
.linkedin.com/ Name: bcookie
Value: "v=2&ca59b294-4d2c-4135-8fdb-3ed5b84ff6f5"
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2582:u=1:x=1:i=1682819952:t=1682906352:v=2:sig=AQFUBVBpd56jniH25KBBD1osZY2RvsWT"
.smartadserver.com/ Name: pid
Value: 7045590474520975260
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-fefba385-d67b-4953-8954-bd76b135de3f-005%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4114394166873606790&KRTB&23150-4114394166873606790
.thrtle.com/ Name: mc
Value: eyJpZCI6IjllMjhmMWViLWMwNDAtNDU5MS1hZTIxLWQ2MTliNzYzNGZhNCIsImwiOjE2ODI4MTk5NTI2OTAsInQiOjF9
.ads.yieldmo.com/ Name: ptrunl
Value: RX-fefba385-d67b-4953-8954-bd76b135de3f-005
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3MDe1sLAwszA2sjQEYgMhPkPdXGdTX12_9PD8wohIAK8C8ukkAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFkYWhpaWpkbmwCAAHQsxIQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3MDe1sLAwszA2sjQEYgMhPkPdXGdTX12_9PD8wohIAK8C8ukkAAAA
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1kb8|7dN.0.AADqGE7Im5cAACHzaMyfgw|7bq.0.1
.dpm.demdex.net/ Name: dpm
Value: 28513503418605444460754516728204689885
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-978758886832913290
.pubmatic.com/ Name: PugT
Value: 1682819952
.ads.yieldmo.com/ Name: ptrpub
Value: 82F9C575-3E8E-4842-8DB7-4EBFA3FA043E
.newsnationnow.com/ Name: __gads
Value: ID=0f5bbc9586e19a6c:T=1682819952:S=ALNI_MbRrTeCgkkT8hhQ4knQ1dV39xMzlg
.newsnationnow.com/ Name: __gpi
Value: UID=0000057af2cd2944:T=1682819952:RT=1682819952:S=ALNI_Ma7OP3xlyM4Ljx84iN0Y4N0jSeSpA
.smartadserver.com/ Name: csync
Value: 127:AADqGE7Im5cAACHzaMyfgw
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADqGE7Im5cAACHzaMyfgw
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IlerGSX-!]tbPl1M>e)ZlrFUfJ+tGXxomFT+#BDyd#GX8kxi9+rQAF3eKMYZStflHD.i3If)y3KL9D3I?+SI$)h$
fksnk.com/ Name: AWSALBCORS
Value: ivvKjmEK3FgAd+SWfZfcTsOXuwPJvVOtka/N0jadtNcpdwC/Xcw3cCxK34IWM9YA7CaiPl6Qfj7NSKp0JuVjmJ0Lns0hn113cg99H0JKVbmzVK6yfRw7WBqBAX+b
.fksnk.com/ Name: f_001
Value: 48418827A0AFD723
.fksnk.com/ Name: g_001
Value: 1
.adingo.jp/ Name: ID
Value: 5d3fda4793c339f35382892a6bfbf613
.go.sonobi.com/ Name: __uis
Value: 2171f362-a4cc-4148-8d35-d41073c8fa9b
.go.sonobi.com/ Name: HAPLB8S
Value: s8554|ZE3Ld
www.newsnationnow.com/ Name: sailthru_pageviews
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2274E243BD-D58B-4095-8ABA-C1F587C6435E%22%7D
.criteo.com/ Name: uid
Value: 74297382-efed-4ed0-afed-c395246e1995
.smaato.net/ Name: SCM
Value: 2947bdb4
.smaato.net/ Name: SCMg
Value: 2947bdb4
.mediago.io/ Name: __mguid_
Value: 9a244197be68358dfeab67af3138f206
.uuidksinc.net/ Name: jcsuuid
Value: MYL5bogZH3HbhPbgmHOm
www.newsnationnow.com/ Name: _lr_sampling_rate
Value: 100
.pubmatic.com/ Name: SPugT
Value: 1682819954
.w55c.net/ Name: wfivefivec
Value: E10G4Iaz1PSWlk5
www.newsnationnow.com/ Name: sailthru_content
Value: 11482313b6799f99ebb4f11ec31f32cf
www.newsnationnow.com/ Name: sailthru_visitor
Value: bc72527d-a84a-4f5c-9b5f-8814820723e3
.w55c.net/ Name: matchgoogle
Value: 5
www.newsnationnow.com/ Name: _lr_retry_request
Value: true
www.newsnationnow.com/ Name: _lr_env_src_ats
Value: false
.newsnationnow.com/ Name: cto_bundle
Value: cX7gqF9Qdlp3cklteTRQeG5iSWpjSnBYSlMxb2ltU1FjNkhMSWJxbjNoJTJCS2RTTzRuV2FmSnFTa2Uwc291M2xvSTRYUW1WekJXQlc2TW1iNDZhTjIyWWJ3SlhHQ2FkQnUlMkI0VERkR1l0TWFnMHhlZDBvWWN2Y2FZTnFyTnRzZzZNU1liOTVERjM1bUdKV2JzYkF3Mm9maSUyRjJUajNuaWlFOG5meFFKJTJGNmpkNzJGZzRMVSUzRA
.ads.yieldmo.com/ Name: consenttapad
Value: 1
.ads.yieldmo.com/ Name: rptr
Value: rc%3D1684028160000%7Cunl%3D1684028160000%7Cc%3D1684028160000%7Ctapad%3D1169464%7Cpub%3D1684028160000%7Cdv360%3D1684028160000
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!2881-2!2881
.tribalfusion.com/ Name: ANON_ID
Value: alnr6itZdPuem7SpBnA8v4tCrJoMhZdJyLZd6maVxLaOiUGTXfEonFl7iIXjr3p8JSvYyy2O7jo
.id5-sync.com/ Name: callback
Value:
.id5-sync.com/ Name: id5
Value: 9c4e7026-0560-7afd-ace4-35cb03dc8c70#1682819955357#2
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIipSM6pDK5DsQBRIWCgdydWJpY29uEgsIhMjM7ZDK5DsQBRIXCghwdWJtYXRpYxILCJy2l--QyuQ7EAUSFAoFdGFwYWQSCwiMyZ3wkMrkOxAFEhYKB3N2eDl0NTASCwjSu7SHkcrkOxAFGAEgASgCMgsI5pSDu6fK5DsQBTgBWgc4aDl1MTFoYAI.
.semasio.net/ Name: SEUNCY
Value: 22D37AD76CA25579
.id5-sync.com/ Name: 3pi
Value: 112#1682819956406#-2058144212#22D37AD76CA25579|434#1682819955634#1298458918|2#1682819955765#948334011#2806201715888124060|3#1682819956544#737967840#a664644d-cb70-4300-9a13-233ed2a6eae5|501#1682819956820#-1031743809|264#1682819955895#-1351447610#0d3b310b-bf7a-405b-b93b-9457c9f6b19e|441#1682819955462#403976228#u_5fbdfc8a-79e0-43e9-8d6c-b58dea3f848b|155#1682819956820#1108226208#AADqGE7Im5cAACHzaMyfgw|108#1682819956689#2097162561|429#1682819956019#-1315072009#82F9C575-3E8E-4842-8DB7-4EBFA3FA043E
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.go.sonobi.com/ Name: __uir_i5mm
Value: 1
.go.sonobi.com/ Name: __uin_i5mm
Value: a664644d-cb70-4300-9a13-233ed2a6eae5

4 Console Messages

Source Level URL
Text
network error URL: https://dyv1bugovvq1g.cloudfront.net/67/www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1262
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://www.newsnationnow.com/business/tech/microsoft-breached-in-suspected-russian-hack-using-solarwinds/
Message:
The resource https://fonts.googleapis.com/css?family=Lora:400,400i,700,700i|Roboto+Condensed:400,700&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5776a749ba5764be1bab8a555d90744e.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.travelaudience.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
ak.sail-horizon.com
analytics-sm.com
analyticssystems.net
api.btloader.com
api.rlcdn.com
api.sail-personalize.com
api.segment.io
assets.revcontent.com
at.teads.tv
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
blue.newsnationnow.com
bob.dmpxs.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
cc.adingo.jp
cdn-gl.imrworldwide.com
cdn.civicscience.com
cdn.confiant-integrations.net
cdn.cookielaw.org
cdn.doubleverify.com
cdn.onesignal.com
cdn.revcontent.com
cdn.segment.com
check.analytics.rlcdn.com
cm.g.doubleclick.net
cm.lotlinx.com
cm2.lotlinx.com
cookies-data.onetrust.io
creativecdn.com
cs.admanmedia.com
cs.media.net
csync.loopme.me
d.adroll.com
d15kdpgjg3unno.cloudfront.net
d2zqfs55y95cft.cloudfront.net
d3plfjw9uod7ab.cloudfront.net
dmp.brand-display.com
dpm.demdex.net
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
dyv1bugovvq1g.cloudfront.net
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
geolocation.onetrust.com
get.civicscience.com
global.imrworldwide.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.revcontent.com
img.revcontent.com
jadserve.postrelease.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
load77.exelator.com
loadm.exelator.com
m.addthis.com
mab.chartbeat.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
nexstar.blueconic.net
nxst.megpxs.com
onesignal.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
protected-by.clarium.io
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure-dcr.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
segment.psg.nexstardigital.net
simage2.pubmatic.com
simage4.pubmatic.com
sqs.us-east-1.amazonaws.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.chartbeat.com
static.criteo.net
stats.wp.com
sync-amz.ads.yieldmo.com
sync-pm.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.rtk.io
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
trace.mediago.io
trends.revcontent.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
usr.undertone.com
v1.addthisedge.com
w3.mp.lura.live
www.civicscience.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.newsnationnow.com
www.nxsttv.com
x.bidswitch.net
yeet.revcontent.com
z.moatads.com
zsb6z8kidk8m38ei3c29ryfmhjszj1682819951.nuid.imrworldwide.com
s7.addthis.com
sync.rtk.io
104.127.172.242
104.18.25.185
104.36.115.113
107.20.18.23
108.138.107.138
108.159.227.82
124.146.215.51
13.225.214.26
13.225.223.151
13.35.93.44
130.211.23.194
142.250.65.198
142.251.32.98
142.251.40.194
151.101.130.133
151.101.194.49
151.139.128.10
162.19.138.118
162.248.18.32
162.248.18.34
169.197.150.8
174.137.133.32
18.164.116.116
18.164.116.98
18.210.106.198
18.211.206.98
185.167.164.39
185.184.8.90
185.98.54.153
192.0.66.120
192.0.76.3
192.40.39.223
198.148.27.139
199.127.204.171
199.187.193.177
199.187.193.181
199.38.167.130
207.198.113.230
216.200.232.249
23.197.32.118
23.205.77.247
23.216.151.62
23.52.158.180
23.54.68.197
23.54.69.151
23.60.5.44
2600:1400:9000::687e:7699
2600:1901:0:2954::
2600:1f18:4e9:5a07:4fe1:ac42:6a21:1cf9
2600:1f18:61c0:2204:f195:b922:3681:7158
2600:9000:215f:c600:13:a391:88c0:21
2600:9000:2209:2e00:1b:5138:8a40:93a1
2600:9000:2209:4400:f:c7b3:ce40:93a1
2600:9000:2209:7200:11:b309:9100:21
2600:9000:2209:9800:5:82fd:2500:21
2600:9000:2361:5200:2:42d9:3100:93a1
2600:9000:24eb:f600:f:c7b3:ce40:93a1
2600:9000:24f1:3000:18:1fcd:351:7bc1
2600:9000:2510:a200:1d:667e:2a40:93a1
2602:803:c002:200::42
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700:20::681a:78b
2606:4700:20::ac43:4513
2606:4700:3032::ac43:cb69
2606:4700:4400::6812:20c1
2606:4700:4400::ac40:9062
2606:4700:4400::ac40:99f6
2606:4700::6812:19ad
2606:4700::6812:d63b
2606:4700::6813:bc61
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::2006
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::2008
2607:f8b0:4006:817::2004
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2001
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:1ec:21::14
2a02:6ea0:c400::11
2a04:4e42:600::714
3.132.156.14
3.237.215.27
3.239.232.254
3.33.220.150
34.111.113.62
34.111.151.213
34.117.228.201
34.120.155.137
34.133.71.175
34.196.165.14
34.199.245.73
34.200.40.122
34.200.65.202
34.224.47.217
34.229.3.43
34.230.197.176
34.231.23.92
34.231.47.224
34.98.64.218
35.169.149.236
35.172.39.42
35.174.20.74
35.190.0.66
35.207.24.140
35.208.249.213
35.211.178.172
35.214.153.92
50.57.31.206
51.255.68.171
52.202.108.25
52.206.62.126
52.207.45.55
52.223.22.214
52.3.68.96
52.35.110.192
52.4.33.45
52.45.175.185
52.46.128.147
52.54.239.67
52.6.78.119
52.73.235.138
52.85.109.55
52.85.61.52
52.94.220.185
54.152.156.135
54.186.170.143
54.191.238.37
54.192.51.113
54.192.51.41
54.192.51.7
54.192.51.8
54.208.43.162
54.86.165.56
54.88.77.103
68.67.160.132
68.67.179.153
69.166.1.12
69.173.151.100
70.42.32.255
70.42.32.95
74.119.119.139
8.28.7.83
8.28.7.84
8.43.72.97
80.77.87.163
99.83.154.140
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
032c97779200ed51c5566540c4ddccec5216c160290bd20447e48bb895b08b2a
03514645c8db549e7a05e047fdb6fe4ce45407fcb8e292403ae63e5f260c7644
047f3578d4ee4841808f78c19ba5a78afed273605270d50d659de7007438ff6a
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05c514b1d302798768397cff545450e1d5ca021b1d333ff0617edb5e77fb3e45
0627b4895013873ffc9abf70336ba21b56b98718890b1ec6a6316a67fe1322e6
0657d7f3fc264bdd692723e7489a1b6d7a14cf47e85e3f1b187df1576d7cb365
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
071fa6ee748fff543b5a107ab59132542756ac0ebe86f1708b79afd9d93139b7
087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d
08d135c718c4e974d5994c2085e868daa3a531b43dacdbde7ac609075de54566
09e6804cc9b13b3418be1a367c368545512c79179827dbc3a26b8bd3e40b5a14
09f5c1f9026d51570174da6ec90024f7dfa382a455837f5571a2fc6004cdee93
0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0da877ab247b2762098812231395a30607d9db556bd54c417bd34d90618d1e05
0db6b9ae552c1cba8fa9c49d2639e8d62525bfe2a4d3a63804cab0df107b0ee2
0fae7cb122b33949c45effba227d872943f35d08e48c352a1d92e8bd1936d9d6
10d55f3972f0a7442b192affcf4f2ef10683974f58ae5dc9c87778c0ced9b248
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
133b0a1570d26f9e1beeecaeb4587a8f449c65bff8c87895cdd7e98879644ba6
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
1537ea59fe760513e81e0d92603da1eac49e37a8f3d97e6597614ce0850cd43e
17f1e4b00cad0185f45ea17a2caa736847695f01617bb2ddfeb7e498b27e5c83
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18d8cff2dec0fe59ecb30b0af74f19915b78b5c50d0d615fa06969e0f32581c7
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
1a234275545ba883616ac6b4151a0f06d9bb097146e806e40317a263bbf1c51e
1a62a50741963e587d42b905ce9f22c55a19453096d308c5cdbc5762ded77c27
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1dae54a048baca0eb3c12a246582dd2a509a3feb0cb721c3116e26688f175f10
1fdb9df737a2bd90a7eaf85346dd80688fb0f45c8d851bbc8ac91d6ced8ec11e
206b8b5741ec26fdb50523874fa975c69a20850a1976deba28003de4d789d63f
215d273b9d2315f35c56a6d6890f4d09e7a8c4bdb284947fec2e79bb2df23a7f
21a491fefef220d25eeb0bccdb6574f5068db07dd5f58a788fe814b2fbab65d1
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
23a9ff0fa92e2adfc1249c6f9d51cc1a7e89881cacbeef28b8535bcd2695977a
2500de77e010f915c511336c5ab24efdea12aeeb430d1fc514411523cf1fe79e
26722786cc2b7257efb9ed4b77e7c4f0cae058303ac58a67e74f191db592eda7
26e8db41813f87bb61da1529be0ca2d88fd523807d5125bf293025539754fce2
2be26b2e7ea57676a49e6af3c8624a919d4e4967fbd709703c1e5c76ab7adc40
2c19221e712d2f822b4b12520e26bbef9a6848faf76892d4dead3fdd063ba0c0
2ca48d5a00e55f8e173d945d8fa4e5ef185d1e1eb979712a292eae9585815790
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f27554f22b8d95687bfef8e3e64ec1c3544a03559175f5abc1f96bd84963c2b
2f52ff46e74319dbf632e994096136dd4e2344d5ed2534ef0059733cebdb1bd1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f6eeb511e853211c742d1fa125b45ece32fe5711f407c5eb43613670082b3e5
2ffbd2044f32177182571ae98cdb456be05ab0d4d8ab75f04f8f9a985db43a81
306acf23526b8fd39a9efaf651ef11a1bc42d4fbdb7f729d63423cd29476ef7b
3096bee9054c41abde6da9e20322fffb9bababf5adbbb75511776f68e012b993
30a0d0eb0c770691e9350bffa6ae22690c4c935a1a74ce2940f30cedaa703a3c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324614d75e758d300332b52fa34ae780371aa2a57fb565063840cfafb87f173d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34cda84dad1a5c0f8b20efaa771574fc356702ac4fcf84d64d2b0ff019dab334
350c8dbe22ce0bb7b5776740e2ed900132da0be7248a7d29916f8b83b0c02c53
36578ae592482703e85b49339372ddb90fb913e993def91a768d7193bf523d12
369f20e17ce9308e9e488e6fdbdf3aa0e3c8c4705b903c23cd610e7c41eedd16
375ea80d6ad5f103926f3412f8537d952ab1c3ac78147d4be6e81861d4ed29cf
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
38affcb9e2732c13cefa1fdec4cc50517333bc8343b91d7f0b948701a73abc47
39a0ef12d6ee7fc5f0348cc70dcc70e6763e003fb9b8d681762234367643c0a1
3a9959f66246484c08b7cdf40440a1d37ded12364621d64c0d09437e371e865f
3dd4120634d5432a98d8a0640210f5ec0b9de68b76767b35bcbcfc7502213cec
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403d607a5ce6a9f34c9717b37a7bc25270175a9afbae017c865c81b3ba160655
41c06dd5ad983637db66959281e8e6266ae406377923a25ef7999d481cf828d6
43e96d451b13a80f769c106908376c94b31beb9aac6566498c5c60f0059ca4f1
44643aa84099c58129ed861d4f2ab5369a5f6dda0a7b8213d760f851de1978e0
44b859a45e736bd2764feab34ffd5299fe75298936d737e50458d1c46bebfc27
4591a61a65deec7ba99f2a84b040d27661065366adb21e72c01485f9ab0b74be
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469ab758cfe6a8ac93cda5872ca28655f6f874a2f6cceafa710fc01f52fc787d
46a42eb0c6a78703cc40c76b693f310ab295e7ebdcc218e88648b2bf5da5dd32
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
4768d796cd86601ea51cb79bfa81825d89dd7ab8c6c9d313ef0274bf8821a42a
47bb94fe059f61b77d91dacf179c1495ad3bb442df65b776e50fdba41342c6b2
47bff7678b8a6ef6bc620848913de463febf3167180dd24d6268caf14ad4304c
47cacb4ad89583e1e997ad3cac6e019b30d4b09889a057acbd7d1c9a2669a7d0
47eda70daf2548adbe89b16897fea3a523c86e7d265f6f36e3da0f677814ff37
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c765a6456a49a85f123b9ff35da8300c3b2c7ba53f87ca3ff94af611448dd2
48da39245c2d34e4ea250f13607bdc727c0bb129e7804df7a154f0c79a2d53ac
4909fbe9f6644099bea439e8fcc5a39000458879cbcd38e9d853753839390da1
4aa4e9d5c44180f36fe72491b77f51bd82bbc082b71ca50b9309bafc7571dd6a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba045b8d4225f11143a5d69036753be8773f449e1e458c851b76f0a412ed144
4bc971508d0cf8cf9dfce9bc781eb96f4059c17ff5f0f5687cfada4b64637d42
4c64e9b136e7a97550020cc37d103f00e93082d70e92ab729810a8b87f3ea5dc
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
511af1ff25fca541b146b93f62bfb32b7836fb9410355a29152407fccbdcb261
51c5bcae037eb42870927ac507f108f8e590368731a18ff9dd36f4b64ab0e67d
52701ac57c398a0ac28495752bb9289b87fb7894f73e794bda86ea44f69b6314
5308afda29eed78e3551c62f31baa62522be00b6ca0d6b5dfa437a8c700ebb59
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55cde4226c6e9479f3df692b31b7d29e8b63bf206c8344c17e120addc3d41db2
5632e97790c27eee160a056911015d031ce663fa3e8e868c303053ad25f787ae
58435af5c3b0b222e368654cc0bc35e39ddf345d4f7c132dfcb3172ad60e1521
58829af7fd4ea53a9a53f760e122a948aef6ad88ff05e32003c09f4bb87d635b
58e3d3dd6505fad5039ecf085727ad24c2b52df0077c3f4d34661d8b47899bc1
5940c1a3c9c9e08fc0755fa5492eaf4f9c807ca5ef70d8122947831647195ff0
5954d46ef0a4a8b580e6630a6b7d6f542ca8834fff02cdb2a410d2d9435119c7
59e002329b790ba722111c239742f13074edb0f988f42a5a0e78324ad24cfdcb
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5d9902ccac011c83c05387d110956e1ddf61b0732b104bded4c61446a1a2094e
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5dd7145f1cb5c2e13a9ef6106801892e8cabc8c58fa6469d7b04ab35b3455b00
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6017001d3364a193d0b50a880d464d2b20767005e1d685530434770989270ca9
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c2b07928322897f38ba66e15bb2c766694e89b20deae6809f8c96422584845
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64aa86bdc27da739a75f7554ef67d6b7560cb93486743fb0baa74e176c7cfeb9
67e40afea590dbd487bf12f6ceaa5c16e606cbec9268c64b69a371d5fb3cc09b
684fd99df9c567ebe9cbcd5ef11f18b9a1ef3cec1cb141cd8f80e2cb9398eee3
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6d37f3708268f1179d38dea04c1fdff2743856af859e98ed7d356f00027fcb96
6f3b25719ac4571720eaf7eb80a0e81641bf6665b20693e6eea7785744098b12
6f63f4c537bc568f1084f47fa718432cc639e7b71bafb27eeb7a75c120a3448d
70a69a73c8f604528d5390b58c53a83ce6a3290d0e7fca9df7ee5134c892e36a
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
71e284986ca0528a2f3abdfaefac6d16e7874846dda0344cff1456c9804b643a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72f600662bf0816c7a0ec3557a9d1e79c890ef801ff9f1026429d0367ad1f0e9
7401214718587ec11a24cf835b91cb2dcc7efdf9caf6ba923f3ea0f8250a89ff
7429e664871f86d037ddadef0b07a146557927b7ff081bee665223af1e0a6b1b
7484358e7f25e068df4b3112be535d16bf310dab9d160446a1d30b54474d24e9
7502890a8592622e5de8c40e5d1d6c0556aa088949970f004f4d57aa5e4963bd
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
750f4c56e8b1f97a201446b3d94d6b3c5912dc5df8b06ec6f543de2270405f78
75c3bb778289d34347b05d95eafcad22c97fb6637a2da8e5f60af9368ee0ee2b
76357ae80cacc78bb1385d3bf6a3e4479c34ec4e502396f266dfd2ee8b993055
7667de86db71e27e444ab0a3f8088ff597349578f0680ac65023dde4ce567afe
77104954a8da55b9f1d068be612586aa5a927287f7d7a1052299ebcffdea482e
78b9dc5d0987b605b295bc7ba71ff897a49ead3969dd0319de83c2491d575f0f
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7b4d1ef03a0c8d0dc4f1c5839e721c20e6df96016ff4b3fed1360f3e6b02dd2d
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7d9969d56cafe0bcc63350313033ca15ab1acca206040bbfbbdf99e22a1ad2ec
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
7fa4abb686798756bc90d4d6d1e4da75137160ecf2bc7ff6c103263f9842c444
7fae4df872b9fc1175bcb8d8defdc10054ed5771ead7935e6b3fc66cbde6c3fb
81299638bf270af49c87e6d9ceb4a8ef7a282ab326c5ac52e8a311c88dcd115a
82836d8469e6bbeab686eb7fadee649cbe77ff4c201a38ae629651e2752b70dc
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84432b6dc3830418a78a9fd78aa8284566e3f01eddede190fca4b5a0ce79b233
8917ee6c52d68cf3833bc2b76b12f964d722504fb5daff07756fcbe82a1cc20d
8a40b4f02090bed35f9605142c61c57571521525e134501e5688f47d325585e8
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8aaeb91503b21289515d596ac2ae6d81f2e3781a09923d8f757000bb9b182ba9
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225
8bf19f91bc2cf8c9c116c433d71fb6530a0ad7b376843920ea7155e0595c706f
8cba48093624538b3efeecdd7cdcb2b6d6d3ae04aae0323da97b4a2a722460a3
8d6b3842f44363f04ef80e8af5baff7f0b06d0b75beed3167cc1060340b2dcff
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9063ce5b2bf869e259c3341c247f67af6124b6911f189ea1110dc3b8777f3e19
92a4028a4709d9bc9804056a0ca57d071bbd9f854e5ba83dbda2778ac68f4d77
92f46c7cba4d17f6919a27bc712bcfa2ae726743ba22c8e208014990f7661268
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bad75da6387119536f2243353d77f2a2c27e722599902651aadae94794bb233
9c83ec0c1a66f4d7a6fa65a8a3aa8f61e4f97df5d932c3b5913e5f772c5cdaca
9dcd42706b55488849677355cc06f02d79470434d038fe8b0c2093873dd5fe4f
9e2c0f9c8b7c348defe012c165f5ba4c0e1f6ca10db7763733095bec3b380df1
9eb84d2c15cf8f66b57ec3c9db8bb4cbd962516eedb2adcf007feb2489a02500
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1407b0c846c65977d7932af975a60934cde970ad97b72e01e9bc02afe29e7e4
a182298504cef7daa5c027c37c0ec041a6dec7f21176514dbebde155abce2016
a4727cf9cbdf4d3bd177c30cfd0ac711122aa967559147ca5d00356a25276007
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51a0208e70b0a8757e94d496549ef4265a62d8daa89217bd9ba37715b1a486a
a6e07260fcbdecc8faa8944bcd02a1135ff6050ecb806a29a129b1cebc201803
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
ab02b10d61319e5aa403d4eb344b08e3214ec79d6771354fdcbb3019d4ebb6a7
ab5769dc69e2af9fe734c411643b7b1ce420618387a1dc3709b94da5989f036d
abeae890ad5d00f2b15a0417ea29e3c824bd73fb86f4aed1cb0fad7cb92bf7a4
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aec8c3130e52b9dadd8ce7e9695e5eb4461bedcecadae5f4274fa27dd69bb814
af27db7d6746be817216cdf352f51248a2a1ea7fbcf4612140873dc58f2ab3b5
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b45b13290613afe888b1b76c76f394b039a5567d7014cca194a8c5a7e62f00b9
b53f4461d5cca6c84559fd143366aeef0a5d816ccbab23085f0167433ca67070
b62d4ef790bf4c653cefa6bb1c655a2b47a716f629cb1fdefd52c800387aeb09
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8f40d7ed81fa0cea7c219b89b2b011894d953d1763aca7e20690f75f57edd14
b98764eaffdb3c3bf9c6bfa36f2f75f3d563aef7287e3c532a51d5403bb0ad0b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc37ad724f20a9b3468ad89c9c927d82d7815b63ed7590d1ee64e12af0c82ae9
bcdb4c5bf501cc59ef0dca0a5f3172397ab95503650d7cbf30751426a1e29170
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c20c45870b413bbdc61e95127c7daac93c75193bfd649d4fd9dfb99aee16f5eb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c373bc40e39ce0c8a1eb1d4fe31836987486b5167ce0f8e5907914f5f6f42608
c42b59c5f880c7295d213ae367e1849089a271e012b3cbe80d6bd5dc7b04f421
c557e2347bc0b5062708434c04c4ce2e1ed2afc7180353dc614d1b9d52d1a5bd
c72d5ee392eeb3b437dc995ed6ca9ef6f3ecb9519619b23094e6207523f6df40
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
c8b076a4676aaf3b2ff4000fe15ad299cb4625eafbce213a23d4e7090b96e982
c8e4df00bdad9ee1602ded3b28ca40610b3866740f0d70272ffaaf748dedf694
c955faf32414b23d503636e33f7998c3870d6e988b61b7b14ae20d7c9cc25257
c97ab630ffe8b75aa418f674d3b2be23cc687a03b90c2bd71e5069974b6276a0
cb21de6c4321894e2e14836ee2fee94b0bd14b8a25e5411b8690ced493261c71
cc5729fb244b5e3e3158dd78d6633ff7e48d1a200da8c870d645152d93548a4e
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce414b16f3de2473752de60c5f061794d0c15b793b41c6feb2340cdb89e46772
ce66a47f00949cdecc0cd1a56a0157672bdaee73745826dfa90b30e3f4aa6533
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf912d98227ff449c83070ee7bbd7b84d7fc9115014fecad1af2e01e9134dc79
d065f7cc6b79b09f5b6a153979752b530d4a8e93c48d540c7e91cca22e497f57
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1e711d61ad0476c0da400e33cf8d47a24b4ca8dc4e4631c605e1553402231c0
d34561adc300594eaa4aedc0f5b7438a72365aef2f51ea03aae9ac0888a26c17
d362655f8e40f3757ac5ee7998bec675d0b0883c42ddcaf427a1dd7a381a46dc
d44df99a717d92e9f5f791d2d5a220e0e2fcdfea5d9b12891f866a0d9bffdc1e
d505d8cd9003b80d0d6ef362a6cfbbe43037a8db59498dc3b0e6a295663c40df
d714928c83b9d8c62e94e52316c530131ad7350a01d23799447c0c09a5830cc6
d8890206b5ec28689dd27a141e9025e339e4970d25d3997222a4123c06f7c7cd
d8ccb4c5509e44f4c52aff345b90e9336171709398110793842e10ae63aae4b1
d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db00fcc4ea84dfcefe111e54a67078b49acb85b44e59ff46abe4a9b110e3fdbe
db3f413c23f123adf2a59f1123bb56c194ad8485ba790b7387faf1f186f5bdd6
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5
dcbaf94d8e603835cf8515970921a80fedc7f8f2d1c6081881226cdcff68c547
dcc4d601f369911be6cecbd03aedb6e93b0ac8af9779a5c28fd65cfd04339798
ddf124a9486c416e3061f41c736c28e0c2697facf0d12d9f7cd50d7b85162cb3
e238c1f3cd9d01e3e147ef07fe25b6f1341a49b9b0989c655cea85bad27d3f91
e2ac609b5ca271090852b4166e4569ec79f84e372277ba386c151cbc9c6ceb37
e345e96e50c7ac27dd9826c685f7ee0b0d7af7b6d1b9b1eb70bef052f2a5a3b1
e39a315f56326a99d7d8c9fed31d0ff876ffdb13e0bcb4e7bccba92160a84468
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e4700c468cf354246d94b2db8f165ac25e866ae4b4e1819bb9852f61c64a013a
e5fefbe5c2b3a0676ec677ab6e4786b5de0260099b534082e07369c685f282d7
e62ff111daf17418d9a23c8cf57947f202701d3d0fb370d29579f60bc9b29dc8
e647a88fe0e1ff79a24b9649735f35995b95c89ad7eef843c02eb6012b5f9255
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7efcd6d780141149d6cfa70470b4518d2e4cbb421bc21d76df611f6b2969587
eaa1d8ff795c59d3fea27b5c11b076f9dd4fb86625e6e19e94c94f2e8bedaeec
ee037acd115322446bf9e58d29e715113b8d1060741d9053d698e73020e9de90
ee9f313b24e5afd487e1d748e36e50c8ed84c081d91e9ce6d2799dc0e61aa627
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c78461b72d985caf979ec1daa7709c406d4c9996aebcc2fc587f81e30616d1
f299ed8d77a8eca1e3e2610c1c245cd5dfe00baba8a0799512fac5d61d69018a
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56
f45e8c0789458a1aae0de357620b82f2d8692fc1ebf904c01a348e01304c7eb8
f6ae7c8aef5bfb22d3d6b6f9c8669cb937b0d51678f23264648c9b4ea79bba80
f6e7cf0ebadee44e5d50a9405a59903f5c4cae0f621af11deea85c1e8d140c6e
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
fa852bc86d8cf44647c08d2428f4b6e7bced846930e419b34629fe177f44bee7
faee024c3f32dd31addcb6821c09b707c70bcf78dfce4e5bf7540e4cf6800bb4
fafb9f6bdd28b4a2e09a1e9e5bb39fa5db2bb32fe8bb22f1c2a91898e113bee2
fb69f24a301e10b4fcf3b0d8b418c20ef5591263331e712b5d74153c85d3e653
fd93fbd00fc168496db366c21c9eecd8a4a08b2ff962c076fe63b2f873e8ae84
fe57c866192792981bcde1f022f935d3a9ab5ae6165ad21f9d4c748ad18776e1
fe77bcd801d64df511d0fa235355e285fdcb561ec5459191ecb6fc1bc457a836
ffe8d407737eb90e9dcba6d5ecd4ae359e4dfea8d79254943c3d059258b9c1f2