news.yahoo.com Open in urlscan Pro
2001:4998:124:1507::a000 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Submission: On April 30 via api (April 30th 2023, 3:39:04 am UTC) from CA — Scanned from CA

Summary HTTP 417 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 69 IPs in 7 countries across 88 domains to perform 417 HTTP transactions. The main IP is 2001:4998:124:1507::a000, located in Lockport, United States and belongs to YAHOO-BF1, US. The main domain is news.yahoo.com. The Cisco Umbrella rank of the primary domain is 8198.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on January 17th 2023. Valid for: 6 months.

This is the only time news.yahoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2001:4998:124... 2001:4998:124:1507::a000	26101 (YAHOO-BF1) (YAHOO-BF1)
73	2001:4998:14:... 2001:4998:14:800::1000	14777 (YAHOO) (YAHOO)
1	54.164.208.134 54.164.208.134	14618 (AMAZON-AES) (AMAZON-AES)
11	2001:4998:58:... 2001:4998:58:207::6000	26101 (YAHOO-BF1) (YAHOO-BF1)
1 2	18.160.200.115 18.160.200.115	16509 (AMAZON-02) (AMAZON-02)
31	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
2	152.199.24.48 152.199.24.48	15133 (EDGECAST) (EDGECAST)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3	2600:9000:24d... 2600:9000:24d1:9e00:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	152.195.14.41 152.195.14.41	15133 (EDGECAST) (EDGECAST)
5 5	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
19 66	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1	23.213.157.58 23.213.157.58	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	54.213.70.181 54.213.70.181	16509 (AMAZON-02) (AMAZON-02)
1 1	18.160.225.89 18.160.225.89	16509 (AMAZON-02) (AMAZON-02)
1 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
3	2001:4998:124... 2001:4998:124:1507::f000	26101 (YAHOO-BF1) (YAHOO-BF1)
3	2600:9000:250... 2600:9000:2507:a200:10:43f:4352:ad61	16509 (AMAZON-02) (AMAZON-02)
2	3.221.202.206 3.221.202.206	14618 (AMAZON-AES) (AMAZON-AES)
12	2606:4700::68... 2606:4700::6812:ad65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.160.225.129 18.160.225.129	16509 (AMAZON-02) (AMAZON-02)
1 1	199.250.160.129 199.250.160.129	26459 (TTD-ASN-01) (TTD-ASN-01)
6 8	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	18.211.69.177 18.211.69.177	14618 (AMAZON-AES) (AMAZON-AES)
20 28	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
9	2600:1f18:4e9... 2600:1f18:4e9:5a07:c5bd:680d:2822:1831	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6 6	162.248.18.32 162.248.18.32	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	162.248.18.34 162.248.18.34	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 8	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
6 37	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 2	96.17.64.29 96.17.64.29	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	54.226.241.213 54.226.241.213	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.133.71.175 34.133.71.175	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3 3	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.213.207.74 3.213.207.74	14618 (AMAZON-AES) (AMAZON-AES)
1 5	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
6 6	2606:ae80:145... 2606:ae80:1451:22::760	25751 (VALUECLICK) (VALUECLICK)
5 5	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	52.5.155.111 52.5.155.111	14618 (AMAZON-AES) (AMAZON-AES)
2 2	68.67.160.117 68.67.160.117	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	35.214.153.92 35.214.153.92	15169 (GOOGLE) (GOOGLE)
3	3.230.217.116 3.230.217.116	14618 (AMAZON-AES) (AMAZON-AES)
3	192.40.39.248 192.40.39.248	27381 (CASALE-MEDIA) (CASALE-MEDIA)
11	34.117.84.249 34.117.84.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	209.204.233.220 209.204.233.220	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	75.119.185.242 75.119.185.242	27381 (CASALE-MEDIA) (CASALE-MEDIA)
35	96.6.30.77 96.6.30.77	16625 (AKAMAI-AS) (AKAMAI-AS)
15	23.54.69.151 23.54.69.151	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	23.92.190.68 23.92.190.68	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3 3	3.231.231.174 3.231.231.174	14618 (AMAZON-AES) (AMAZON-AES)
4 4	2620:100:a001... 2620:100:a001::1d	19750 (AS-CRITEO) (AS-CRITEO)
4	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	68.67.160.26 68.67.160.26	29990 (ASN-APPNEX) (ASN-APPNEX)
2 5	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
2 2	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.3.180.182 52.3.180.182	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.2.156.62 52.2.156.62	14618 (AMAZON-AES) (AMAZON-AES)
2	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
3 3	199.187.193.197 199.187.193.197	47043 (SMARTADSE...) (SMARTADSERVER)
1 1	34.111.151.213 34.111.151.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	104.18.11.47 104.18.11.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
3	2607:f8b0:400... 2607:f8b0:4006:809::2006	15169 (GOOGLE) (GOOGLE)
2	18.117.20.224 18.117.20.224	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	209.204.232.43 209.204.232.43	27381 (CASALE-MEDIA) (CASALE-MEDIA)
6	18.172.134.90 18.172.134.90	16509 (AMAZON-02) (AMAZON-02)
1 2	146.20.128.158 146.20.128.158	27357 (RACKSPACE) (RACKSPACE)
3	2400:52e0:1a0... 2400:52e0:1a00::845:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
2	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:821::2001	15169 (GOOGLE) (GOOGLE)
1 1	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
4 4	199.127.204.142 199.127.204.142	26120 (RHYTHMONE) (RHYTHMONE)
2 2	35.211.233.246 35.211.233.246	19527 (GOOGLE-2) (GOOGLE-2)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	2600:1f18:1c9... 2600:1f18:1c96:4103:85f9:b152:a5d7:cc08	14618 (AMAZON-AES) (AMAZON-AES)
1 2	54.162.158.9 54.162.158.9	14618 (AMAZON-AES) (AMAZON-AES)
1 1	38.68.201.140 38.68.201.140	174 (COGENT-174) (COGENT-174)
1 1	67.202.105.21 67.202.105.21	32748 (STEADFAST) (STEADFAST)
1 1	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	54.205.21.165 54.205.21.165	14618 (AMAZON-AES) (AMAZON-AES)
1	8.18.47.7 8.18.47.7	398989 (DEEPINTENT) (DEEPINTENT)
5	23.34.249.16 23.34.249.16	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
2	135.148.35.198 135.148.35.198	16276 (OVH) (OVH)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
1 2	54.210.120.215 54.210.120.215	14618 (AMAZON-AES) (AMAZON-AES)
4 4	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
1	34.235.90.200 34.235.90.200	14618 (AMAZON-AES) (AMAZON-AES)
1 1	172.105.235.90 172.105.235.90	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 2	2606:4700:10:... 2606:4700:10::6816:37ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:16ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.209.252.165 3.209.252.165	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
1	52.85.61.120 52.85.61.120	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:233... 2600:9000:233d:5800:11:9be7:da80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.34.248.177 23.34.248.177	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	64.74.236.63 64.74.236.63	19024 (INTERNAP-...) (INTERNAP-BLK5)
417	69

6 2001:4998:124:1507::a000 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)

news.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edge-mcdn.secure.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.208.134 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-208-134.compute-1.amazonaws.com

guce.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2001:4998:58:207::6000 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)

udc.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.160.200.115 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-160-200-115.ord56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)

openweb.jac.yahoosandbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5.ras.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jill.fc.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jac.yahoosandbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.ras.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.24.48 (United States)

ASN15133 (EDGECAST, US)

opus.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

api.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tsdtocl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:24d1:9e00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.14.41 (United States)

ASN15133 (EDGECAST, US)

tag.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 76.13.32.147 (Lockport, United States) 5 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 34.200.65.202 (Ashburn, United States) 19 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
service.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.157.58 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-157-58.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.213.70.181 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-70-181.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.225.89 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-160-225-89.ord58.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 1 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4998:124:1507::f000 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)

www.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2507:a200:10:43f:4352:ad61 (United States)

ASN16509 (AMAZON-02, US)

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.221.202.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-202-206.compute-1.amazonaws.com

prod-m-node-1111.ssp.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:ad65 (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.225.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-225-129.ord58.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.250.160.129 (United States) 1 redirects

ASN26459 (TTD-ASN-01, US)

usw-ca2.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.71.131.137 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.69.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-69-177.compute-1.amazonaws.com

onevideosync.uplynk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.81.226 (United States) 20 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:4e9:5a07:c5bd:680d:2822:1831 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.248.18.32 (United States) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.248.18.37 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.248.18.34 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.223.22.214 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 192.40.39.223 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.17.64.29 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-64-29.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.49 (United States) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.226.241.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-241-213.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.133.71.175 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.71.133.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19ad (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.207.74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-207-74.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:ae80:1451:22::760 (United States) 6 redirects

ASN25751 (VALUECLICK, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aol-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.211.178.172 (North Charleston, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.5.155.111 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-155-111.compute-1.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.117 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.153.92 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com

us-east-1-web-oao.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.40.39.248 (Canada)

ASN27381 (CASALE-MEDIA, CA)

prebid-ny.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.117.84.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.84.117.34.bc.googleusercontent.com

adsvr.ecdrsvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aud.ecdrsvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.204.233.220 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a3648.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.119.185.242 (Wasilla, United States)

ASN27381 (CASALE-MEDIA, CA)

a1310.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 96.6.30.77 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-6-30-77.deploy.static.akamaitechnologies.com

mcs.ecdrsvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resource.ecdrsvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.54.69.151 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-69-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.92.190.68 (Charlotte, United States) 4 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.231.231.174 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-231-174.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a001::1d (United States) 4 redirects

ASN19750 (AS-CRITEO, US)

ssp-sync.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

i.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.26 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.208.249.213 (Council Bluffs, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.39.36.142 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.180.182 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-180-182.compute-1.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.156.62 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-156-62.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.187.193.197 (Canada) 3 redirects

ASN47043 (SMARTADSERVER, CA)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:112:f002:bbbb::21 (United States) 4 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States) 2 redirects

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::2006 (New York, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.117.20.224 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-117-20-224.us-east-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:80f::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.204.232.43 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a491.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.172.134.90 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-134-90.ord56.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.20.128.158 (United States) 1 redirects

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1a00::845:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

cdn-rhino.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2002 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:821::2001 (New York, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.127.204.142 (United States) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.233.246 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:1c96:4103:85f9:b152:a5d7:cc08 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.162.158.9 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-158-9.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.68.201.140 (United States) 1 redirects

ASN174 (COGENT-174, US)

yhp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.21 (Palos Park, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.21.165 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-21-165.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.34.249.16 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-249-16.deploy.static.akamaitechnologies.com

millennialnexageinapp768429046591.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81f::2002 (New York, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.148.35.198 (United States)

ASN16276 (OVH, FR)
PTR: ns1015826.ip-135-148-35.us

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.210.120.215 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-120-215.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.207.24.140 (North Charleston, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.90.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-90-200.compute-1.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.235.90 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1889-90.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.210.196.208 (Wilmington, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:37ce (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:16ea (United States)

ASN13335 (CLOUDFLARENET, US)

idpix.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.252.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-252-165.compute-1.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2001 (New York, United States)

ASN15169 (GOOGLE, US)

7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-120.ewr53.r.cloudfront.net

cdn.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:233d:5800:11:9be7:da80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2cli4kgl5uxre.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.34.248.177 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-248-177.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.63 (United States) 2 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
127	yahoo.com 24 redirects news.yahoo.com — Cisco Umbrella Rank: 8198 edge-mcdn.secure.yahoo.com — Cisco Umbrella Rank: 8539 guce.yahoo.com — Cisco Umbrella Rank: 4845 udc.yahoo.com — Cisco Umbrella Rank: 4793 geo.yahoo.com — Cisco Umbrella Rank: 1919 opus.analytics.yahoo.com — Cisco Umbrella Rank: 6072 5.ras.yahoo.com — Cisco Umbrella Rank: 7519 tag.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 4846 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1606 ups.analytics.yahoo.com — Cisco Umbrella Rank: 402 www.yahoo.com — Cisco Umbrella Rank: 1278 service.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 1853 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689 jill.fc.yahoo.com — Cisco Umbrella Rank: 3769 6.ras.yahoo.com — Cisco Umbrella Rank: 6323 us-east-1-web-oao.ssp.yahoo.com — Cisco Umbrella Rank: 6951	340 KB
66	yimg.com s.yimg.com — Cisco Umbrella Rank: 631	1 MB
46	ecdrsvc.com adsvr.ecdrsvc.com — Cisco Umbrella Rank: 517686 mcs.ecdrsvc.com — Cisco Umbrella Rank: 551584 resource.ecdrsvc.com — Cisco Umbrella Rank: 535332 aud.ecdrsvc.com — Cisco Umbrella Rank: 527100	299 KB
43	casalemedia.com 6 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876 dsum.casalemedia.com — Cisco Umbrella Rank: 2284 prebid-ny.casalemedia.com — Cisco Umbrella Rank: 10234 a3648.casalemedia.com — Cisco Umbrella Rank: 467026 a1310.casalemedia.com — Cisco Umbrella Rank: 297678 a491.casalemedia.com — Cisco Umbrella Rank: 436893	39 KB
36	doubleclick.net 20 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269	206 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com	138 KB
17	moatads.com z.moatads.com — Cisco Umbrella Rank: 681 px.moatads.com — Cisco Umbrella Rank: 712 geo.moatads.com — Cisco Umbrella Rank: 1045 mb.moatads.com — Cisco Umbrella Rank: 1057	327 KB
13	yahoosandbox.com openweb.jac.yahoosandbox.com — Cisco Umbrella Rank: 17800 jac.yahoosandbox.com — Cisco Umbrella Rank: 6668	276 KB
12	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 9000	145 KB
10	pubmatic.com 10 redirects image8.pubmatic.com — Cisco Umbrella Rank: 1002 image2.pubmatic.com — Cisco Umbrella Rank: 1377 image4.pubmatic.com — Cisco Umbrella Rank: 1704	4 KB
9	adsrvr.org 7 redirects usw-ca2.adsrvr.org — Cisco Umbrella Rank: 4237 match.adsrvr.org — Cisco Umbrella Rank: 451	5 KB
8	criteo.com 4 redirects ssp-sync.criteo.com — Cisco Umbrella Rank: 1388 dis.criteo.com — Cisco Umbrella Rank: 941	3 KB
8	3lift.com 6 redirects eb2.3lift.com — Cisco Umbrella Rank: 535	3 KB
6	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 1283	19 KB
6	mediago.io 2 redirects trace.mediago.io — Cisco Umbrella Rank: 2349 cdn.mediago.io — Cisco Umbrella Rank: 9605	5 KB
6	dotomi.com 6 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 4976 aol-match.dotomi.com — Cisco Umbrella Rank: 9606	2 KB
6	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 2399 gw.geoedge.be — Cisco Umbrella Rank: 2790	274 KB
5	moatpixel.com millennialnexageinapp768429046591.s.moatpixel.com — Cisco Umbrella Rank: 5809	1 KB
5	turn.com 4 redirects ad.turn.com — Cisco Umbrella Rank: 1341 r.turn.com — Cisco Umbrella Rank: 4617	2 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	3 KB
5	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 376	4 KB
5	js7k.com cdn.js7k.com — Cisco Umbrella Rank: 1548	81 KB
4	mfadsrvr.com 4 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1505	2 KB
4	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 883	2 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1020	908 B
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 319 Failed secure.adnxs.com — Cisco Umbrella Rank: 604	4 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	1 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 875	2 KB
3	b-cdn.net cdn-rhino.b-cdn.net — Cisco Umbrella Rank: 550363	24 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	75 KB
3	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 958	560 B
3	smartadserver.com 3 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052	893 B
3	sharethrough.com 3 redirects match.sharethrough.com — Cisco Umbrella Rank: 777	2 KB
3	tribalfusion.com 3 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1248 s.tribalfusion.com — Cisco Umbrella Rank: 2774	2 KB
3	media.net 2 redirects contextual.media.net — Cisco Umbrella Rank: 838 cs.media.net — Cisco Umbrella Rank: 2272	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 813	1 KB
2	connectad.io 1 redirects sync-eu.connectad.io — Cisco Umbrella Rank: 6616 sync.connectad.io — Cisco Umbrella Rank: 8397	357 B
2	bidr.io 1 redirects match.prod.bidr.io — Cisco Umbrella Rank: 825	426 B
2	dyntrk.com gu.dyntrk.com — Cisco Umbrella Rank: 3200
2	cognitivlabs.com 2 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2452	1 KB
2	w55c.net 1 redirects pm.w55c.net — Cisco Umbrella Rank: 1332	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 3496	965 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	97 KB
2	lkqd.net 1 redirects cs.lkqd.net — Cisco Umbrella Rank: 4185	1 KB
2	bttrack.com 2 redirects bttrack.com — Cisco Umbrella Rank: 1329	626 B
2	adform.net c1.adform.net — Cisco Umbrella Rank: 908	1001 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009	2 KB
2	gumgum.com 2 redirects rtb.gumgum.com — Cisco Umbrella Rank: 2335	507 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 447	2 KB
2	ctnsnet.com 2 redirects i.ctnsnet.com — Cisco Umbrella Rank: 4607	714 B
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 5985	1 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 682	792 B
2	contextweb.com 2 redirects bh.contextweb.com — Cisco Umbrella Rank: 866	2 KB
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 707	751 B
2	advertising.com prod-m-node-1111.ssp.advertising.com — Cisco Umbrella Rank: 6848	482 B
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1965	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 277	2 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 218	887 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1063	465 B
1	cloudfront.net d2cli4kgl5uxre.cloudfront.net	84 KB
1	google.ca adservice.google.ca — Cisco Umbrella Rank: 14238	531 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1620	967 B
1	media6degrees.com idpix.media6degrees.com — Cisco Umbrella Rank: 2696	578 B
1	aralego.com 1 redirects sync.aralego.com — Cisco Umbrella Rank: 4618	573 B
1	appier.net 1 redirects gocm.c.appier.net — Cisco Umbrella Rank: 3678	376 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 2477	504 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 2235	634 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1528	223 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 744	702 B
1	33across.com 1 redirects ssc-cms.33across.com — Cisco Umbrella Rank: 1678	557 B
1	mxptint.net 1 redirects yhp.mxptint.net — Cisco Umbrella Rank: 10752	602 B
1	tidaltv.com sync.tidaltv.com — Cisco Umbrella Rank: 2638	198 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 1325	752 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955	589 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1456	796 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 3483	424 B
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 2579	367 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1427	292 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 942	506 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1223	646 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1948	36 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 413	611 B
1	uplynk.com onevideosync.uplynk.com — Cisco Umbrella Rank: 5058	196 B
1	truste.com choices.truste.com — Cisco Umbrella Rank: 1322	10 KB
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 775	683 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 822	466 B
1	tsdtocl.com tsdtocl.com — Cisco Umbrella Rank: 4920	1 KB
1	taboola.com api.taboola.com — Cisco Umbrella Rank: 4295	544 B
417	88

	Domain	Requested by
66	s.yimg.com	news.yahoo.com s.yimg.com rumcdn.geoedge.be
60	ups.analytics.yahoo.com	19 redirects news.yahoo.com s.yimg.com jac.yahoosandbox.com
33	resource.ecdrsvc.com	mcs.ecdrsvc.com rumcdn.geoedge.be resource.ecdrsvc.com
28	cm.g.doubleclick.net	20 redirects news.yahoo.com googleads.g.doubleclick.net 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
25	dsum-sec.casalemedia.com	5 redirects ssum-sec.casalemedia.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	rumcdn.geoedge.be pagead2.googlesyndication.com tpc.googlesyndication.com jac.yahoosandbox.com 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
12	px.moatads.com	jac.yahoosandbox.com news.yahoo.com
12	jac.yahoosandbox.com	openweb.jac.yahoosandbox.com jac.yahoosandbox.com
12	c.bannerflow.net	rumcdn.geoedge.be c.bannerflow.net news.yahoo.com
9	ssum-sec.casalemedia.com	1 redirects rumcdn.geoedge.be ssum-sec.casalemedia.com jac.yahoosandbox.com
9	pr-bh.ybp.yahoo.com	news.yahoo.com s.yimg.com ssum-sec.casalemedia.com jac.yahoosandbox.com
9	5.ras.yahoo.com	news.yahoo.com s.yimg.com
8	tpc.googlesyndication.com	rumcdn.geoedge.be 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
8	eb2.3lift.com	6 redirects news.yahoo.com s.yimg.com
8	match.adsrvr.org	6 redirects s.yimg.com ssum-sec.casalemedia.com
7	aud.ecdrsvc.com	jac.yahoosandbox.com
7	geo.yahoo.com	s.yimg.com
6	choices.trustarc.com	rumcdn.geoedge.be news.yahoo.com
6	6.ras.yahoo.com	jac.yahoosandbox.com
6	image8.pubmatic.com	6 redirects
6	service.idsync.analytics.yahoo.com	tag.idsync.analytics.yahoo.com rumcdn.geoedge.be news.yahoo.com s.yimg.com
6	news.yahoo.com	news.yahoo.com s.yimg.com
5	millennialnexageinapp768429046591.s.moatpixel.com	jac.yahoosandbox.com
5	trace.mediago.io	2 redirects news.yahoo.com 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
5	x.bidswitch.net	5 redirects
5	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
5	cdn.js7k.com	rumcdn.geoedge.be news.yahoo.com s.yimg.com
5	cms.analytics.yahoo.com	5 redirects
4	rtb.mfadsrvr.com	4 redirects
4	securepubads.g.doubleclick.net	s.yimg.com securepubads.g.doubleclick.net news.yahoo.com
4	ad.turn.com	4 redirects
4	dis.criteo.com	jac.yahoosandbox.com
4	ssp-sync.criteo.com	4 redirects
4	aol-match.dotomi.com	4 redirects
4	ap.lijit.com	4 redirects
4	adsvr.ecdrsvc.com	prebid-ny.casalemedia.com rumcdn.geoedge.be jac.yahoosandbox.com
4	sync-tm.everesttech.net	4 redirects
4	udc.yahoo.com	s.yimg.com
3	sync.1rx.io	3 redirects
3	cdn-rhino.b-cdn.net	news.yahoo.com
3	s0.2mdn.net	resource.ecdrsvc.com jac.yahoosandbox.com
3	js-sec.indexww.com	ssum-sec.casalemedia.com
3	ssbsync.smartadserver.com	3 redirects
3	match.sharethrough.com	3 redirects
3	z.moatads.com	adsvr.ecdrsvc.com rumcdn.geoedge.be
3	prebid-ny.casalemedia.com	news.yahoo.com rumcdn.geoedge.be
3	us-east-1-web-oao.ssp.yahoo.com	news.yahoo.com jac.yahoosandbox.com s.yimg.com
3	jill.fc.yahoo.com	openweb.jac.yahoosandbox.com
3	dsum.casalemedia.com	ssum-sec.casalemedia.com
3	gw.geoedge.be	rumcdn.geoedge.be
3	www.yahoo.com	news.yahoo.com
3	rumcdn.geoedge.be	news.yahoo.com
2	b1sync.zemanta.com	2 redirects
2	www.google.com	7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com tpc.googlesyndication.com
2	7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	match.prod.bidr.io	1 redirects s.yimg.com
2	gu.dyntrk.com	s.yimg.com
2	beacon.lynx.cognitivlabs.com	2 redirects
2	pm.w55c.net	1 redirects jac.yahoosandbox.com
2	a.sportradarserving.com	2 redirects
2	googleads4.g.doubleclick.net	rumcdn.geoedge.be
2	www.googletagservices.com	rumcdn.geoedge.be 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
2	cs.lkqd.net	1 redirects googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	rumcdn.geoedge.be
2	bttrack.com	2 redirects
2	c1.adform.net	jac.yahoosandbox.com rumcdn.geoedge.be
2	sync.srv.stackadapt.com	2 redirects
2	rtb.gumgum.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	i.ctnsnet.com	2 redirects
2	mcs.ecdrsvc.com	adsvr.ecdrsvc.com rumcdn.geoedge.be
2	secure.adnxs.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	casale-match.dotomi.com	2 redirects
2	a.tribalfusion.com	2 redirects
2	creativecdn.com	2 redirects
2	contextual.media.net	1 redirects s.yimg.com
2	bh.contextweb.com	2 redirects
2	us-u.openx.net	2 redirects
2	ib.adnxs.com	news.yahoo.com
2	image4.pubmatic.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	prod-m-node-1111.ssp.advertising.com	news.yahoo.com
2	uipglob.semasio.net	1 redirects news.yahoo.com
2	dpm.demdex.net	1 redirects news.yahoo.com
2	opus.analytics.yahoo.com	s.yimg.com opus.analytics.yahoo.com
2	sb.scorecardresearch.com	1 redirects news.yahoo.com
2	edge-mcdn.secure.yahoo.com	news.yahoo.com edge-mcdn.secure.yahoo.com
1	cs.media.net	1 redirects
1	cms.quantserve.com	7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
1	r.turn.com	7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
1	d2cli4kgl5uxre.cloudfront.net	7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
1	cdn.mediago.io	7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ca	securepubads.g.doubleclick.net
1	exchange.mediavine.com	s.yimg.com
1	idpix.media6degrees.com	s.yimg.com
1	sync.connectad.io	s.yimg.com
1	sync-eu.connectad.io	1 redirects
1	sync.aralego.com	1 redirects
1	gocm.c.appier.net	1 redirects
1	crb.kargo.com	s.yimg.com
1	ums.acuityplatform.com	1 redirects
1	mb.moatads.com	rumcdn.geoedge.be
1	match.deepintent.com	ssum-sec.casalemedia.com
1	sync.mathtag.com	1 redirects
1	ssc-cms.33across.com	1 redirects
1	yhp.mxptint.net	1 redirects
1	sync.tidaltv.com	jac.yahoosandbox.com
1	p.rfihub.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.go.sonobi.com	1 redirects
1	a491.casalemedia.com	rumcdn.geoedge.be
1	geo.moatads.com	rumcdn.geoedge.be
1	s.company-target.com	1 redirects
1	dmp.brand-display.com	1 redirects
1	a1310.casalemedia.com	rumcdn.geoedge.be
1	a3648.casalemedia.com	prebid-ny.casalemedia.com
1	csync.loopme.me	1 redirects
1	ads.yieldmo.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	um.simpli.fi	1 redirects
1	rtb.adentifi.com	s.yimg.com
1	c.bing.com	1 redirects
1	onevideosync.uplynk.com	news.yahoo.com
1	usw-ca2.adsrvr.org	1 redirects
1	choices.truste.com	rumcdn.geoedge.be
1	aa.agkn.com	1 redirects
1	tags.bluekai.com	news.yahoo.com
1	tag.idsync.analytics.yahoo.com	opus.analytics.yahoo.com
1	tsdtocl.com	opus.analytics.yahoo.com
1	api.taboola.com	opus.analytics.yahoo.com
1	openweb.jac.yahoosandbox.com	s.yimg.com
1	guce.yahoo.com	s.yimg.com
417	134

This site contains links to these domains. Also see Links.

Domain
www.yahoo.com
mail.yahoo.com
finance.yahoo.com
sports.yahoo.com
search.yahoo.com
shopping.yahoo.com
mobile.yahoo.com
login.yahoo.com
yahoo.uservoice.com
www.businessinsider.com
www.facebook.com
twitter.com
www.bbc.com
www.nbcnews.com

Subject Issuer	Validity	Valid
yho.com DigiCert SHA2 High Assurance Server CA	`2023-01-17` - `2023-07-12`	6 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
guce.oath.com DigiCert SHA2 High Assurance Server CA	`2022-12-15` - `2023-06-07`	6 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-06` - `2023-05-31`	6 months	crt.sh
jp.techcrunch.com DigiCert SHA2 High Assurance Server CA	`2023-04-05` - `2023-07-05`	3 months	crt.sh
opus.analytics.yahoo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-27` - `2024-05-27`	a year	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-02-21` - `2023-10-10`	8 months	crt.sh
tsdtocl.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-15` - `2023-12-31`	a year	crt.sh
*.idsync.analytics.yahoo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-11` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-22` - `2023-05-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-10` - `2023-06-10`	a year	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-16`	a year	crt.sh
onevideosync.uplynk.com DigiCert SHA2 High Assurance Server CA	`2023-02-22` - `2023-05-24`	3 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
adentifi.com Amazon RSA 2048 M02	`2023-02-22` - `2023-09-03`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
*.ecdrsvc.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-19` - `2024-02-13`	a year	crt.sh
www2.loblaw.ca DigiCert TLS RSA SHA256 2020 CA1	`2023-01-16` - `2024-01-17`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.tidaltv.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-19` - `2023-06-19`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.app.kargo.com Amazon RSA 2048 M02	`2023-02-21` - `2024-01-18`	a year	crt.sh
dstillery.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-21` - `2024-05-21`	a year	crt.sh
*.google.ca GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.mediago.io GlobalSign GCC R3 DV TLS CA 2020	`2023-01-13` - `2024-02-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Frame ID: E6F479B97408BC8813C595131FF807F6
Requests: 95 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Frame ID: A3A3C0EF11D2A3A29654303B1CC64AE2
Requests: 26 HTTP requests in this frame

Frame: https://opus.analytics.yahoo.com/tag/opus-frame.html?referrer=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&tbla_id=
Frame ID: 28D2C03337F821DF4A168F0D0BA06F4E
Requests: 1 HTTP requests in this frame

Frame: https://tsdtocl.com/
Frame ID: 4ECDD0B13BB351DB6A3EAF0FAF79F1E2
Requests: 1 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A//news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Frame ID: EC4F27084080EEF2E226B3E4818A3432
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/19505?id=y-xznai8hE2pJrxahSWKbpOAAEr96o.Sfk_yA-~A
Frame ID: A780A864803E452EB329FE2B1E942194
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
Frame ID: 22C47D68B7D2E48811C249D2325F8656
Requests: 11 HTTP requests in this frame

Frame: https://onevideosync.uplynk.com/usync?key=onevideo&comboId=y-nLPVcYRE2uEEAhzZ60OiBkcsrvkverlm~A&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=
Frame ID: 5A86B4BABD6B2372772B4FC3D256E4E0
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&gdpr=0&gdpr_consent=&s=175407&C=1
Frame ID: FADF0178F4EB8E57B33CAA2B717C1AC7
Requests: 10 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Frame ID: 98EE4BDD37C6F8CFD916786F59DA58F5
Requests: 33 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Frame ID: 20344C75AD19787BA3BEB6FAAD07FC04
Requests: 3 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Frame ID: ADD4AB783D7DC29A3E3CB98DCF4E75AE
Requests: 3 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Frame ID: 79AD69DF6B7C92313E99FAF432FA7D46
Requests: 36 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Frame ID: B4F70FA4A83928F6C199AB5C8BDE4AE2
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Frame ID: 9B4966E409C831DEC47F993D1CA00545
Requests: 10 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Frame ID: 80E3D0770754F88681776CA73DA2BE4C
Requests: 47 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Frame ID: 3692A23C064E51D898FC1CB87F8FA7B8
Requests: 3 HTTP requests in this frame

Frame: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Frame ID: 217DC493ED23F7E579F7D3714C5DCE12
Requests: 17 HTTP requests in this frame

Frame: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Frame ID: 9D0450912BC97A7448A36A9C835880A5
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLaZGhCq47ECGO_irW8wAQ&v=APEucNXy2Bn7E1iUA64D9lNmnNYr-PjMygecs3DZsVXL_SEzMvWdym5JeUI_18yvSfJpcTfrgBcMJMrm-gpWgmR8NurVS8EHow
Frame ID: 5DD1E66481B2B22B53E93FF36FA89419
Requests: 5 HTTP requests in this frame

Frame: blob://https://c.bannerflow.net/408ae7ca-9480-474d-9035-59d001ea9f4d
Frame ID: 6CA3524B3DE4C8154475DF02212F541E
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/megalotto/5f7472ffab198f201c14e16d/images/4cb09f83-ed08-4240-b67d-fdd1afe25cad.svg
Frame ID: 650E3D24100BC21886EB01E0F7EDF80D
Requests: 2 HTTP requests in this frame

Frame: https://cdn-rhino.b-cdn.net/videos/CasinoDays_Digital_1080x1080_MALE02.mp4
Frame ID: 9A4DFE5874DE6062D02C74F7F21ABF42
Requests: 3 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 0CFBC9B65DD4ED3607063FE19FAC7FDA
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Frame ID: 0B370AC37CEB1F6AF2BF74220A3A9875
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3907D5EFD154B929ED428307EBA59BAF
Requests: 3 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Frame ID: A4F84ADE43C79783AF5E056AA8377EC8
Requests: 26 HTTP requests in this frame

Frame: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0B41AEEE89DD0B29C25B87FCEAC56F1B
Requests: 1 HTTP requests in this frame

Frame: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C7A1F28BF41AA423325FE6533E6673A4
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 28132D4A020EDB123A48256AA99DC115
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EE47D994F2F30BA84C3495E708B9CC48
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9596A5E4760CB8C1AE74B97D25F47D5A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mike Pompeo says Russia was 'pretty clearly' behind the massive SolarWinds cyberattack that compromised US national security

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Lightbox (JavaScript Libraries) Expand

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Page Statistics

417
Requests

75 %
HTTPS

26 %
IPv6

88
Domains

134
Subdomains

69
IPs

7
Countries

3626 kB
Transfer

10392 kB
Size

124
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.yahoo.com/
Title: HOME

Search URL Search Domain Scan URL

URL: https://mail.yahoo.com/
Title: MAIL

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/
Title: FINANCE

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/
Title: SPORTS

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/
Title: ENTERTAINMENT

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle
Title: LIFE

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search/
Title: SEARCH

Search URL Search Domain Scan URL

URL: https://shopping.yahoo.com/
Title: SHOPPING

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/plus
Title: YAHOO PLUS

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/everything/
Title: MORE...

Search URL Search Domain Scan URL

URL: https://mobile.yahoo.com/news
Title: Download the Yahoo News app

Search URL Search Domain Scan URL

URL: https://login.yahoo.com/?.lang=en-US&src=news&.done=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&pspid=&activity=ybar-signin
Title: Sign in

Search URL Search Domain Scan URL

URL: https://mail.yahoo.com/?pspid=&activity=ybar-mail
Title: Mail

Search URL Search Domain Scan URL

URL: https://yahoo.uservoice.com/forums/204992-us-news
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/
Title: Business Insider

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=458584288257241&link=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html%3Fsoc_src%3Dsocial-sh%26soc_trk%3Dfb%26tsrc%3Dfb

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Mike%20Pompeo%20says%20Russia%20was%20%27pretty%20clearly%27%20behind%20the%20massive%20SolarWinds%20cyberattack%20that%20compromised%20US%20national%20security&url=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html%3Fsoc_src%3Dsocial-sh%26soc_trk%3Dtw%26tsrc%3Dtwtr&via=YahooNews

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/?hprecirc-bullet?utm_source=yahoo.com&utm_medium=referral
Title: Visit Business Insider's homepage for more stories

Search URL Search Domain Scan URL

URL: https://www.bbc.com/news/world-us-canada-55374945
Title: according to the BBC.

Search URL Search Domain Scan URL

URL: https://www.nbcnews.com/news/us-news/secretary-state-pompeo-says-hack-was-pretty-clearly-russian-n1251798
Title: NBC reported.

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/cybersecurity-experts-freaking-out-solarwinds-russia-hack-2020-12?utm_source=yahoo.com&utm_medium=referral
Title: 18,000 of its customers downloaded the software update containing

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/list-of-the-agencies-companies-hacked-in-solarwinds-russian-cyberattack-2020-12?utm_source=yahoo.com&utm_medium=referral
Title: Among those who were targeted

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/russia-hack-on-fireeye-2020-12?utm_source=yahoo.com&utm_medium=referral
Title: cybersecurity company FireEye

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/solarwinds-hack-will-take-years-to-investigate-experts-say-2020-12?utm_source=yahoo.com&utm_medium=referral
Title: say it could take some of those organizations years to figure out the extent of the cyberattack

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/biden-statement-solarwinds-cyberattack-trump-russia-2020-12?utm_source=yahoo.com&utm_medium=referral
Title: vowed this week that he would make cyber-security a "top priority" of his administration.

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/biden-lindsey-graham-a-disappointment-for-not-recognizing-election-result-2020-12?utm_source=yahoo.com&utm_medium=referral
Title: Biden says Lindsey Graham is a 'personal disappointment' for not recognizing him as president-elect

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/bernie-sanders-biden-not-doing-enough-to-amplify-progressive-policies-2020-12?utm_source=yahoo.com&utm_medium=referral
Title: Sen. Bernie Sanders said he thinks President-elect Joe Biden isn't doing enough to amplify progressive policies

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/dr-jill-biden-reacts-to-wsj-essay-that-was-such-a-surprise-2020-12?utm_source=yahoo.com&utm_medium=referral
Title: 'That was such a surprise': Dr. Jill Biden reacts to Wall Street Journal op-ed where she was called 'kiddo'

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/joe-biden-victory-donald-trump-triggered-huge-relief-in-europe-2020-11?utm_source=yahoo.com&utm_medium=referral
Title: Trump's defeat by Joe Biden has triggered a huge wave of relief among the United States' European allies

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/mike-pompeo-massive-us-cyberattack-pretty-clearly-tied-to-russia-2020-12
Title: Business Insider

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://sb.scorecardresearch.com/p?c1=2&c2=7241469&c5=1197618800&c7=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&c14=-1&c8=Mike%20Pompeo%20says%20Russia%20was%20%27pretty%20clearly%27%20behind%20the%20massive%20SolarWinds%20cyberattack%20that%20compromised%20US%20national%20security&c9=&gdpr=0&gdpr_consent=&cs_ucfr=1&ns_c=UTF-8&ns__t=1682825936489 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=7241469&c5=1197618800&c7=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&c14=-1&c8=Mike%20Pompeo%20says%20Russia%20was%20%27pretty%20clearly%27%20behind%20the%20massive%20SolarWinds%20cyberattack%20that%20compromised%20US%20national%20security&c9=&gdpr=0&gdpr_consent=&cs_ucfr=1&ns_c=UTF-8&ns__t=1682825936489

Request Chain 90

https://cms.analytics.yahoo.com/cms?partner_id=BLKAI&orig=ono HTTP 302
https://ups.analytics.yahoo.com/ups/58739/cms?partner_id=BLKAI&orig=ono HTTP 302
https://tags.bluekai.com/site/19505?id=y-xznai8hE2pJrxahSWKbpOAAEr96o.Sfk_yA-~A

Request Chain 91

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&orig=ono HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-oW7RhFdE2pE1tyqLn57fag33wBUxTAUJD0w-~A&redir=https%3A%2F%2Fcms.analytics.yahoo.com%2Fcms%2F%3Fpartner_id%3DADOBE%26_origin%3Dfalse%26_redirect%3Dfalse%26_hosted_id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30646

Request Chain 92

https://cms.analytics.yahoo.com/cms?partner_id=NEUAR&orig=ono HTTP 302
https://ups.analytics.yahoo.com/ups/58692/cms?partner_id=NEUAR&orig=ono HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9202214988&yho=y-M5erbFpE2p6iw6L1jS7ErYNIKq2I_vRBGrg-~A HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=NEUAR&_origin=false&_redirect=false&_hosted_id=213590604502002831112&gdpr=&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58692/cms?partner_id=NEUAR&_origin=false&_redirect=false&_hosted_id=213590604502002831112&gdpr=&gdpr_consent=

Request Chain 93

https://cms.analytics.yahoo.com/cms?partner_id=SEMAS&orig=ono&sInitiator=external HTTP 302
https://ups.analytics.yahoo.com/ups/58699/cms?partner_id=SEMAS&orig=ono&sInitiator=external HTTP 302
https://uipglob.semasio.net/oath/1/info?sType=sync&_sdv&sExtCookieId=y-H71ecStE2oNwgzdqLuEb0CKpUqzMFtAH.7I-~A&sInitiator=external HTTP 302
https://uipglob.semasio.net/oath/1/info2?sType=sync&_sdv&sExtCookieId=y-H71ecStE2oNwgzdqLuEb0CKpUqzMFtAH.7I-~A&sInitiator=external

Request Chain 102

https://usw-ca2.adsrvr.org/bid/feedback/rightmedia?t=1&iid=2610ccd1-bedc-4d05-b66c-c372cf9540e9&crid=5dcnkl2a&wp=0.05&aid=51fe8c9bed294e2b9ad426d0cd6d1d39-1&wpc=USD&sfe=168562cf&puid=&tdid=&pid=4pz3c42&ag=zcnuy12&adv=0o77csr&sig=1AXwtUgmcU7fVxT6SR9hYicH1QePSBZrOlkt_iFmIed4.&bp=0.15062612&cf=4874720&fq=0&td_s=news.yahoo.com&rcats=y29&mste=news.yahoo.com&mfld=2&mssi=&mfsi=&uhow=167&agsa=&rgz=M6A&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=01&mlang=&svpid=52469&did=&rcxt=Other&lat=43.720000&lon=-79.450000&tmpc=8.100000000000023&daid=&vp=0&osi=&osv=&bffi=41&mk=Google&c=CgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..&durs=AuzKvO&crrelr=&fpa=332&pcm=3&vc=3&said=51fe8c9bed294e2b9ad426d0cd6d1d39&ict=Unknown&auct=1&im=1&mc=7a689acd-f623-47ff-86ff-eb27d7767d52&abr=f61de5ba-f4d4-4ae2-bf1c-451ad349cc6a&tail=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=40022b3b-2005-4517-8542-406606e8d366&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-mqqowrVE2uJqGZBy3qmpFpB5RVwWsq0-~A&gdpr=0

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1NZzVrOHQxRTJ1RzN1MHRJTHZDUTJsNTJia3YxNFdqVX5B&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1NZzVrOHQxRTJ1RzN1MHRJTHZDUTJsNTJia3YxNFdqVX5B&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=&google_tc=

Request Chain 108

https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/y-MdYAn0lE2uJtEOKtR8tL0D.cDcUKdFM-~A

Request Chain 109

https://c.bing.com/c.gif?Red3=OATHMS_pd HTTP 302
https://pr-bh.ybp.yahoo.com/sync/msn/28A9667348D76D8A104E757049EC6CB8

Request Chain 110

https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=undefined&gpp_sid=&gpp=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-mecNXXVE2uWJvpBtOZ4TRTFNBGpEgUY-~A%26gdpr%3d0%26gdpr_consent%3dundefined%26gpp_sid%3D%26gpp%3D%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fups.analytics.yahoo.com%252Fups%252F58292%252Fsync%253F_origin%253D0%2526gdpr%253D0%2526gdpr_consent%253Dundefined%2526gpp_sid%253D%2526gpp%253D%2526uid%253D%2523PMUID%2526redir2%253Dtrue HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=undefined&gpp_sid=&gpp=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-mecNXXVE2uWJvpBtOZ4TRTFNBGpEgUY-~A%26gdpr%3d0%26gdpr_consent%3dundefined%26gpp_sid%3D%26gpp%3D%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fups.analytics.yahoo.com%252Fups%252F58292%252Fsync%253F_origin%253D0%2526gdpr%253D0%2526gdpr_consent%253Dundefined%2526gpp_sid%253D%2526gpp%253D%2526uid%253D%2523PMUID%2526redir2%253Dtrue&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEU1NkZDODctQzdDRC00MDlELUFDQUQtQzY3NDBBRjc3ODRF&gdpr=0&gdpr_consent=undefined HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=undefined HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=undefined HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=&partnerID=156078&pmc=1&pr=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58292%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3Dundefined%26gpp_sid%3D%26gpp%3D%26uid%3D8E56FC87-C7CD-409D-ACAD-C6740AF7784E%26redir2%3Dtrue&xid=y-mecNXXVE2uWJvpBtOZ4TRTFNBGpEgUY-~A HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=0&gdpr=0&gdpr_consent=undefined&gpp_sid=&gpp=&uid=8E56FC87-C7CD-409D-ACAD-C6740AF7784E&redir2=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8E56FC87-C7CD-409D-ACAD-C6740AF7784E&gdpr=0

Request Chain 111

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=aef834df-63b1-4eaf-8e89-772e7531eb1a&_origin=0&gdpr=0&gdpr_consent=

Request Chain 112

https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid= HTTP 0
https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-zqY4j_hE2uHYzKEOM7vD.S7gpB_4gg--~A&gdpr=0

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EYVppTnE5RTJ1RzlTcGxqS1Q1aE5RaWVPZS5SamNVeH5B&gdpr=0&gdpr_consent=undefined&_origin=0&gpp=&gpp_sid= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EYVppTnE5RTJ1RzlTcGxqS1Q1aE5RaWVPZS5SamNVeH5B&gdpr=0&gdpr_consent=undefined&_origin=0&gpp=&gpp_sid=&google_tc= HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=undefined&_origin=0&gpp=&gpp_sid=

Request Chain 115

https://eb2.3lift.com/getuid?&gdpr=0&cmp_cs=undefined&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3Dundefined%26gpp_sid%3D%26gpp%3D HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=undefined&us_privacy=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3Dundefined%26gpp_sid%3D%26gpp%3D HTTP 302
https://ups.analytics.yahoo.com/ups/58382/sync?_origin=0&ums2=0&redir=true&uid=2721268965583522060162&gdpr=0&gdpr_consent=undefined&gpp_sid=&gpp= HTTP 302
https://eb2.3lift.com/sync?px=1&gdpr=0&axid=y-RtmEYBRE2uL9dX8oCIE9AVZfeRlhvFE_~A&ums2=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=40022b3b-2005-4517-8542-406606e8d366&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 116

https://ssum-sec.casalemedia.com/usermatch?s=175407&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&gdpr=0&gdpr_consent=&s=175407&C=1

Request Chain 117

https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D%26uid%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D%26uid%3D HTTP 302
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=a6b45b46-279a-48f8-ae32-0651f52dec4d

Request Chain 118

https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-mecNXXVE2uWJvpBtOZ4TRTFNBGpEgUY-~A%26gdpr%3d0%26gdpr_consent%3d%26gpp_sid%3D%26gpp%3D%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fups.analytics.yahoo.com%252Fups%252F58292%252Fsync%253F_origin%253D0%2526gdpr%253D0%2526gdpr_consent%253D%2526gpp_sid%253D%2526gpp%253D%2526uid%253D%2523PMUID%2526redir2%253Dtrue HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-mecNXXVE2uWJvpBtOZ4TRTFNBGpEgUY-~A%26gdpr%3d0%26gdpr_consent%3d%26gpp_sid%3D%26gpp%3D%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fups.analytics.yahoo.com%252Fups%252F58292%252Fsync%253F_origin%253D0%2526gdpr%253D0%2526gdpr_consent%253D%2526gpp_sid%253D%2526gpp%253D%2526uid%253D%2523PMUID%2526redir2%253Dtrue&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzg3MzJDQzYtNTc0Qy00RkJGLUIxMkYtQTRGQjk0RDg4NzhC&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=&partnerID=156078&pmc=1&pr=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58292%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3Dundefined%26gpp_sid%3D%26gpp%3D%26uid%3D8E56FC87-C7CD-409D-ACAD-C6740AF7784E%26redir2%3Dtrue&xid=y-mecNXXVE2uWJvpBtOZ4TRTFNBGpEgUY-~A HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=0&gdpr=0&gdpr_consent=undefined&gpp_sid=&gpp=&uid=8E56FC87-C7CD-409D-ACAD-C6740AF7784E&redir2=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8E56FC87-C7CD-409D-ACAD-C6740AF7784E&gdpr=0

Request Chain 119

https://bh.contextweb.com/bh/rtset?pid=558299&ev=1&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55972%2Fsync%3Fuid%3D%25%25VGUID%25%25%26_origin%3D0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=XzFjU0tGYmdRVkNOLTRKZmFSbWZTQQ&gdpr=&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_hm=XzFjU0tGYmdRVkNOLTRKZmFSbWZTQQ&gdpr=&gdpr_consent=&google_tc= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEJDBfq9MCLkiiWlYfX6htVM&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55972/sync?uid=wJzWN8AA4XC9&_origin=0&ev=1&gpp_sid=&gpp=&pid=558299&gdpr_consent=&gdpr=0

Request Chain 120

https://contextual.media.net/cksync.php?cs=3&type=vzn&ovsid=y-ox5tDsJE2uFM8q3t.7fbI3mwVrVg4Dpl~A&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D0%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D HTTP 302
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3258275371455332000V10&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

Request Chain 121

https://sync-tm.everesttech.net/upi/pid/eknnbrON?gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/eknnbrON?gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D&_test=ZE3i0QAGellArAA9 HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=ZE3i0QAGellArAA9&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&_test=ZE3i0QAGellArAA9

Request Chain 123

https://um.simpli.fi/yahoo?_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=B7F28402B343451C968533164C290EDF&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=

Request Chain 124

https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&tc=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57926/sync?uid=p05yXL96p4Ssu0UCcsXY&pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&tc=1

Request Chain 125

https://a.tribalfusion.com/i.match?p=b17&u=y-FXg_LWBE2uhdwonF5dmb_Rkgl36kFfI-~A&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F57628%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D%26uid%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b17&u=y-FXg_LWBE2uhdwonF5dmb_Rkgl36kFfI-~A&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F57628%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D%26uid%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ups.analytics.yahoo.com/ups/57628/sync?_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=18072662259299574469

Request Chain 126

https://ads.yieldmo.com/verizonsync?&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://ups.analytics.yahoo.com/ups/58529/sync?uid=gc50329cd6ebcc4d7e1b&_origin=0&gdpr=0&gdpr_consent=

Request Chain 127

https://eb2.3lift.com/getuid?&gdpr=0&cmp_cs=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D HTTP 302
https://ups.analytics.yahoo.com/ups/58382/sync?_origin=0&ums2=0&redir=true&uid=2721268965583522060162&gdpr=0&gdpr_consent=&gpp_sid=&gpp= HTTP 302
https://eb2.3lift.com/sync?px=1&gdpr=0&axid=y-RtmEYBRE2uL9dX8oCIE9AVZfeRlhvFE_~A&ums2=1 HTTP 302
https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjcyMTI2ODk2NTU4MzUyMjA2MDE2Mg%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 129

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3i0bSC4Us4CNLOagYBPAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMBZmAQcJO3zm9gak82ogAc&google_cver=1

Request Chain 132

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 133

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://casale-match.dotomi.com/match/bounce/current?DotomiTest=165377791c2121a1&is_secure=true&networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMB99YKhL4UQNeGALBAAAAAAA&expiration=1682912337&is_secure=true

Request Chain 134

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=6c83439e-d517-4612-9960-cbdcac3931d0&gdpr=&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=6c83439e-d517-4612-9960-cbdcac3931d0&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=989ecf95-abe1-4a9c-a74c-f0f07c202d98&ssp=index&expires=30&user_group=5&bsw_param=6c83439e-d517-4612-9960-cbdcac3931d0 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=6c83439e-d517-4612-9960-cbdcac3931d0&gdpr=&gdpr_consent=&us_privacy=

Request Chain 135

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3661470049074716140

Request Chain 136

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=80a98190-5401-4876-982d-f0dcdd7b8480&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

Request Chain 137

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=0&redir2=true&gdpr=0&gdpr_consent=&uid=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB

Request Chain 177

https://ap.lijit.com/pixel?a=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?a=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GkK6aLZH85z68LNzQ26IXm57

Request Chain 178

https://match.sharethrough.com/fUD7hqXV/v2?_origin=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58280/sync?uid=55069bc4-1af1-4a19-8909-5c6c1bea5df7&_origin=0

Request Chain 179

https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--~A&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D HTTP 302
https://aol-match.dotomi.com/match/bounce/current?DotomiTest=1dc5ef719bd321a1&is_secure=true&networkId=60&version=1&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--%7EA&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D HTTP 302
https://ups.analytics.yahoo.com/ups/55853/sync?uid=AAAL8o5gQPAOhgMX_NHyAAAAAAA&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&expiration=1682912338&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--~A&gpp_sid=&gpp=&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 180

https://ssp-sync.criteo.com/user-sync/redirect?profile=73 HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=

Request Chain 181

https://i.ctnsnet.com/int/cm?exc=20&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&callback=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58309%2Fsync%3Fuid=%3CDSP_USER_ID%3E%26gdpr%3d0%26gdpr_consent%3d%26gpp_sid%3D%26gpp%3D%26_origin%3D0%26 HTTP 302
https://ups.analytics.yahoo.com/ups/58309/sync?uid=e187070e04414816855c52da65d17ed6&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&_origin=0&y=null&gdpr=0

Request Chain 182

https://ib.adnxs.com/getuid?https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55936%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26redir2%3Dtrue HTTP 302
https://ups.analytics.yahoo.com/ups/55936/sync?uid=3661470049074716140&_origin=0&redir2=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/3661470049074716140

Request Chain 183

https://trace.mediago.io/cs/verizon?gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://ups.analytics.yahoo.com/ups/58506/sync?uid=6a3fb85d6e857497dff66a15f28c90df&_origin=0&gdpr=0&gdpr_consent=

Request Chain 184

https://pixel.rubiconproject.com/exchange/sync.php?p=oath&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LH2V447V-S-L9GB&gdpr=0

Request Chain 185

https://rtb.gumgum.com/getuid/15563?gdpr=0&gdpr_consent=&gpp_sid=&gpp=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58601%2Fsync%3F_origin%3D0%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D%26uid%3D HTTP 302
https://ups.analytics.yahoo.com/ups/58601/sync?_origin=0&us_privacy=&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=u_6c549a63-ad12-4960-84bc-cfbd63514eee

Request Chain 186

https://sync.srv.stackadapt.com/sync?nid=216&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://ups.analytics.yahoo.com/ups/58557/sync?uid=bi9sRiiwWD1K7xIXMFDTrZU4mbk&_origin=0&gdpr=0&gdpr_consent=

Request Chain 187

https://ssp-sync.criteo.com/user-sync/redirect?profile=73&gdprapplies=0&gdpr=&gpp=&gpp_sid= HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26gdprapplies%3d0%26gdpr%3d%26gpp%3d%26gpp_sid%3d%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=

Request Chain 190

https://i.ctnsnet.com/int/cm?exc=20&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&callback=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58309%2Fsync%3Fuid=%3CDSP_USER_ID%3E%26gdpr%3d0%26gdpr_consent%3d%26gpp_sid%3D%26gpp%3D%26_origin%3D0%26 HTTP 302
https://ups.analytics.yahoo.com/ups/58309/sync?uid=c5b32b93e8304d9996df6b1e078c1dad&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&_origin=0&y=null&gdpr=0

Request Chain 191

https://ap.lijit.com/pixel?a=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?a=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GkK6aLZH85z68LNzQ26IXm57

Request Chain 192

https://trace.mediago.io/cs/verizon?gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://ups.analytics.yahoo.com/ups/58506/sync?uid=6a3fb85d6e857497dff66a15f28c90df&_origin=0&gdpr=0&gdpr_consent=

Request Chain 193

https://match.sharethrough.com/fUD7hqXV/v2?_origin=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58280/sync?uid=5f254645-f6aa-4ea4-9d61-fe832a461cca&_origin=0

Request Chain 194

https://ib.adnxs.com/getuid?https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55936%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26redir2%3Dtrue HTTP 302
https://ups.analytics.yahoo.com/ups/55936/sync?uid=3661470049074716140&_origin=0&redir2=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/3661470049074716140

Request Chain 195

https://ssp-sync.criteo.com/user-sync/redirect?profile=73 HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=

Request Chain 196

https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--~A&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D HTTP 302
https://aol-match.dotomi.com/match/bounce/current?DotomiTest=37ead98f0f4821dd&is_secure=true&networkId=60&version=1&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--%7EA&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D HTTP 302
https://ups.analytics.yahoo.com/ups/55853/sync?uid=AAAHZlT2VHVPggMJPZnHAAAAAAA&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&expiration=1682912338&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--~A&gpp_sid=&gpp=&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 197

https://rtb.gumgum.com/getuid/15563?gdpr=0&gdpr_consent=&gpp_sid=&gpp=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58601%2Fsync%3F_origin%3D0%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D%26uid%3D HTTP 302
https://ups.analytics.yahoo.com/ups/58601/sync?_origin=0&us_privacy=&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=u_6c549a63-ad12-4960-84bc-cfbd63514eee

Request Chain 198

https://sync.srv.stackadapt.com/sync?nid=216&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://ups.analytics.yahoo.com/ups/58557/sync?uid=bi9sRiiwWD1K7xIXMFDTrZU4mbk&_origin=0&gdpr=0&gdpr_consent=

Request Chain 199

https://pixel.rubiconproject.com/exchange/sync.php?p=oath&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LH2V44A7-21-H0JI&gdpr=0

Request Chain 200

https://ssp-sync.criteo.com/user-sync/redirect?profile=73&gdprapplies=0&gdpr=&gpp=&gpp_sid= HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26gdprapplies%3d0%26gdpr%3d%26gpp%3d%26gpp_sid%3d%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE5WKpMBA0X9rfZxmQml80E&google_cver=1

Request Chain 204

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40022b3b-2005-4517-8542-406606e8d366&expiration=1685417938&gdpr=0&gdpr_consent=

Request Chain 205

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3i0bSC4Us4CNLOagYBPAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1

Request Chain 206

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB

Request Chain 207

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2459948665330154167&gdpr=0&gdpr_consent=

Request Chain 208

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=a2f1bff0-5582-38c9-9ca97d26

Request Chain 209

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1698637138&external_user_id=ef8beab1-4cab-46bd-bb9d-d1c3ec1e139e

Request Chain 211

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40022b3b-2005-4517-8542-406606e8d366&expiration=1685417938&gdpr=0&gdpr_consent=

Request Chain 213

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3i0bSC4Us4CNLOagYBPAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE5WKpMBA0X9rfZxmQml80E&google_cver=1

Request Chain 215

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3526114908186870879

Request Chain 216

https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=6d4894ce-1dfc-4c68-a404-fd590bdf31f5

Request Chain 217

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3i0QAGellArAA9

Request Chain 218

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4233628459017124396&gdpr=0&gdpr_consent=

Request Chain 295

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEFKM5nbQz-EB9m2eBPa4vMc&google_cver=1

Request Chain 296

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=SWZLRkxGdmgydFk

Request Chain 297

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1

Request Chain 298

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE3i0bSC4Us4CNLOagYBPAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1

Request Chain 318

https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&gpp_sid=&gpp=&loc=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58255%2Fsync%3Fuid%3D%5BUID%5D%26_origin%3D0%26gdpr%3d0%26gdpr_consent%3d%26gpp_sid%3D%26gpp%3D HTTP 302
https://ups.analytics.yahoo.com/ups/58255/sync?uid=d8916908-fecc-4207-b68f-82b7928c26ed&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

Request Chain 319

https://ups.analytics.yahoo.com/ups/58319/sync?_origin=0&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58319/sync?_origin=0&uid=y-SujqHu9E2uFkihFOs0YdFcsIsmDZNDlP~A&redir2=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/y-SujqHu9E2uFkihFOs0YdFcsIsmDZNDlP~A

Request Chain 320

https://sync.1rx.io/usersync2/brxd?&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://sync.1rx.io/usersync2/brxd?zcc=1&cb=1682825939022 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=5705589493 HTTP 302
https://sync.1rx.io/usersync/turn/3526114908186870879?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-bcb915d6-5729-476f-8e2e-174a247c5d47-005?redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F56551%2Fsync%3Fuid%3DRX-bcb915d6-5729-476f-8e2e-174a247c5d47-005%26_origin%3D1 HTTP 302
https://ups.analytics.yahoo.com/ups/56551/sync?uid=RX-bcb915d6-5729-476f-8e2e-174a247c5d47-005&_origin=1

Request Chain 321

https://x.bidswitch.net/sync?ssp=rmx&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=rmx HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=rmx HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=64bec325-e584-4d6f-a910-b7ed225d480a&ssp=rmx HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=6c83439e-d517-4612-9960-cbdcac3931d0&_origin=0&gdpr=&gdpr_consent=

Request Chain 322

https://p.rfihub.com/cm?pub=37527&in=1&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58267%2Fsync%3Fuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D%26_origin%3D0 HTTP 302
https://ups.analytics.yahoo.com/ups/58267/sync?uid=1791377147153345054&_origin=0

Request Chain 323

https://ad.turn.com/r/cs?pid=18&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://ups.analytics.yahoo.com/ups/55939/sync?uid=3526114908186870879&_origin=0&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 325

https://pm.w55c.net/ping_match.gif?st=ONEMOBILE&gdpr=0&cs=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F56554%2Fsync%3Fuid%3D_wfivefivec_%26_origin%3D0&gdpr=0&gdpr_consent=%26gpp_sid%3D%26gpp%3D HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=ONEMOBILE&gdpr=0&cs=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F56554%2Fsync%3Fuid%3D_wfivefivec_%26_origin%3D0&gdpr=0&gdpr_consent=%26gpp_sid%3D%26gpp%3D

Request Chain 326

https://yhp.mxptint.net/sn.ashx HTTP 302
https://ups.analytics.yahoo.com/ups/56550/sync?uid=R35CA9_101EB2196_9A8B9AC0&_origin=1

Request Chain 327

https://ssc-cms.33across.com/ps/?ri=0010b00002EdWnZAAV&us_privacy=&&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&ru=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58183%2Fsync%3Fuid%3D33XUSERID33X%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D%26us_privacy%3D%24%7BUS_PRIVACY%7D HTTP 302
https://ups.analytics.yahoo.com/ups/58183/sync?uid=212120393663280&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&us_privacy=

Request Chain 328

https://sync.mathtag.com/sync/img?mt_exid=21&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55938%2Fsync%3Fuid%3D%5BMM_UUID%5D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D HTTP 302
https://ups.analytics.yahoo.com/ups/55938/sync?uid=75bc644d-e2d3-4700-8bfe-e5289ba777c1&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

Request Chain 329

https://beacon.lynx.cognitivlabs.com/yahoo.gif HTTP 302
https://ups.analytics.yahoo.com/ups/58561/sync?uid=9419444e-5826-484d-b4c3-15c35ec653ed&_origin=0

Request Chain 330

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3i0bSC4Us4CNLOagYBPAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1

Request Chain 331

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE5WKpMBA0X9rfZxmQml80E&google_cver=1

Request Chain 332

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40022b3b-2005-4517-8542-406606e8d366&expiration=1685417938&gdpr=0&gdpr_consent=

Request Chain 334

https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZE3i0bSC4Us4CNLOagYBPAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259299574469

Request Chain 335

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4233628459017124396&gdpr=0&gdpr_consent=

Request Chain 336

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3i0QAGellArAA9

Request Chain 359

https://ups.analytics.yahoo.com/ups/57630/sync?_origin=0&gdpr=0&gdpr_consent=&redir=true&gpp=&gpp_sid= HTTP 302
https://gu.dyntrk.com/adx/adptv/us.php?dynk=176a0l&gdpr=0&adexuid=y-W1EoY0BE2uj7san21FDIfnQsSS4NUpA-~A

Request Chain 360

https://bttrack.com/pixel/cookiesync?source=833de4fa-20e8-4216-9db8-82268d53cb15&secure=1&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://ups.analytics.yahoo.com/ups/58373/sync?uid=6d4894ce-1dfc-4c68-a404-fd590bdf31f5&_origin=1

Request Chain 361

https://ums.acuityplatform.com/tum?umid=24&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58335%2Fsync%3Fuid%3D___AUID___%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D HTTP 302
https://ups.analytics.yahoo.com/ups/58335/sync?uid=773720596559&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

Request Chain 362

https://match.prod.bidr.io/cookie-sync/at&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 303
https://match.prod.bidr.io/cookie-sync/at&gdpr=0&gdpr_consent=&gpp=&gpp_sid=?_bee_ppp=1

Request Chain 363

https://rtb.mfadsrvr.com/sync?ssp=vmx&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58275%2Fsync%3Fuid%3D%7B%24UID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D%26redir%3Dtrue HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=vmx&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58275%2Fsync%3Fuid%3D%7B%24UID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D%26redir%3Dtrue HTTP 302
https://ups.analytics.yahoo.com/ups/58275/sync?uid=1e2cfdbe-8719-420a-89dd-39e2b1db231d&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=true HTTP 302
https://rtb.mfadsrvr.com/sync?mf_uid=1e2cfdbe-8719-420a-89dd-39e2b1db231d&gdpr=0 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=1e2cfdbe-8719-420a-89dd-39e2b1db231d&cs=3&redirect=https://rtb-use.mfadsrvr.com/sync

Request Chain 365

https://gocm.c.appier.net/verizonmedia?_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://ups.analytics.yahoo.com/ups/58172/sync?uid=FX3EiqH4CEaxQwKq1OJNZA&_origin=0&gdpr=0&gdpr_consent=

Request Chain 366

https://sync.aralego.com/idsync?&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58405%2Fsync%3Fuid%3DUCFUID%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D HTTP 302
https://ups.analytics.yahoo.com/ups/58405/sync?uid=a1772a10-494b-3d37-a75f-04a78e71d2e7&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

Request Chain 367

https://sync-eu.connectad.io/syncer/1?bidder=yahoo&dataid=data18&uuid=y-7vReeGZE2uPX4NlblsX_x75sZLrLIA--~A HTTP 302
https://sync.connectad.io/umatch/1?bidder=yahoo&dataid=data18&uuid=y-7vReeGZE2uPX4NlblsX_x75sZLrLIA--~A

Request Chain 369

https://ups.analytics.yahoo.com/ups/58242/sync?_origin=0&gdpr=0&gdpr_consent=&redir=true&gpp=&gpp_sid= HTTP 302
https://exchange.mediavine.com/usersync/push?partner=verizon&partnerId=y-ADS8aJxE2uFkfHxYEoLITdEmvkftobgF~A&gdpr_in_effect=0

Request Chain 370

https://ups.analytics.yahoo.com/ups/58245/sync?_origin=0&gdpr=0&gdpr_consent=&redir=true&gpp=&gpp_sid= HTTP 302
https://gu.dyntrk.com/adx/adptv/us.php?dynk=176a0l&gdpr=0&adexuid=y-0LxA4QNE2uHym.AjTVNi3annxqAiGVzS~A

Request Chain 394

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIF80I68BEdciMSmcn5auU4&google_cver=1&google_push=ATf1kGOZ0q844ay0zn0WFGtKEOP616Hx6pQUEwEjnowVn4qgYkm4x6Of9rR0FbGBTe1h0rT3aQEoVWPmNftYka_sxHEJlhsS6Iw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzUyNjExNDkwODE4Njg3MDg3OQ==&gdpr=0&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEIF80I68BEdciMSmcn5auU4&google_cver=1

Request Chain 396

https://cs.media.net/cksync?type=g&google_gid=CAESELr9S2L34saTGqA00pFVIeY&google_cver=1&google_push=ATf1kGMjA8WCVFt391O1vKecf9Gzcl37C2IzclF28d2En0y5ERQ6nNo_CefFEdbfRdRbEJsTpxQecB5SrErLkaJZmbw5kfcUJ8Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1ODI3NTM3MTQ1NTMzMjAwMFYxMA%3d%3d&mn_hm=MzI1ODI3NTM3MTQ1NTMzMjAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGMjA8WCVFt391O1vKecf9Gzcl37C2IzclF28d2En0y5ERQ6nNo_CefFEdbfRdRbEJsTpxQecB5SrErLkaJZmbw5kfcUJ8Y&gdpr=&gdpr_consent=

Request Chain 397

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESELN3HG_GZnYFna3mBhO4eAw&google_cver=1&google_push=ATf1kGMHAlUO66K8-newAWaPnLDAxiR_c0yUNdRYaTc8zqElRpWRoHUr7M2Xdgq1HMCoVMGCm5zI94ZSDdF6ixwqLFpq0qb5yPjd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=Hiz9vocZQgqJ3TnisdsjHQ==&no_redirect=1&google_push=ATf1kGMHAlUO66K8-newAWaPnLDAxiR_c0yUNdRYaTc8zqElRpWRoHUr7M2Xdgq1HMCoVMGCm5zI94ZSDdF6ixwqLFpq0qb5yPjd

Request Chain 398

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEPxXnWjpWZ2NGyImX3M_-e4&google_cver=1&google_push=ATf1kGMcTMymA0SMTRvqGk17XDlnv7FldmpT2PPXX-XH8LCybEKmbk-Yx6diXElvFZqVWiVcINY0fv_bGUvlfMCf08sM9dUv8t0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NWYyNTQ2NDUtZjZhYS00ZWE0LTlkNjEtZmU4MzJhNDYxY2Nh&google_push=ATf1kGMcTMymA0SMTRvqGk17XDlnv7FldmpT2PPXX-XH8LCybEKmbk-Yx6diXElvFZqVWiVcINY0fv_bGUvlfMCf08sM9dUv8t0

Request Chain 399

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEOo4VYjvSkVwPmw_CDCHV2A&google_cver=1&google_push=ATf1kGNnuF5Ppj_LlYbxC7L-a0GshznUakkYLPp8mZzUyVNDNzdE4j8UVX7DrymcZ66QV_mUAvIIRh8EAJpZ-ekP8EIuiibe8HCY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=TkQZlCZYTUi0wxXDXsZT7Q&google_push=ATf1kGNnuF5Ppj_LlYbxC7L-a0GshznUakkYLPp8mZzUyVNDNzdE4j8UVX7DrymcZ66QV_mUAvIIRh8EAJpZ-ekP8EIuiibe8HCY

Request Chain 400

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEK8FRWip6crItE3uZz3Cbiw&google_cver=1&google_push=ATf1kGPiF9MQRK_p4c5qWnEaTdp0Yi9fj_1pfZlJ-oPzzay39W_Ls87ECiVMikwnDaSblfd9X5zKsJGReCn2K5CLn8ollX8oiZs7 HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEK8FRWip6crItE3uZz3Cbiw&google_push=ATf1kGPiF9MQRK_p4c5qWnEaTdp0Yi9fj_1pfZlJ-oPzzay39W_Ls87ECiVMikwnDaSblfd9X5zKsJGReCn2K5CLn8ollX8oiZs7&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGPiF9MQRK_p4c5qWnEaTdp0Yi9fj_1pfZlJ-oPzzay39W_Ls87ECiVMikwnDaSblfd9X5zKsJGReCn2K5CLn8ollX8oiZs7&google_hm=bEp2SVN1Q0t2cFA0Qi01dlI5WjY=

417 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mike-pompeo-says-russia-pretty-102330062.html Show response
news.yahoo.com/ 626 KB
138 KB 482ms
294ms Document
text/html 2001:4998:124:1507::a000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:124:1507::a000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

9c12a0f5e43b5549f5875720d6d71f2f38ea6827f913352435c0baabd2dc2043

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.builtbygirls.com https://.rivals.com https://.engadget.com https://.intheknow.com https://.autoblog.com https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.pnr.ouryahoo.com https://pnr.ouryahoo.com https://.search.aol.com https://.search.huffpost.com https://.onesearch.com https://.verizonmedia.com https://.publishing.oath.com https://.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=74hs03li4romf&partner=;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 0
cache-control: max-age=0, private
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://*.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=74hs03li4romf&partner=;
content-type: text/html; charset=utf-8
date: Sun, 30 Apr 2023 03:38:55 GMT
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
expires: -1
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 256
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 08849df3c4888282d606760c07a83e67
s.yimg.com/ny/api/res/1.2/yv8VP6juRz3kEHGt2SO3dw--/YXBwaWQ9aGlnaGxhbmRlcjt3PTk2MDtoPTQ4MDtjZj13ZWJw/https://media.zenfs.com/en/business_insider_articles_888/ 45 KB
46 KB 178ms
94ms Image
image/webp 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ny/api/res/1.2/yv8VP6juRz3kEHGt2SO3dw--/YXBwaWQ9aGlnaGxhbmRlcjt3PTk2MDtoPTQ4MDtjZj13ZWJw/https://media.zenfs.com/en/business_insider_articles_888/08849df3c4888282d606760c07a83e67

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e223bf9c3698a5a981448a1f76015dd99b792333574a5c82ac5637eab64b7755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

age: 1746691
cld_latency: 840
edge-cache-tag: 240362061949539667355345871549751348661,247606947878247010953304974950495792923,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: MISS
status: 200 OK
cld_id: 41587f1cdd523a4765bc0a4a99b574c4
content-disposition: inline; filename="08849df3c4888282d606760c07a83e67.webp"
cld_by: cache-iad-kjyo7100116-IAD
x-served-by: cache-iad-kjyo7100116-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1681079248.730985,VS0,VE840
etag: "841be185d17184f3e0d2e5bc05024c4d"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 0
date: Sun, 09 Apr 2023 22:27:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: MISS
cache-tag: 240362061949539667355345871549751348661,247606947878247010953304974950495792923,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 0
content-length: 46244
x-xss-protection: 1; mode=block
x-request-id: 41587f1cdd523a4765bc0a4a99b574c4
last-modified: Wed, 10 Nov 2021 20:35:26 GMT
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 YahooSans-VF-Web.woff2
s.yimg.com/cv/apiv2/ngy-fonts/ 64 KB
64 KB 115ms
32ms Font
font/woff2 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/apiv2/ngy-fonts/YahooSans-VF-Web.woff2

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

c77ac0aa1aa3c9715cacb1fc76feaf226e30927a9636e5c75c4dfeb75c0f8f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Origin: https://news.yahoo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:31:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 6ET9QXPVD1HM5WZ7
age: 223673
x-amz-server-side-encryption: AES256
content-length: 65176
x-amz-id-2: a5TWXksieiaLpEQLnbYjYg6LNqLi3vaKVbnABUq22SPsruJpBcXiq9uSdVmIM3ELLlaDI+VbXEY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 20:20:29 GMT
server: ATS
etag: "b4df4fce99e5a3c3d1493112a0159071"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 YahooSansCond-XBold.woff2
s.yimg.com/cv/apiv2/fonts/2019/ 12 KB
12 KB 172ms
89ms Font
font/woff2 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/apiv2/fonts/2019/YahooSansCond-XBold.woff2

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

a20c6fca1545a35f9ecd601cc41f9df7b24f55cfced32d55abe50b46b5842a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Origin: https://news.yahoo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 13:24:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: XSDYJY8K7C90PZ3Q
age: 137669
x-amz-server-side-encryption: AES256
content-length: 12064
x-amz-id-2: 1TDzScP21Q7SFwfzIt83+nDc8AVCl8AOMOwQtF0ynEc2gZG3y2BKnyZIFkvCby9i8vx1pcGtWHI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Sep 2019 19:59:06 GMT
server: ATS
etag: "6f15483a73d1b9823661757777f54b18"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 fusion.atomic.66599eac15d1d53600a4fb41623055c3.css
s.yimg.com/aaq/fp/css/ 68 KB
17 KB 121ms
38ms Stylesheet
text/css 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/fp/css/fusion.atomic.66599eac15d1d53600a4fb41623055c3.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

7b22071189de718241cd8721bc2bf8c44404413cfde11e7f2f2e37cc37bde29b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:38:57 GMT
x-amz-version-id: AMJmUuv_qxHKCQfu7fSrbfzqpYKyH9JC
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: MKGH74AHMJTHF75Y
age: 129600
x-amz-server-side-encryption: AES256
x-amz-id-2: UmUfzr4D34RVlDfoPlyLqKxBdc5G1xy2QbIJeR1ETanMdrtraqyL4QO4LfJmBneZjqzKdA/RMKI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 28 Apr 2023 15:33:46 GMT
server: ATS
etag: "eb9e9cc74801172d58eabe6dadc4c16f-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 bundle.c60a6d54.css
s.yimg.com/os/yc/css/ 4 KB
2 KB 123ms
40ms Stylesheet
text/css 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/os/yc/css/bundle.c60a6d54.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

dfdfd45ff45df936750142130afa1fd5781410a300088470c0b54849e96cac44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 03:05:52 GMT
x-amz-version-id: null
x-amz-meta-created-date: Fri, 08 May 2015 18:48:38 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: V78YZE2P6ZJJTJBT
age: 779585
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1431110918287840
x-amz-id-2: tdIyEOBrOu719woOvwNYGafBLXi13fzE+3o6FAgN5hPM1km7fV/Uwp6EcVImJoooKi+ZRYvhTzE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 May 2018 13:04:59 GMT
server: ATS
etag: "48d7308e4275c0f4f18a9587768f0468-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=536112000
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:cc52c012-7919-4abd-845e-ac81abcd11740005159679eb31e0"
x-amz-meta-x-ysws-access: public
expires: Sat, 12 May 2035 13:04:58 GMT

GET
H2 200 yahoosans.4e1e076763861e0d17cdc2af84ef1ef4.css
s.yimg.com/aaq/art/css/ 4 KB
857 B 123ms
41ms Stylesheet
text/css 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/art/css/yahoosans.4e1e076763861e0d17cdc2af84ef1ef4.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

70fb8185879b0160270914f5c8568362fddbef1cedb214629ea234bc741de22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:40:23 GMT
x-amz-version-id: w0VUSAkHQpkT3ytjnPTRk2BmIdQN3rWE
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: TWE6BN06T39XPX0Y
age: 3514
x-amz-server-side-encryption: AES256
content-length: 596
x-amz-id-2: gbVC7vgwA3IPeEpfvGptq7ZeSYt1duRvMQ6pHNPFWKr2z26iQZfbGAPq6vQfj75IhOAjgAwC1q8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Dec 2022 21:21:31 GMT
server: ATS
etag: "4e1e076763861e0d17cdc2af84ef1ef4-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 desktopweb.3c7de028b0f0106d7cb1cbbf6d0b070e.css
s.yimg.com/aaq/art/css/ 7 KB
2 KB 159ms
77ms Stylesheet
text/css 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/art/css/desktopweb.3c7de028b0f0106d7cb1cbbf6d0b070e.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

ee3277c67fcd77e87883217cb34429c950d3680a555847a54b04fa9987796abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:29:24 GMT
x-amz-version-id: p4LfNwei7gmJkufQVD6DnBxWmGiWctrT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: QQY99JPH2XB5NT1T
age: 7773
x-amz-server-side-encryption: AES256
x-amz-id-2: 4JVnUf7ryA6YRDvYPldNJ6Z4IaMCVfNNOKG3gkZ8/KmR02P6oNLkaSKKS+D9swLpCEyurhvAD+7JAqsSRF/wGaZZosbKJs/zaD4v7zBKr9A=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Apr 2023 02:10:39 GMT
server: ATS
etag: "3c7de028b0f0106d7cb1cbbf6d0b070e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 colors_1.1.27.min.css
s.yimg.com/aaq/cprops/ 6 KB
1 KB 122ms
40ms Stylesheet
text/css 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/cprops/colors_1.1.27.min.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

c4785a51adadef034b8274f06cd3ba259f313f67269f1c8f06bb9ce88ae9137a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:37:41 GMT
x-amz-version-id: NXuB5LUlzqQuAXf127xyo2NVNfa.SWqk
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 5JKRCXV5WCA7G7EJ
age: 3676
x-amz-server-side-encryption: AES256
content-length: 1180
x-amz-id-2: BxzWK/cZF1uVfjpVZlO5Cau4ibSbODc3VJ/LbRIG5l+SiY3avfjSyPsLx4xR8jRfe3+mzVlAVwA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Jan 2023 00:56:08 GMT
server: ATS
etag: "14b81b9d43cc8eb81ae45eebbaae258c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 tdv2-wafer-content-list.custom.45f01f005c629741cf7c510f94504957.css
s.yimg.com/aaq/nel/css/ 1 KB
865 B 159ms
77ms Stylesheet
text/css 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/nel/css/tdv2-wafer-content-list.custom.45f01f005c629741cf7c510f94504957.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

67abefd44cdbe95de18cacac973e61226611e6c1bf7c76ca9cd2f7289afc8332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:37:39 GMT
x-amz-version-id: 3nD8ubhr7d7iBX6Y3PvaNHIToSxvlD3K
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: D932PAPYN2RHKW8Q
age: 3678
x-amz-server-side-encryption: AES256
content-length: 598
x-amz-id-2: 726nE2sVrUXRai/qBgrebyOTgRYewvhPryfe3Dda4DZg6OPaAZbSBdqkSWuPy7OK7Y+xCurP58U=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 May 2020 20:44:35 GMT
server: ATS
etag: "45f01f005c629741cf7c510f94504957-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public,max-age=315360000
accept-ranges: bytes

GET
H2 200 tdv2-wafer-header.ybar.desktop.a5ef55315256ad2c3ff918a06f48f42e.css
s.yimg.com/aaq/nel/css/ 175 B
458 B 120ms
38ms Stylesheet
text/css 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/nel/css/tdv2-wafer-header.ybar.desktop.a5ef55315256ad2c3ff918a06f48f42e.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

3016ee9e02f913a7cac4c4fdc28c5552afea273ee310d94f7520eb47d50669f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:54:06 GMT
x-amz-version-id: 21GH_PLIjg2WlBSxqBoCQ_thkST_rwNI
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: AC191H3KN37GMTT2
age: 9891
x-amz-server-side-encryption: AES256
content-length: 175
x-amz-id-2: kaUbioS0h0CVMKyKo7XTfrXCHlNM9ylyKQPQJg9VTx4iO9kDZmYssQDcgZMVGPtXBQLBgHZSgxI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 04 Mar 2020 21:07:44 GMT
server: ATS
etag: "a5ef55315256ad2c3ff918a06f48f42e"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: text/css
cache-control: public,max-age=315360000
accept-ranges: bytes

GET
H2 200 caas.e5bb7e0f0679c8c94c82400455034813.js Show response
s.yimg.com/aaq/art/js/ 42 KB
17 KB 101ms
96ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/art/js/caas.e5bb7e0f0679c8c94c82400455034813.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

d03240e9a7629acac1af9d46705a92e74f06e0bbf1cdca1562078e2df4413373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 23:20:28 GMT
x-amz-version-id: xwL.qFBmtTGflkYRHQK1yTdxwrcadBOO
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: BNX8XX738EFFGKEX
age: 274709
x-amz-server-side-encryption: AES256
x-amz-id-2: 3EkCz4MZZAgyhlKCqm9QIoqjdbQgty81dgWxJ5D01MKHzoFFl+7UO+sldm366ns+Z/CKeaXFZ8lXmaMcNnQP9w==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 21 Apr 2023 21:54:43 GMT
server: ATS
etag: "e5bb7e0f0679c8c94c82400455034813-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 g-r-min.js Show response
s.yimg.com/rq/darla/4-11-1/js/ 204 KB
86 KB 81ms
75ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-11-1/js/g-r-min.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e0ceb2e4e42a000a3b3043f738a1d7f18849a5b75303fda5c69894ada12072e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: EXWW9E31V379N9JG
age: 1157
x-amz-server-side-encryption: AES256
x-amz-id-2: eB2tktfhJH9eGzbGYo1HcRO66JUb12ZO7hCRWQmw7MxktxYrn2QVXKJhwkWYclElFNjQfJwu6gA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Mar 2023 17:14:00 GMT
server: ATS
etag: "26ce53090b1ba4ee871990565805e0ca-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-loader-2.6.46-modern.js Show response
s.yimg.com/aaq/wf/ 12 KB
3 KB 101ms
96ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-loader-2.6.46-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

bf9332c85ec85bf162ddf66c789323041d7a3855e04ed72c42e526dedcdf8d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:33:02 GMT
x-amz-version-id: dXg6DIvAEoJBMaLqFrCTU5GUO_I2GCw0
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 6KJQPR6V25KP3V7G
age: 18355
x-amz-server-side-encryption: AES256
x-amz-id-2: Byz1lbVyzSHzA19bygUlqMYvaXAKKOmmOsEa4N2cPL1Ju6WKvjFFg5xoA57WbNouKM/2E/c3UnIr0S5MOGK6fS/OlTkl59CMrEB0ALvqtIg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 Apr 2023 13:38:28 GMT
server: ATS
etag: "508cdcea5e746319d1fb2d6e53da8869-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 clusterSda.edb664bdce8c5d1a36615a9527c97d8d.js Show response
s.yimg.com/aaq/art/js/ 4 KB
2 KB 81ms
76ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/art/js/clusterSda.edb664bdce8c5d1a36615a9527c97d8d.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

efd0e6c92ed6b19cf78d24bc1ef1ca5232b7fd487fc14e861a9e47b2a7964f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 12:39:47 GMT
x-amz-version-id: h49WmLORdlP6SVLaWFtAdD2PhPZDOssA
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 7ZCHKQZHCTKNZ3TF
age: 1090750
x-amz-server-side-encryption: AES256
content-length: 1888
x-amz-id-2: R4suDVGTGBq5GWqTmkVBbqE3fmiLDJKBlo9Dq/g1q+xC0K0vr8GiV6YXJaCsLjpGS/TkckGXsZA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 27 Mar 2023 15:02:58 GMT
server: ATS
etag: "edb664bdce8c5d1a36615a9527c97d8d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 clusterComments.f1509781eeb8feb1c377e330ff0029ae.js Show response
s.yimg.com/aaq/art/js/ 5 KB
2 KB 102ms
97ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/art/js/clusterComments.f1509781eeb8feb1c377e330ff0029ae.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

23b4fba1d486527be1369daa2d9350d67d132c30768534592aaca65b62671056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 21:49:27 GMT
x-amz-version-id: PB47.eiIxvmXqSORjCU_r6cWe9vCEt71
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: N8THVREJKWQHEKNY
age: 1230570
x-amz-server-side-encryption: AES256
x-amz-id-2: CP+mx0z1gIr6kheZADp5r8yi/oNZCQn00Rx6aBYspYbkzbQEGRsAIsqCvTyF4d3fOuFrL+TSxY8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Mar 2023 01:28:02 GMT
server: ATS
etag: "f1509781eeb8feb1c377e330ff0029ae-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 rapid-3.53.38.js Show response
s.yimg.com/ss/ 50 KB
18 KB 175ms
94ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ss/rapid-3.53.38.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

1236e3d07c5be99605a2ce51cf62277390130d7e1666e31757c7182173c31f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:19:41 GMT
x-amz-version-id: KmTm9VD7TIhhmyhjuol1GLEcLGSKZuTd
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: SR9B362EASEZB3DB
age: 1156
x-amz-server-side-encryption: AES256
x-amz-id-2: Wa4DcV4W57SzR0vcWBEGkW99trK/uzD+7cTcP6E/dVGbsxUHdtW4c3yA5Zy6tTFZJ50MYayOvrs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 May 2022 17:12:37 GMT
server: ATS
etag: "b3e320952536a9e017d8fde91f2c4968-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 cmp.js Show response
s.yimg.com/aaq/cmp/version/6.3.0/ 64 KB
16 KB 102ms
97ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/cmp/version/6.3.0/cmp.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

f204ab420a5067e50cf449c161ca633301e47849248e691863bae78110990e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:19:40 GMT
x-amz-version-id: fVlZ39qsS10DAoB9vEpPm6cWbI7Yzh6w
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: EXWTY4WT2XQ37BA5
age: 1157
x-amz-server-side-encryption: AES256
x-amz-id-2: 1sQ4O/uApXzPgQeqs6QIvz2VOXEO9P2LvGWGtaDTo2qiPEFfROgsrlVAJgOjXruYRJ/05uRc0tI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Jan 2023 18:41:28 GMT
server: ATS
etag: "1af12646365ddec0b776a24ce4021831-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 cs_1.4.0.js Show response
s.yimg.com/aaq/vzm/ 1 KB
1 KB 101ms
96ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/vzm/cs_1.4.0.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

d636b7c6e03c525b4bb0030d0a9d2908fb6e1e51bfbfc0ea0b25fb7b8da50321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:32:20 GMT
x-amz-version-id: keggPnANeKC3_kesnf_1vFnbW4QQveNG
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: PE6YV317WSEZGGN9
age: 397
x-amz-server-side-encryption: AES256
content-length: 745
x-amz-id-2: RWcROtj9dNXrTSRFo39jKUUy21SspMMdAZcDX4VYlTBuHQhaXNgke5B1fugFI/9GQrpMI9UmFYM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Apr 2022 15:31:39 GMT
server: ATS
etag: "dace955a28a76b79d3c9496eeaf4dd33-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 tdv2-wafer-utils.19c76fb8.js Show response
s.yimg.com/aaq/nel/jsc/ 3 KB
2 KB 66ms
61ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/nel/jsc/tdv2-wafer-utils.19c76fb8.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

30797f2f9f4f25064a692331c35f0216ef5225c11627cd1393847db1e8cff8ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 15:40:25 GMT
x-amz-version-id: 9qfIkSKLPOCh1Tr599Fv20Rt.5tsVtHX
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 04ET64JVXQFECTP4
age: 1425512
x-amz-server-side-encryption: AES256
content-length: 1510
x-amz-id-2: +YLVCeuhwMumserEZpRW27yHlqS7sOImr1WXeBk0ycu3JjsJEL0Eo9OpJRjk5oklYO/t4tHPHzdaKjltSyPDCg==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Nov 2020 09:06:17 GMT
server: ATS
etag: "19c76fb888c61a6885bf5b6129475036-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=315360000
accept-ranges: bytes

GET
H2 200 consent.js Show response
s.yimg.com/oa/ 55 KB
17 KB 103ms
98ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/oa/consent.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

eecb0b90bcee2cac869bedd4bb571b03804f297f60da86ed231fbb4a10d24d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: DKEW0SZQ5T7VR4JY
age: 98
x-amz-server-side-encryption: AES256
x-amz-id-2: t70b2ELcWSqynW85hlEL9/bO4/NdTzXOyWiEWmfI5mdwHRWbNtR7oL0KtQ0KpRKYxx92E2WITd0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Apr 2023 15:56:56 GMT
server: ATS
etag: "1cf83c8beaed1939f5161742353cd821-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes

GET
H2 200 wf-module-2.0.0-modern.js Show response
s.yimg.com/aaq/wf/ 4 KB
2 KB 101ms
96ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-module-2.0.0-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

2c72ed315af753049b1bc9c5db3bd11fac613fc4e8f4f038de3feaa3c02cf3cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 19:30:35 GMT
x-amz-version-id: L8eCtS9RioTrxDCx_sYtaCF5zDE4LHdZ
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: JTD0CF7RB8M17R5R
age: 288502
x-amz-server-side-encryption: AES256
content-length: 1522
x-amz-id-2: K8y5PKlL2gHUYMdDTgpbt6nkP5Y73GQeaQ9iVQti5LrGOIvRAT0fF9XhVbLwZWvcVKBKN3R+Vb0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Feb 2023 07:47:03 GMT
server: ATS
etag: "3b731541b2d25a1ede256b475ae5e5c1-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 spotIm.custom.SpotIMJAC.seamless.ffd6ccdc4898d5f3976b684bef297dbc.js Show response
s.yimg.com/aaq/nel/js/ 30 KB
10 KB 78ms
73ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/nel/js/spotIm.custom.SpotIMJAC.seamless.ffd6ccdc4898d5f3976b684bef297dbc.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

2d9af526331f106b807db1f24562e9f11360cb98588e10efbf45f1d65e8849dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 21:15:08 GMT
x-amz-version-id: w.BynhP8Op8DU3c8wKtua6oCueCu926A
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 3TYDF7BSTKP9NWJD
age: 368629
x-amz-server-side-encryption: AES256
x-amz-id-2: AzsNBChccV5UGwFfee9vlGPx/vBe2GMt+JiVPC3cXOmQblMYdezcxnygxPh1Ldx+Yn0m3My68mEPthxwRqifepgGmHeFcFt22dLs39nozIE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Apr 2023 20:11:26 GMT
server: ATS
etag: "ffd6ccdc4898d5f3976b684bef297dbc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-fetch-1.18.12-modern.js Show response
s.yimg.com/aaq/wf/ 16 KB
6 KB 104ms
99ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-fetch-1.18.12-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

80caff7ea1a351042f53cfc50dae5f1b5ef8dc8f0f9fb48b9f553da33d9a2c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:37:00 GMT
x-amz-version-id: ZX2.XllOx4Y9lE8W86upDfNGHcra3sh9
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: MBN3CW5K8YMXSEAF
age: 7317
x-amz-server-side-encryption: AES256
x-amz-id-2: Sk11J5aRDVXCy0Ta1jEbDxGYTG7VmD7eQG+dUQMlpMSZMfhM9nJaEve2LG6SMWuMGE2LwkaraLo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Mar 2023 16:54:43 GMT
server: ATS
etag: "c63a778fcfea7839bedd6e44cf14a517-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-beacon-1.3.4-modern.js Show response
s.yimg.com/aaq/wf/ 10 KB
3 KB 102ms
97ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-beacon-1.3.4-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

acf529f550f2fdaad913c10e6972344e43e07eae8d5aa57b96fa30ed7c07acc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:37:00 GMT
x-amz-version-id: tENZ6Ri2vrrjg96D4AX.qx653XeJQH2M
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: MBNA7AF5CB7P8NSS
age: 7317
x-amz-server-side-encryption: AES256
x-amz-id-2: zKUBaoEQ7vGAWKGSe8og863X72J4IUyT5BNK6IFA7PqSSgnXNQu3gRylzcugB9mrCJN0SBuvAXs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Feb 2023 05:31:36 GMT
server: ATS
etag: "397b59e3eeca4f747ea1f6ff6323154c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-scrollview-2.18.9-modern.js Show response
s.yimg.com/aaq/wf/ 32 KB
9 KB 103ms
99ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-scrollview-2.18.9-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

a00285e0840262f6a65eef9f1b4106b5cc72c6ef5f2003db34ed05d1e4bb89da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:59:37 GMT
x-amz-version-id: BGIY5gRB_TKl.BPvoWth1uZV0i.CNltz
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: DVF41BCBJPQ0E5AG
age: 5960
x-amz-server-side-encryption: AES256
x-amz-id-2: qyM6pfemPSLRg/DuTfTiGvpGJSc3g3wpZF8pm2yl8yVCqfEHrTGx+ppCsCsP/rZRgYL+PaFPnks=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 07 Apr 2023 16:51:33 GMT
server: ATS
etag: "bac14e68892fe0c3d43ab7df840b85ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-lightbox-1.10.6-modern.js Show response
s.yimg.com/aaq/wf/ 14 KB
5 KB 103ms
99ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-lightbox-1.10.6-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

ed22526f9adcdd172c698e0dfc9fa3ee064a96a27bed3335931c4b2bddf4eee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:37:00 GMT
x-amz-version-id: K.68hs0p5c2EOJjfXuKP9dx0XBa4hSTK
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: MBN5TYZ24785H7Y8
age: 7317
x-amz-server-side-encryption: AES256
x-amz-id-2: TzovIZxwzWbAQ0HHMDlUz/ZKn2+IyGxD7eEDDotxtqAKY1bq4hDxLlJf++qKzleXeCqbBmIMWrt+xL9QKDnDxw==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Mar 2023 01:43:59 GMT
server: ATS
etag: "69831b2f7b26bc6dd6321c8dcde85968-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-countdown-1.2.5-modern.js Show response
s.yimg.com/aaq/wf/ 4 KB
2 KB 78ms
74ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-countdown-1.2.5-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

ef70829b2e58afc016c35ce9a83e2bb60ad24d6341491686ee168ee71c40123f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:37:00 GMT
x-amz-version-id: CQ1lP8549yVnp28g4QLu9GcN8rB3ImgO
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: MBNCWDV72DAC1DSR
age: 7317
x-amz-server-side-encryption: AES256
content-length: 1815
x-amz-id-2: y+32ayoz1055KrQoObj1CdlyIFujkbEAO3VUfMbxNXmzl2ZKQw0jTf1j5rZjWJBSyLX7cNGQIS8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 13 Sep 2020 18:50:05 GMT
server: ATS
etag: "681d57e9e7cbef5de44544c13f8ca62e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=315360000
accept-ranges: bytes

GET
H2 200 wf-toggle-1.15.4-modern.js Show response
s.yimg.com/aaq/wf/ 12 KB
4 KB 104ms
100ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-toggle-1.15.4-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

4f06d94cb6038f42f5c8d59d369ab21c3c54643a544b0824582cb00ebb61dfb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:12:17 GMT
x-amz-version-id: HE26GDjTNsmXBUPJeKnrarkIBLKe8tee
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: YJC59A85CTYHKDXW
age: 12400
x-amz-server-side-encryption: AES256
x-amz-id-2: lX21RcbC0ubu9pwq71HMLNP0cBpcVzHl/fHCF8oP3OAnVMbhjtV1PicJQz0U2tTvqZBnsF4SkOmWqx23DZpE6QSWrARmpyKLiWtT7/dC2Yo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Apr 2022 09:12:23 GMT
server: ATS
etag: "9ec69a2055c595f415eade096a476b0d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-video-2.21.6-modern.js Show response
s.yimg.com/aaq/wf/ 30 KB
9 KB 102ms
98ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-video-2.21.6-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

06c8bc9e8dea04f8b385f7ef33e22282d71f6ae1bb3ee5803bf7dc53ccc34856

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:19:46 GMT
x-amz-version-id: 1VYYlQmnqhfUN6lH.GHK697i9bxUDVGO
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: XDAG51J1PS20177J
age: 11951
x-amz-server-side-encryption: AES256
x-amz-id-2: hVHPCiD1+Qtbeebhc9JEJzvVJ6l3hQ3+5b4J8VfE6+5RUj4U2aL9WlxPilCxuMJfPuZD0rUg5Mk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 21 Apr 2023 19:26:15 GMT
server: ATS
etag: "959d131a6facc86005e48f2f880e4c74-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-form-1.33.1-modern.js Show response
s.yimg.com/aaq/wf/ 13 KB
5 KB 102ms
98ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-form-1.33.1-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

dc1d6b8335aee792ba07bf35586a7e51d1663e119195d483d9b58b05d46ff87b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:54:32 GMT
x-amz-version-id: O7KeeP48InNZUOh4PBm7ZTvv5cpfaer_
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: ARD19MQFXKDQ0HFE
age: 2665
x-amz-server-side-encryption: AES256
x-amz-id-2: wysh/K9KG6qfrFdJ4qdsfjBVwruJ8lTtgWPvelXUZ1Up5yyU/oK9ydFq9Xpu/VDmwBOaBRg0BK4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Mar 2023 05:12:10 GMT
server: ATS
etag: "9747849255a3e29c5a665e14390d34da-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-caas-1.31.7-modern.js Show response
s.yimg.com/aaq/wf/ 25 KB
8 KB 103ms
100ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-caas-1.31.7-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

ae1f17d729b3eb39dff453df880f5b525173fdc21d1d9ed0113fd974fdfc874c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:59:37 GMT
x-amz-version-id: RN7qjaixJOV48V9aFo3Nz8H1gbznPbkR
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: DVFABWRYG39142F3
age: 5960
x-amz-server-side-encryption: AES256
x-amz-id-2: +Wsoomq77oIlOSFYO5qQkNcfwAVSJXyHzr2ToS+8eLmMk2sn4QsttpZQqcezRd/wAB2cK9m4Wh8wMhWxNsvEpA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 Apr 2023 13:38:28 GMT
server: ATS
etag: "3a5fd9ce1f973595cc5e166a7ce44951-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-darla-1.9.4-modern.js Show response
s.yimg.com/aaq/wf/ 12 KB
5 KB 102ms
99ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-darla-1.9.4-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

a21c54c2b9d3b80729036a4defe8e2a0148651ac73730232dfb421194edb607d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:54:33 GMT
x-amz-version-id: 7lufTW86XRIkcZosvi94EaRTJDsvY.N7
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 1XAAXX3QB0J6NFHP
age: 2664
x-amz-server-side-encryption: AES256
x-amz-id-2: I+m9QtBtUu9VYXWuylpPJRrPZRflQrDkf4IvJ003bVSVGq0M0VX2StCi7lvI4nF7CjDZ2L9v/VU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Mar 2023 17:30:12 GMT
server: ATS
etag: "0891d5528c25de8e55f5690cb0e56684-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-sticky-1.2.2-modern.js Show response
s.yimg.com/aaq/wf/ 8 KB
3 KB 103ms
100ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-sticky-1.2.2-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

5632460146e8c5fafe259fd29c043ac487ee600b75c92ca38d11758bc7830d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:15:27 GMT
x-amz-version-id: erSKqF.C5B3.fZ5r0Iz22vUvLbTDMA5j
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: XVK2C2FYBYCZQRE2
age: 5010
x-amz-server-side-encryption: AES256
x-amz-id-2: wNVIXRIgRDeX2IdxbSAOClJnVvy++Bqkd5CLd891yKUNJL6GlskxSqZGNStrJpD09ILQGDSbCX0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Jan 2023 21:53:21 GMT
server: ATS
etag: "355c0bd3267e2059d578d175f826651c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-image-1.4.0-modern.js Show response
s.yimg.com/aaq/wf/ 6 KB
3 KB 103ms
100ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-image-1.4.0-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

d77e659299c397037513aff88093b64f6ce29994b94d99256ad84a7910c0ceb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:54:34 GMT
x-amz-version-id: kGIIRCHIdgWfcr_wSmm8v8C_z6K3HVA8
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: YESEB5EV71K9BCM7
age: 2663
x-amz-server-side-encryption: AES256
content-length: 2573
x-amz-id-2: HLuiohKPYRIuGQiUAg4L+i06pGtW9vGq2atb2CllL+rr9QCejaz9L8wxD07Q87AFIuLSlsHaPUU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Apr 2022 16:44:15 GMT
server: ATS
etag: "2e3968239b770b8186bb480d513311cd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 tdv2-wafer-content-list.custom.c5b1d1b30a366567b8d67f27e343f60d.js Show response
s.yimg.com/aaq/nel/js/ 4 KB
2 KB 101ms
97ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/nel/js/tdv2-wafer-content-list.custom.c5b1d1b30a366567b8d67f27e343f60d.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

ad24df8561b589323813953f7fd01e7aac1253b8570e78c9c2d07ac6488ea0e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 20:34:38 GMT
x-amz-version-id: SVluNY5.95yF3Bo7AJriS2T4kd_CnG1h
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: HMMQCP8RSRYQES4M
age: 198259
x-amz-server-side-encryption: AES256
content-length: 1629
x-amz-id-2: 1ATmCKv+s7F3NF+/T+1ILDkvCEsvfCyNj5zQV/ypHJGCrUlfXEZJUXc7qvaOX79z5bv+7aIQqdU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 02 Dec 2022 15:34:48 GMT
server: ATS
etag: "c5b1d1b30a366567b8d67f27e343f60d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-rapid-1.10.7-modern.js Show response
s.yimg.com/aaq/wf/ 12 KB
4 KB 104ms
101ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-rapid-1.10.7-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

9bf0227d6ccfe79af5db9b3a44b9a60e3e0c2d4f47d60ce59f38407ed92d63e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:59:37 GMT
x-amz-version-id: EDSOdpd7P9yPfL1lfA7JPLTyjRajCYfL
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: DVFFQDJKQ6V8NT2A
age: 5960
x-amz-server-side-encryption: AES256
x-amz-id-2: /TnckAmtRFgiNe9x8Hy/MpF9kENdi4loOHxq6aQmZ5ln/YjCgdv0SVMc2ys+r3GYWI48Jr0hNqA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Feb 2023 02:39:43 GMT
server: ATS
etag: "a3b577db9f05ff5ce5d07627fcedf1ac-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 react-wafer-featurebar.custom.modern.12732500bc8e47693f0d777bbe88001c.js Show response
s.yimg.com/aaq/fp/js/ 2 KB
930 B 104ms
101ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/fp/js/react-wafer-featurebar.custom.modern.12732500bc8e47693f0d777bbe88001c.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

a03f9a37e34771c42cf7930b2f466ea2077d149f6dba0e81982e7715a87dd8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:59:37 GMT
x-amz-version-id: ktIqZY5t35wTM4d07XFqB.S0kDb7QpBg
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: DVF3YWHXQWSSWY2B
age: 5960
x-amz-server-side-encryption: AES256
content-length: 671
x-amz-id-2: gfWvDd+iwscRvTcID7RMSbL+K7zXOo0fbv9Ir2lenH/xMKirTX8IixprQgA5HGknzl314pTvL/c=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Aug 2022 04:32:27 GMT
server: ATS
etag: "12732500bc8e47693f0d777bbe88001c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 react-wafer-subscription.custom.monalixa.modern.297eb60eb0ddd5056d12151fd7d4c000.js Show response
s.yimg.com/aaq/fp/js/ 1 KB
858 B 77ms
74ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/fp/js/react-wafer-subscription.custom.monalixa.modern.297eb60eb0ddd5056d12151fd7d4c000.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

cc2cc463fbafa5eea3cc38d983027a2c2574c1ab23c22ed317e33225d6fec1b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 00:43:49 GMT
x-amz-version-id: aY7ALS4TTUowlwTFZiRhJTOXwgzCaMBX
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 32FNRPPNAXWBGRVE
age: 183308
x-amz-server-side-encryption: AES256
content-length: 583
x-amz-id-2: 4nH6dfT8plkWjby1Rqj6rr3hixifjpSgPjQfYBQpOqazeb0He/CvFM4iV6p2vIgGoJsTEPr9j4Q=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Sep 2021 13:10:46 GMT
server: ATS
etag: "297eb60eb0ddd5056d12151fd7d4c000-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 c91f336.caas-article2_web.min.css
s.yimg.com/aaq/c/ 115 KB
18 KB 158ms
76ms Stylesheet
text/css 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/c/c91f336.caas-article2_web.min.css

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

5f42ffe9c87982d3ab64a7ca26d307fd3368f3badc0e2c15f21197c4fa1e9801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:54:06 GMT
x-amz-version-id: gDHt2c6Vfcd_gUk863VysGyFd.aumDdF
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: AC15H93F0GFC6QY2
age: 9891
x-amz-server-side-encryption: AES256
x-amz-id-2: vlfitpYUGhHArYe6roweAfLlaPGJErckDQGh0zooOeBuc57bTFrZQ+LSSYwAFpGWGFjC3cMmfOj8JAuLyca+ix22Bbs6JSoaVQudlKOM1SE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 28 Apr 2023 03:43:51 GMT
server: ATS
etag: "b1b8ed936f6bea6ec249ba66a439dfc8-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 yahoo_news_en-US_h_p_newsv2.png
s.yimg.com/rz/stage/p/ 2 KB
2 KB 82ms
79ms Image
image/png 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/rz/stage/p/yahoo_news_en-US_h_p_newsv2.png

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

d4e305677c8bf9811e9d43f06825b8d255e9a0cf2c02a78e3f08ecd4e93f5bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 15:26:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: A5AAFMYXSS0HDXQJ
age: 43960
x-amz-server-side-encryption: AES256
content-length: 1696
x-amz-id-2: 6JlhxNU5ImwocQvAp1uvnA5qYdY8XWUwYdcXlJZTPHxJYkwkNiEb8lg5xmP71UOZ96wmPmJo48o=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 28 Apr 2023 19:07:05 GMT
server: ATS
etag: "736cf3939e9ba4c97a7cad440630f2bd"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes
expires: Sat, 29 Apr 2023 23:00:00 GMT

GET
H2 200 cerebro_min.js Show response
edge-mcdn.secure.yahoo.com/ybar/ 6 KB
6 KB 65ms
62ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-mcdn.secure.yahoo.com/ybar/cerebro_min.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

b168be397ac36dbca02b07547dad2a928427e765df9b49a931f05db057f3a83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 21:19:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: G7WZF14BA113CTHB
age: 22756
x-amz-server-side-encryption: AES256
content-length: 5636
x-amz-id-2: NPDt6eXDiu7puKfWFszwAJW3tudUMql+4lm0E5uURnKci+Z7DP5SSSJgiCpvOq/sqyoHEOpPnhM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 05 May 2022 20:34:05 GMT
server: ATS
etag: "0ccb51bc1dd6980920da39e008a599e0"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 be27c700-2a45-11eb-bbd7-3133ae25e259
s.yimg.com/ny/api/res/1.2/iA4DnniQFpc_RzP6FnA8kA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTEyMDtoPTQ4O2NmPXdlYnA-/https://s.yimg.com/os/creatr-uploaded-images/2020-11/ 3 KB
3 KB 80ms
78ms Image
image/webp 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ny/api/res/1.2/iA4DnniQFpc_RzP6FnA8kA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTEyMDtoPTQ4O2NmPXdlYnA-/https://s.yimg.com/os/creatr-uploaded-images/2020-11/be27c700-2a45-11eb-bbd7-3133ae25e259

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

83a43263c72c61189ef01e70ef6c26bb86fbe532e552ce5f9fa6830995012bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 21:04:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 23690
edge-cache-tag: 341634051437696073379572492980631460304,354831323380389462829293435217064968056,ae7a14591aaf8d474cdb3f92111c923e
x-cache: HIT
cache-tag: 341634051437696073379572492980631460304,354831323380389462829293435217064968056,ae7a14591aaf8d474cdb3f92111c923e
content-disposition: inline; filename="be27c700-2a45-11eb-bbd7-3133ae25e259.webp"
content-length: 2936
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000154-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Jun 2021 10:59:04 GMT
server: ATS
x-timer: S1682802247.867301,VS0,VE1
etag: "f3d5c9363610cf4085c72b8c6deaeb83"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 s_500x500
s.yimg.com/ny/api/res/1.2/9ke0VBQ8kNjAND0_U.qi8A--/YXBwaWQ9aGlnaGxhbmRlcjt3PTgwO2g9ODA7Y2Y9d2VicA--/https://s.yimg.com/zb/imgv1/3525a6fb-60da-3f87-888a-3eb81d06f660/ 956 B
1 KB 83ms
81ms Image
image/webp 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ny/api/res/1.2/9ke0VBQ8kNjAND0_U.qi8A--/YXBwaWQ9aGlnaGxhbmRlcjt3PTgwO2g9ODA7Y2Y9d2VicA--/https://s.yimg.com/zb/imgv1/3525a6fb-60da-3f87-888a-3eb81d06f660/s_500x500

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

1259cc86f806051e9f350b161fd4fe61e3fabf0faed7088af6c0f3bf0bd9a9e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:23:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 224135
cld_latency: 5
edge-cache-tag: 481948367340505578554706095033616474605,433094064569472744132298361792660882338,ae7a14591aaf8d474cdb3f92111c923e
x-cache: HIT
cache-tag: 481948367340505578554706095033616474605,433094064569472744132298361792660882338,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
cld_hits: 1
content-disposition: inline; filename="s_500x500.webp"
content-length: 956
x-xss-protection: 1; mode=block
cld_by: cache-iad-kiad7000024-IAD
x-served-by: cache-iad-kiad7000024-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Dec 2021 19:47:06 GMT
server: ATS
x-timer: S1682601802.606767,VS0,VE5
etag: "a5a3bc20a8c1705ad7f3d44c5e29b923"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 wf-core-1.62.0-modern.js Show response
s.yimg.com/aaq/wf/ 60 KB
16 KB 30ms
30ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-core-1.62.0-modern.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

9148eaad1bea373431b8d687de3ba70ab1d29eeb5e343588b4caa6989fd6eb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:06:47 GMT
x-amz-version-id: pFBuYsJnAxl990gcm6HY97alF8qFRS.C
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: VQMEQ92SB2C6Y6SY
age: 37930
x-amz-server-side-encryption: AES256
x-amz-id-2: zuBJ9d7esX5ay/g/47TcBWbGAhvuTtxHcQ0V3gbPYy4C6hgigjHUyPcn6MH9Q/FYXtH3pjt3TvE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Mar 2023 20:09:36 GMT
server: ATS
etag: "31e10d2e91c40bdb5755da4c428534e3-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 yaft-0.3.28.min.js Show response
s.yimg.com/os/yaft/ 17 KB
6 KB 103ms
101ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/os/yaft/yaft-0.3.28.min.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

7900f06ebc33d9f9c64f1cc1f92cb19e54bc2bfe2dbd3ec8cc3a0cbb8420014f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:32:18 GMT
x-amz-version-id: null
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: FDP8QC4SYC32F7G1
age: 399
x-amz-server-side-encryption: AES256
x-amz-id-2: IfnMuwX3FKCPbBjUcXC8rzvwyuwRrDbLNQg/D4bCRbuwkHB+y43OEHaLXqQMEv97PFXtUodfMuo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Sep 2019 04:05:39 GMT
server: ATS
etag: "0731da3e399a4565e47c36702ffa9ba6-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=315360000
accept-ranges: bytes

GET
H2 200 d1d6223.caas-article2_web.min.js Show response
s.yimg.com/aaq/c/ 130 KB
33 KB 81ms
75ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/c/d1d6223.caas-article2_web.min.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

f7d9618fb6dc449b8955c8645f74528311ff1e4b78dd1f927db8e920b2ddae3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:15:00 GMT
x-amz-version-id: LvKRnyW5SdJiTDTY9QQafk6iG6sh1.zN
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: VWBKT61CA1ZQ41NS
age: 113037
x-amz-server-side-encryption: AES256
x-amz-id-2: LkMpHcgdLZk/9azPAZmD4hmUOqWehaifrQGArAzODv9hc234ooNZmLKdCk9fskZ71Ud9drd/ptA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 28 Apr 2023 17:06:27 GMT
server: ATS
etag: "295fe064d04d2510d53c25cf79e37a49-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 advertisement_0.0.19.js Show response
s.yimg.com/nn/lib/metro/g/myy/ 158 B
429 B 83ms
78ms Script
application/x-javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/nn/lib/metro/g/myy/advertisement_0.0.19.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

95fb5a5390afda7b7734b303c9f724039fda305313ce9517aa5f7a544a208af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:32:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: FDP9BV47A2R8YSJ4
age: 0
x-amz-server-side-encryption: AES256
content-length: 158
x-amz-id-2: S9IXfJ+/rLUyrPGAZViANF6Y7m6PkXr2CryiYIFO2IIKyQKgWN+XAe1L5IgIgaM6J+jvv+jMKrI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 May 2020 03:33:21 GMT
server: ATS
etag: "ca243b22264dca7a4a899c51cc2dc963"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: application/x-javascript
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes

GET
H2 200 header_1x-1479864976616.min.png
s.yimg.com/pv/static/img/ 910 B
1 KB 94ms
93ms Image
image/png 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/header_1x-1479864976616.min.png

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

426b046038143ad054687058dab793d909fa3dd666079ebcb36489ec5b8e0f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 21:09:47 GMT
strict-transport-security: max-age=31536000
x-amz-meta-created-date: Wed, 23 Nov 2016 01:36:21 GMT
x-content-type-options: nosniff
x-amz-request-id: DQ40TP6WQ57995XM
age: 23350
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1479864981365623
content-length: 910
x-amz-id-2: RjYx9/RN0xmHcvuP/BZ1PlDB7GJpe7RZMnwUmT7uYVyUJjAkICt5dHF+UOueodCeYM7+loF9ks8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Apr 2018 17:59:57 GMT
server: ATS
etag: "7f972abeceed50ca083138400b84d1c0"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:174fb767-5e6f-47ee-959f-e24098938cca000541edea87a377"
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H/1.1 200
OK consentRecord Show response
guce.yahoo.com/v1/ 113 B
611 B 127ms
26ms XHR
application/json 54.164.208.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/cmp/version/6.3.0/cmp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.208.134 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-208-134.compute-1.amazonaws.com

Software

guce /

Resource Hash

bcb36fc2f073140303c0e921a77468187d42ae1dce94254c8b15b282ba210df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:56 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: guce
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://news.yahoo.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, User-Agent, X-Forwarded-For, X-Oath-Gcrumb
Content-Length: 111

GET
H2 200 __rapid-worker-1.2.js
news.yahoo.com/ 15 KB
8 KB 25ms
25ms Other
application/javascript 2001:4998:124:1507::a000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://news.yahoo.com/__rapid-worker-1.2.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:124:1507::a000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

f2cfbd195dff011843f93e2d32979f6f07926211cbf3edddc3b708b0bb04c8a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.builtbygirls.com https://.rivals.com https://.engadget.com https://.intheknow.com https://.autoblog.com https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.pnr.ouryahoo.com https://pnr.ouryahoo.com https://.search.aol.com https://.search.huffpost.com https://.onesearch.com https://.verizonmedia.com https://.publishing.oath.com https://.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=3vjb5cdi4romg&partner=;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 23:19:19 GMT
x-amz-version-id: null
x-amz-meta-created-date: Wed, 15 Oct 2014 18:48:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://*.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=3vjb5cdi4romg&partner=;
x-amz-request-id: YQVVBHXR8PZF4QKD
age: 15578
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1413398917170161
content-length: 6868
x-amz-id-2: 1wJmtDrExazUTh1I0JTtNToT6Nuq3/PVYXFiOTjKbzGT/jsvXbsymqsdIUaxxl0PrUUeAS8qBXI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Mar 2018 20:46:57 GMT
server: ATS
etag: "e2202e6ed6ef52cec2c4a875c99225ba-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:e64293ae-a913-4bb2-8dd1-87431f3be4230005057a946243f1"
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 exp.json Show response
edge-mcdn.secure.yahoo.com/ybar/ 2 KB
2 KB 31ms
30ms Fetch
application/json 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-mcdn.secure.yahoo.com/ybar/exp.json

Requested by

Host: edge-mcdn.secure.yahoo.com
URL: https://edge-mcdn.secure.yahoo.com/ybar/cerebro_min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

5cb2b348029a5c8cad5342d73f5f78ac09ad0cf6ebde80b5a1ed069f08332ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:49:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: BXGK88RHBN3XA5EA
age: 17375
x-amz-server-side-encryption: AES256
content-length: 1784
x-amz-id-2: oLwNuaONxgW+4SaWAxOIIuNWTxG78uiYujEe3gTM+D9o6vzIIwXB+PEt0BA2/kWvNxVUZXySGYw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Dec 2022 17:20:56 GMT
server: ATS
etag: "877792d86d801176269a36ac7b4e6e02"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 voiceSearch1x-1620383531565.min.png
s.yimg.com/pv/static/img/ 3 KB
3 KB 32ms
32ms Image
image/png 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/voiceSearch1x-1620383531565.min.png

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

1a166ebd6c8872d71efcefb4765db513014b732e1886525c5f2d5ded87071451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:52:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: ZTRQH7S8BBNDMSCJ
age: 24405
x-amz-server-side-encryption: AES256
content-length: 2986
x-amz-id-2: JfagQaLHjZSc7Dpn617mkzMmP1RoiJvYFIFE9p90CfyfyqVZzutHh81BqPpRV91RH0mQ38cwHCpEWQfPNYGQau8RyL88m1uj
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 07 May 2021 10:32:24 GMT
server: ATS
etag: "c2396079060a7028fa898a73b72aa592"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: public,max-age=315360000
accept-ranges: bytes

GET
H2 200 perf-vitals_3.1.0.js Show response
s.yimg.com/cx/pv/ 8 KB
3 KB 31ms
30ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cx/pv/perf-vitals_3.1.0.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

baa52e8ac769d702e14fd1fa5a4363a1fc7e6462115ab6bcdbb317ce0e99da8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 8ZCFBYP2DRHPKYC2
age: 7960
x-amz-server-side-encryption: AES256
x-amz-id-2: wW2uIWBEJhIHkrb8odnExskMc0RQJ+Aw7nGfM7hwupxOOREdetrtJ2Vj/ZlXy0jhaxlVB1R+UsY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Jan 2023 00:09:27 GMT
server: ATS
etag: "26831b6bd9ea430823f593b6a70c7375-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 9853_b5085ed531.chunk.js Show response
s.yimg.com/aaq/c/ 10 KB
3 KB 34ms
34ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/c/9853_b5085ed531.chunk.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/c/d1d6223.caas-article2_web.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

fcf9b547d62f3d81ca6c3f77e373058f87753e9ddf15b2bf751693bb88fc19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 02:35:35 GMT
x-amz-version-id: LCGylaogLGPeonWztvlIT6SAqKi6N6K2
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: YMG3HZB5FTKK9GY4
age: 90202
x-amz-server-side-encryption: AES256
x-amz-id-2: mr0Xqw+EDD/cJ9S/Dr49/XzKIvAFhpfCdyTI0sXk7UQ8yG/Dg+s3+H37El51BnP70/iTXZ/wDQg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 28 Apr 2023 17:06:26 GMT
server: ATS
etag: "2dd9b01bf6904c3748a945d12282d0c2-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 337_b5085ed531.chunk.js Show response
s.yimg.com/aaq/c/ 11 KB
4 KB 32ms
32ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/c/337_b5085ed531.chunk.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/c/d1d6223.caas-article2_web.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

b93a89a0bba1ed1a4e1d2529f3b81afc5a2f8c28dedbdb5a544db8cd63e79084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:08:08 GMT
x-amz-version-id: 5NO9jDft9arewrvnkNYFHkkmG05mOXdU
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: KQPM8RC9ZQJ2CT7X
age: 117050
x-amz-server-side-encryption: AES256
x-amz-id-2: /7KrA6keLp99nhBzBmp3I5bXL7YjRC1hj8tVWi7sI1Ucr2wsKhjZCT8V5gfhRnd+n6XewKAhaR0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 28 Apr 2023 17:06:21 GMT
server: ATS
etag: "097ed7b79dcad673f1a4741bf585ff8e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 2927_b5085ed531.chunk.js Show response
s.yimg.com/aaq/c/ 20 KB
6 KB 32ms
32ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/c/2927_b5085ed531.chunk.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/c/d1d6223.caas-article2_web.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

881a2159b7873d75bf4d0f7dde8301e24d735daf9eb6a4594fff2ecd14797fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:08:08 GMT
x-amz-version-id: FVwkjcxzAm2pWU2dy9BoAWmaflsNJCrc
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: KQPM4Q87NM134SGF
age: 117050
x-amz-server-side-encryption: AES256
x-amz-id-2: boGmM5GUA5WNiHkMWcps97bzoYK04BA5jmynyTPI7wJPxCA3iYreoicUsoKbS/daDQx/Z+FPkUM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 28 Apr 2023 17:06:20 GMT
server: ATS
etag: "861697133b2b4d3bb8ab59210cac0418-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

POST
H2 204 yql Show response
udc.yahoo.com/v2/public/ 0
444 B 80ms
28ms XHR
text/plain 2001:4998:58:207::6000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=1197618800&yhlCT=2&yhlBTMS=1682825936458&yhlClientVer=3.53.38&yhlRnd=dGlIbdrFa6ntkv5I&yhlCompressed=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:56 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin: https://news.yahoo.com
cache-control: no-store, no-cache, private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
expires: -1

POST
H2 204 yql Show response
udc.yahoo.com/v2/public/ 0
23 B 88ms
38ms XHR
text/plain 2001:4998:58:207::6000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=1197618800&yhlCT=2&yhlBTMS=1682825936461&yhlClientVer=3.53.38&yhlRnd=rgHdgjDGqj3XG8Tn&yhlCompressed=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:56 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin: https://news.yahoo.com
cache-control: no-store, no-cache, private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
expires: -1

GET
H2 200 wf-jac-1.2.3-modern.js Show response
s.yimg.com/aaq/wf/ 12 KB
4 KB 30ms
30ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-jac-1.2.3-modern.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/wf/wf-core-1.62.0-modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

3defef2ac915daeddee049dc59f895a103f0af03fc1e677189c5b42b2dc7a2a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 16:52:44 GMT
x-amz-version-id: f6l14McunIidLpJm7k4tCRSObf4bKaol
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 1EDG3ENC86AQ6086
age: 470773
x-amz-server-side-encryption: AES256
x-amz-id-2: XrjguIdNHf0rEDiSdBcHKfpLZtvhu1sbG1RSeeJsB1N++tX6Ta6r2xrk+CdhRvMqW0p0ZKcNDrQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 Apr 2023 13:38:28 GMT
server: ATS
etag: "7f42966001e9d6ca736a70aae975aec8-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 206 voice-start-202105050733.wav
s.yimg.com/pv/static/misc/ 185 KB
185 KB 39ms
35ms Media
binary/octet-stream 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/pv/static/misc/voice-start-202105050733.wav

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

75799b61c8d93b46365ae3a603ef508acee921adbf2abf4ada583fc4e0e4bb82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 29 Apr 2023 13:25:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: G8KRW2289RZ0Z3XY
age: 51223
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-189159/189160
Content-Length: 189160
x-amz-id-2: 3E/J7fFKblt9bGYNwspPMn0MX3yPcbERMUlztc7W+pu+cJSqfa1Td1911yqeSxAJBwe81Vz6U5s=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 May 2021 07:33:16 GMT
server: ATS
etag: "8abfe6dfa7b0d9a5a4b7268155054740"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: binary/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Mon, 05 May 2031 07:33:14 GMT

GET
H2 206 voice-result-202105050733.wav
s.yimg.com/pv/static/misc/ 78 KB
79 KB 34ms
33ms Media
binary/octet-stream 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/pv/static/misc/voice-result-202105050733.wav

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

63678162cb830afba8013a29be9148c72c3dd90561f1b0e7a3cdfbfd883912d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 28 Apr 2023 12:09:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: C5Y2TBH4ERHXJBP0
age: 142169
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-80335/80336
Content-Length: 80336
x-amz-id-2: ad9+dsfsysycULEOurlaKZRrNBp9yeHILb7mhXUf+hxECEFXxxiaBs0TUC1G5Wx5HaYSnzwXTiE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 May 2021 07:33:25 GMT
server: ATS
etag: "f536e8f265fbbd76a5f7b9fc0ea0ad69"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: binary/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Mon, 05 May 2031 07:33:23 GMT

GET
H2 206 voice-error-202105050733.wav
s.yimg.com/pv/static/misc/ 83 KB
84 KB 37ms
36ms Media
binary/octet-stream 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/pv/static/misc/voice-error-202105050733.wav

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

86145e56e9b4bd3a42e3ddf6b7cb6bc8e9372891aa5bae35ea0f3facda3c99aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 26 Apr 2023 18:41:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: DC8C9WHTZSB9WZWQ
age: 291431
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-85335/85336
Content-Length: 85336
x-amz-id-2: 4HVoxzyqynvv6FRrqP7jacsbq/7akWFDDIzXtALI90woOiOrYGahx+Zxk3oJ36L2QlR7AM28xlmHZO/6coA4CA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 May 2021 07:33:41 GMT
server: ATS
etag: "f35ad0c20d2f7e02b99e4866a98989d1"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: binary/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Mon, 05 May 2031 07:33:40 GMT

GET
H2 206 voice-close-202105050733.wav
s.yimg.com/pv/static/misc/ 146 KB
146 KB 36ms
36ms Media
binary/octet-stream 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/pv/static/misc/voice-close-202105050733.wav

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

0598e13041b04bd01dc5e5849abebac0e253bbac3ec6bdc71ca62b84100717f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 28 Apr 2023 21:27:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: TGARD4QF1K304H8Y
age: 108703
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-149335/149336
Content-Length: 149336
x-amz-id-2: LlMWCC1G2CmdQzoSn7QKLTg0gvm0eaRNTHdhFW+Ie+k4VbLLtNcRAWePgoijE2zkU/sVLQYyD6UOcvzewOM60A==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 May 2021 07:33:34 GMT
server: ATS
etag: "8f1c7f5187e8e78fdb31a5e6c688e803"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: binary/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Mon, 05 May 2031 07:33:32 GMT

GET
H2 200 / Show response
news.yahoo.com/caas/content/article/ 573 KB
115 KB 130ms
130ms Fetch
application/json 2001:4998:124:1507::a000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://news.yahoo.com/caas/content/article/?uuid=3506c84e-ce9a-3f82-9ee9-504385a487f0,94b36970-1173-3188-996f-8d52f4effdd4,72576a92-01e7-35ef-ab05-6c6d6aa55a5b,f3e52f30-9aed-33e3-984c-63517ab2a1de,bd2b22cb-9f4c-3b18-89d8-a916d91b2f27,1c06125e-39fa-3f90-bed8-046a27d8fa15,cef5973a-577b-3d8a-bd17-0456d8a52b20&lang=en-US&region=US&site=news&adidprefix=sda-&appid=article2_web&features=cluster,eagerRR,enableAdSlotsOneSlot,enableCommentsCountViaOpenweb,enableRRAdsSlots,enableRRAdsSlotsWithJAC,enableRightRailTrendingModule,enableSingleSlotting,enableVideoDocking,enableViewCommentsCTA,enableXrayAthleteHeaderV2,enableXrayCardsFollowButton,enableXrayEntityAboutFacts,enableXrayFollowButtonV2,enableXrayHyperloopCards,enableXrayNcp,enableXrayPeopleEntities,enableXrayTickerEntities,enableXrayTopicEntities,exposeYctIds,noRapidClickClass,readMoreCluster,removeDuplicateImage,showCommentsIconInShareSec&bucket=usnd-a20-seamless-int3&device=desktop&partner=none&hostname=news.yahoo.com&rid=74hs03li4romf

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/wf/wf-core-1.62.0-modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:124:1507::a000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS / Express

Resource Hash

c86bdd69872c684458ad8cdb44f3cdde1eab76d6c0122302a864a4535288c456

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.builtbygirls.com https://.rivals.com https://.engadget.com https://.intheknow.com https://.autoblog.com https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.pnr.ouryahoo.com https://pnr.ouryahoo.com https://.search.aol.com https://.search.huffpost.com https://.onesearch.com https://.verizonmedia.com https://.publishing.oath.com https://.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=26ps40li4romg&partner=;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
accept-language: en-CA,en;q=0.9
x-webp: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://*.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=26ps40li4romg&partner=;
age: 0
x-powered-by: Express
x-envoy-upstream-service-time: 105
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
etag: W/"8f53c-e7AqpwVjjGGHqdM/MKCviqchsQA"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=7241469&c5=1197618800&c7=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&c14=-1&c8=Mike%20Pompeo%20says%20Russia%20was%20%27p...
https://sb.scorecardresearch.com/p2?c1=2&c2=7241469&c5=1197618800&c7=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&c14=-1&c8=Mike%20Pompeo%20says%20Russia%20was%20%27...

43 B
300 B

89ms
89ms

Image
image/gif

18.160.200.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=7241469&c5=1197618800&c7=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&c14=-1&c8=Mike%20Pompeo%20says%20Russia%20was%20%27pretty%20clearly%27%20behind%20the%20massive%20SolarWinds%20cyberattack%20that%20compromised%20US%20national%20security&c9=&gdpr=0&gdpr_consent=&cs_ucfr=1&ns_c=UTF-8&ns__t=1682825936489
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Server: 18.160.200.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-200-115.ord56.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:56 GMT
via: 1.1 1c31f32fd01218a6b90f8d105d5197e6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: ORD56-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: NxWCQ5u8riwIcXM4fSKUbhwIxU-TwaphesrO6L25tEcR4Y8ekDIguw==

Redirect headers

date: Sun, 30 Apr 2023 03:38:56 GMT
via: 1.1 1c31f32fd01218a6b90f8d105d5197e6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: ORD56-P5
x-cache: Miss from cloudfront
location: /p2?c1=2&c2=7241469&c5=1197618800&c7=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&c14=-1&c8=Mike%20Pompeo%20says%20Russia%20was%20%27pretty%20clearly%27%20behind%20the%20massive%20SolarWinds%20cyberattack%20that%20compromised%20US%20national%20security&c9=&gdpr=0&gdpr_consent=&cs_ucfr=1&ns_c=UTF-8&ns__t=1682825936489
content-length: 0
x-amz-cf-id: j89zxxlTSsOXk11lT66mUZtT5GsrBk9d0UPRdz9DdaLz57hhIJ-skg==

GET
H2 200 jac.js Show response
openweb.jac.yahoosandbox.com/1.5.0/ 130 KB
39 KB 517ms
30ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://openweb.jac.yahoosandbox.com/1.5.0/jac.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/nel/js/spotIm.custom.SpotIMJAC.seamless.ffd6ccdc4898d5f3976b684bef297dbc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

dffbef41df2c457469eaeafc355c043a0afbac1acae8528abf084429a3d6d2ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://yahoo.com https://*.yahoo.com https://techcrunch.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 19:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors https://yahoo.com https://*.yahoo.com https://techcrunch.com
x-amz-request-id: 4RQ9DAK31BVZB7AF
age: 290042
x-amz-server-side-encryption: AES256
content-length: 39811
x-amz-id-2: 4DWhQ9mjvrtR7H9cXbWodOWBBHzYexlYwKmwArSqbwp0cPT7nzAwEbMrHJvCRkNfFUtKgO2UhZYIn2+qL3CrGw==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
server: ATS
etag: "ba7ab9e2045b668f3f93509ade11995d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes

GET
H2 200 __rapid-worker-1.2.js
news.yahoo.com/ 15 KB
7 KB 23ms
22ms Other
application/javascript 2001:4998:124:1507::a000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://news.yahoo.com/__rapid-worker-1.2.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:124:1507::a000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

f2cfbd195dff011843f93e2d32979f6f07926211cbf3edddc3b708b0bb04c8a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.builtbygirls.com https://.rivals.com https://.engadget.com https://.intheknow.com https://.autoblog.com https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.pnr.ouryahoo.com https://pnr.ouryahoo.com https://.search.aol.com https://.search.huffpost.com https://.onesearch.com https://.verizonmedia.com https://.publishing.oath.com https://.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=5mj5cidi4romg&partner=;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 23:19:19 GMT
x-amz-version-id: null
x-amz-meta-created-date: Wed, 15 Oct 2014 18:48:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://*.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=5mj5cidi4romg&partner=;
x-amz-request-id: YQVVBHXR8PZF4QKD
age: 15578
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1413398917170161
content-length: 6868
x-amz-id-2: 1wJmtDrExazUTh1I0JTtNToT6Nuq3/PVYXFiOTjKbzGT/jsvXbsymqsdIUaxxl0PrUUeAS8qBXI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Mar 2018 20:46:57 GMT
server: ATS
etag: "e2202e6ed6ef52cec2c4a875c99225ba-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:e64293ae-a913-4bb2-8dd1-87431f3be4230005057a946243f1"
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 wf-progress-loader-1.2.10-modern.js Show response
s.yimg.com/aaq/wf/ 9 KB
3 KB 37ms
37ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-progress-loader-1.2.10-modern.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/wf/wf-core-1.62.0-modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

0d864745a7e6b476fe45e22dae4dc98a34caab86f06a416326b7e331ffa6583d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 21:50:56 GMT
x-amz-version-id: 0V1bPH0A4NRkRqZO6zeCq3XLmRNRPmkh
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 9BWMEEHJEWRNXBT2
age: 20881
x-amz-server-side-encryption: AES256
x-amz-id-2: npNudBy0cKdAHsNOnOn5c15+MMTsgyLgZnt2NE62AeBaVGDzrYKKXPhhBfMiiosDcIXdMY1QD7c=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Dec 2022 17:36:40 GMT
server: ATS
etag: "c01ecd734c7347629ac5a94f0263d250-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

POST
H2 204 yql Show response
udc.yahoo.com/v2/public/ 0
23 B 48ms
38ms XHR
text/plain 2001:4998:58:207::6000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=1197618800&yhlCT=2&yhlBTMS=1682825936501&yhlClientVer=3.53.38&yhlRnd=4IEZVa1e9rd67s5a&yhlCompressed=3

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:56 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin: https://news.yahoo.com
cache-control: no-store, no-cache, private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
expires: -1

POST
H2 204 reporting-observer
news.yahoo.com/_td_api/beacon/ 0
736 B 35ms
32ms Ping
text/plain 2001:4998:124:1507::a000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://news.yahoo.com/_td_api/beacon/reporting-observer?meta=%7B%22sourceFile%22%3Anull%2C%22lineNumber%22%3Anull%2C%22columnNumber%22%3Anull%2C%22id%22%3A%22ExpectCTHeader%22%2C%22message%22%3A%22The%20%60Expect-CT%60%20header%20is%20deprecated%20and%20will%20be%20removed.%20Chrome%20requires%20Certificate%20Transparency%20for%20all%20publicly%20trusted%20certificates%20issued%20after%20April%2030%2C%202018.%22%2C%22anticipatedRemoval%22%3Anull%7D&src=deprecation&_rdn=936503&rid=74hs03li4romf&bucket=usnd-a20-seamless-int3&device=desktop&osName=windows%20nt&browserName=chrome&browserVersion=112.0&site=fp

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/nel/jsc/tdv2-wafer-utils.19c76fb8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:124:1507::a000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.builtbygirls.com https://.rivals.com https://.engadget.com https://.intheknow.com https://.autoblog.com https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.pnr.ouryahoo.com https://pnr.ouryahoo.com https://.search.aol.com https://.search.huffpost.com https://.onesearch.com https://.verizonmedia.com https://.publishing.oath.com https://.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=430o9bti4romg&partner=;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Apr 2023 03:38:56 GMT
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
content-security-policy: frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://*.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=430o9bti4romg&partner=;
age: 0
x-powered-by: Express
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_beaconeater.media.yahoo.com
cache-control: max-age=0, private
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
expires: -1

POST
H2 204 reporting-observer
news.yahoo.com/_td_api/beacon/ 0
572 B 36ms
32ms Ping
text/plain 2001:4998:124:1507::a000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://news.yahoo.com/_td_api/beacon/reporting-observer?meta=%7B%22sourceFile%22%3Anull%2C%22lineNumber%22%3Anull%2C%22columnNumber%22%3Anull%2C%22id%22%3A%22ExpectCTHeader%22%2C%22message%22%3A%22The%20%60Expect-CT%60%20header%20is%20deprecated%20and%20will%20be%20removed.%20Chrome%20requires%20Certificate%20Transparency%20for%20all%20publicly%20trusted%20certificates%20issued%20after%20April%2030%2C%202018.%22%2C%22anticipatedRemoval%22%3Anull%7D&src=deprecation&_rdn=936504&rid=74hs03li4romf&bucket=usnd-a20-seamless-int3&device=desktop&osName=windows%20nt&browserName=chrome&browserVersion=112.0&site=fp

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/nel/jsc/tdv2-wafer-utils.19c76fb8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:124:1507::a000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.builtbygirls.com https://.rivals.com https://.engadget.com https://.intheknow.com https://.autoblog.com https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.pnr.ouryahoo.com https://pnr.ouryahoo.com https://.search.aol.com https://.search.huffpost.com https://.onesearch.com https://.verizonmedia.com https://.publishing.oath.com https://.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=3uh4q3ti4romg&partner=;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Apr 2023 03:38:56 GMT
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
content-security-policy: frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://*.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=3uh4q3ti4romg&partner=;
age: 0
x-powered-by: Express
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_beaconeater.media.yahoo.com
cache-control: max-age=0, private
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
expires: -1

POST
H2 200 p
geo.yahoo.com/ 43 B
308 B 257ms
25ms Ping
image/gif 2001:4998:58:207::6000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=1197618800&t=8w29l5aogqiAzl40,0.7177410902228731&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_a1s%03d%3DAQABBM_iTWQCEMHY-YpvW9Z_BAt2sE2gk38FEgEBAQE0T2RXZAAAAAAA_eMAAA%26S%3DAQAAAt47xNq-yC0w6D5gZjH_J3w%26j%3DWORLD%04_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03usnd-a20-seamless-int3%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04A_sid%03GG7kiyUtagps51uv%04_w%03news.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html%04_rid%0374hs03li4romf%04abk%03%04colo%03bf1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03news%04uh_vw%030%04navtype%03server%04p_cpos%031%04p_hosted%03hosted%04pcp%03Sophia%20Ankel%04pct%03story%04pd%03non_modal%04pl2%03seamless-article%04pstaid%03986b3626-7fe5-3ac6-943d-163ec6b9dd49%04pstaid_p%03986b3626-7fe5-3ac6-943d-163ec6b9dd49%04pstcat%03politics%04pt%03content%04ver%03article%04A_utm%03%7B%22perf_ttfb%22%3A483%2C%22perf_ttfb_rating%22%3A%22good%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031682825936%04_ms%03526%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:56 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

POST
H2 200 p
geo.yahoo.com/ 43 B
73 B 242ms
26ms Ping
image/gif 2001:4998:58:207::6000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=1197618800&t=1F6gs6nWSPU1Efnc,0.4613610669606887&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_a1s%03d%3DAQABBM_iTWQCEMHY-YpvW9Z_BAt2sE2gk38FEgEBAQE0T2RXZAAAAAAA_eMAAA%26S%3DAQAAAt47xNq-yC0w6D5gZjH_J3w%26j%3DWORLD%04_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03usnd-a20-seamless-int3%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04A_sid%03GG7kiyUtagps51uv%04_w%03news.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html%04_rid%0374hs03li4romf%04abk%03%04colo%03bf1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03news%04uh_vw%030%04navtype%03server%04p_cpos%031%04p_hosted%03hosted%04pcp%03Sophia%20Ankel%04pct%03story%04pd%03non_modal%04pl2%03seamless-article%04pstaid%03986b3626-7fe5-3ac6-943d-163ec6b9dd49%04pstaid_p%03986b3626-7fe5-3ac6-943d-163ec6b9dd49%04pstcat%03politics%04pt%03content%04ver%03article%04A_utm%03%7B%22perf_fcp%22%3A1073%2C%22perf_fcp_rating%22%3A%22good%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031682825936%04_ms%03542%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:56 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

POST
H2 204 yql Show response
udc.yahoo.com/v2/public/ 0
23 B 23ms
22ms XHR
text/plain 2001:4998:58:207::6000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=1197618800&yhlCT=2&yhlBTMS=1682825936572&yhlClientVer=3.53.38&yhlRnd=Dbuexar4zKkCFVwZ&yhlCompressed=3

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:56 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin: https://news.yahoo.com
cache-control: no-store, no-cache, private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
expires: -1

GET
H2 200 opus.js Show response
opus.analytics.yahoo.com/tag/ 6 KB
3 KB 80ms
18ms Script
application/javascript 152.199.24.48
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://opus.analytics.yahoo.com/tag/opus.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.24.48 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/473B) /

Resource Hash

03cf14763c6b398047e3494a9643bbcb987167525cb1bbb3d03e007510fa63c0

Security Headers

Name	Value
Content-Security-Policy	default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
content-encoding: gzip
date: Sun, 30 Apr 2023 03:38:56 GMT
last-modified: Wed, 26 Apr 2023 18:22:28 GMT
server: ECAcc (nyb/473B)
age: 292499
x-amz-request-id: ZTNKE3R3SR4WJEVB
etag: "e9ff43a4c27932c614b6011ed2920137+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 2357
x-amz-id-2: 6eX8sdrmIsaF3F5c/FbK6IYZXhX3TrimIvkoResbFN5oe7zoSCJ4BYVKG/63nWq7lZx8FdJ/noI=

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-11-1/html/ Frame A3A3 2 KB
1016 B 36ms
34ms Document
text/html 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 10056
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 753
content-type: text/html; charset=utf-8
date: Sun, 30 Apr 2023 00:51:21 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Tue, 21 Mar 2023 17:13:59 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: 4d3Tuu2LPrDUzMg1VX5XiXAwxtQDYvo2KV8mM+UPpU59GFMvIR7eWATpBizt5z0TIZ0XZPtVbhs=
x-amz-request-id: TDQNMY773QDGCAJJ
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830390%7C0%7C0%7CAdId=-41;BnId=0;ct=1914487186;st=17837;adcid=0;itime=825935754;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735841;imprefseq=135957967194302610;impr...
5.ras.yahoo.com/ 1 B
33 B 423ms
43ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830390%7C0%7C0%7CAdId=-41;BnId=0;ct=1914487186;st=17837;adcid=0;itime=825935754;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735841;imprefseq=135957967194302610;imprefts=1682825935;adclntid=1004;spaceid=1197618800;adposition=MAST;lmsid=a0770000003N6b9AAC;revshare=lmsid%253Aa0770000003N6b9AAC%253Brevsp%253Abusiness%255Finsider%255Farticles%255F888%253Blpstaid%253A986b3626%252D7fe5%252D3ac6%252D943d%252D163ec6b9dd49%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=EPDodjEwLjJ_k6BNZE3izxGJMjYwNwAAAAByHFU3;sectionid=149676551;kvpgcolo=bf1;kvhashtag=1996000;kvrs=lmsid:a0770000003n6b9aac:business_insider_articles_888:content:pd:0:pct:story:pt:site:lu:news:ver:article:986b3626-7fe5-3ac6-943d-163ec6b9dd49:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1996000;kvsecure=true;kvmn=y403557;kvy-bucket=usnd-a20-seamless-int3;kvwiki_topics=mike_pompeo:computer_security:united_states_department_of_state:malware:russia:fireeye:business_insider:the_pentagon:donald_trump:united_states_secretary_of_state:joe_biden:solarwinds:cyberattack:federal_government_of_the_united_states;kvsecure-darla=4-11-1%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830391%7C0%7C0%7CAdId=-41;BnId=0;ct=1914487186;st=19686;adcid=0;itime=825935755;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735849;imprefseq=135957967194302613;impr...
5.ras.yahoo.com/ 1 B
33 B 422ms
43ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830391%7C0%7C0%7CAdId=-41;BnId=0;ct=1914487186;st=19686;adcid=0;itime=825935755;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735849;imprefseq=135957967194302613;imprefts=1682825935;adclntid=1004;spaceid=1197618800;adposition=MON;lmsid=a0770000003N6b9AAC;revshare=lmsid%253Aa0770000003N6b9AAC%253Brevsp%253Abusiness%255Finsider%255Farticles%255F888%253Blpstaid%253A986b3626%252D7fe5%252D3ac6%252D943d%252D163ec6b9dd49%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=EPDodjEwLjJ_k6BNZE3izxGJMjYwNwAAAAByHFU3;sectionid=149676551;kvpgcolo=bf1;kvhashtag=1996000;kvrs=lmsid:a0770000003n6b9aac:business_insider_articles_888:content:pd:0:pct:story:pt:site:lu:news:ver:article:986b3626-7fe5-3ac6-943d-163ec6b9dd49:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1996000;kvsecure=true;kvmn=y403548;kvy-bucket=usnd-a20-seamless-int3;kvwiki_topics=mike_pompeo:computer_security:united_states_department_of_state:malware:russia:fireeye:business_insider:the_pentagon:donald_trump:united_states_secretary_of_state:joe_biden:solarwinds:cyberattack:federal_government_of_the_united_states;kvsecure-darla=4-11-1%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4880845%7C0%7C0%7CAdId=-41;BnId=0;ct=1914487186;st=21410;adcid=0;itime=825935756;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735859;imprefseq=135957967194302616;impr...
5.ras.yahoo.com/ 1 B
308 B 421ms
42ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4880845%7C0%7C0%7CAdId=-41;BnId=0;ct=1914487186;st=21410;adcid=0;itime=825935756;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735859;imprefseq=135957967194302616;imprefts=1682825935;adclntid=1004;spaceid=1197618800;adposition=MON2;lmsid=a0770000003N6b9AAC;revshare=lmsid%253Aa0770000003N6b9AAC%253Brevsp%253Abusiness%255Finsider%255Farticles%255F888%253Blpstaid%253A986b3626%252D7fe5%252D3ac6%252D943d%252D163ec6b9dd49%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=EPDodjEwLjJ_k6BNZE3izxGJMjYwNwAAAAByHFU3;sectionid=149676551;kvpgcolo=bf1;kvhashtag=1996000;kvrs=lmsid:a0770000003n6b9aac:business_insider_articles_888:content:pd:0:pct:story:pt:site:lu:news:ver:article:986b3626-7fe5-3ac6-943d-163ec6b9dd49:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1996000;kvsecure=true;kvmn=y408863;kvy-bucket=usnd-a20-seamless-int3;kvwiki_topics=mike_pompeo:computer_security:united_states_department_of_state:malware:russia:fireeye:business_insider:the_pentagon:donald_trump:united_states_secretary_of_state:joe_biden:solarwinds:cyberattack:federal_government_of_the_united_states;kvsecure-darla=4-11-1%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830384%7C0%7C225%7CAdId=-41;BnId=2;ct=1914487186;st=9043;adcid=1;itime=825935747;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735796;imprefseq=135957967194302598;imp...
5.ras.yahoo.com/ 1 B
33 B 423ms
44ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830384%7C0%7C225%7CAdId=-41;BnId=2;ct=1914487186;st=9043;adcid=1;itime=825935747;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735796;imprefseq=135957967194302598;imprefts=1682825935;adclntid=1004;spaceid=1197618800;adposition=LDRB;lmsid=a0770000003N6b9AAC;revshare=lmsid%253Aa0770000003N6b9AAC%253Brevsp%253Abusiness%255Finsider%255Farticles%255F888%253Blpstaid%253A986b3626%252D7fe5%252D3ac6%252D943d%252D163ec6b9dd49%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=EPDodjEwLjJ_k6BNZE3izxGJMjYwNwAAAAByHFU3;sectionid=149676551;kvpgcolo=bf1;kvhashtag=1996000;kvrs=lmsid:a0770000003n6b9aac:business_insider_articles_888:content:pd:0:pct:story:pt:site:lu:news:ver:article:986b3626-7fe5-3ac6-943d-163ec6b9dd49:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1996000;kvsecure=true;kvmn=y403551;kvy-bucket=usnd-a20-seamless-int3;kvwiki_topics=mike_pompeo:computer_security:united_states_department_of_state:malware:russia:fireeye:business_insider:the_pentagon:donald_trump:united_states_secretary_of_state:joe_biden:solarwinds:cyberattack:federal_government_of_the_united_states;kvsecure-darla=4-11-1%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830386%7C0%7C170%7CAdId=-41;BnId=2;ct=1914487186;st=13712;adcid=1;itime=825935749;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735823;imprefseq=135957967194302604;im...
5.ras.yahoo.com/ 1 B
33 B 429ms
50ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830386%7C0%7C170%7CAdId=-41;BnId=2;ct=1914487186;st=13712;adcid=1;itime=825935749;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735823;imprefseq=135957967194302604;imprefts=1682825935;adclntid=1004;spaceid=1197618800;adposition=LREC;lmsid=a0770000003N6b9AAC;revshare=lmsid%253Aa0770000003N6b9AAC%253Brevsp%253Abusiness%255Finsider%255Farticles%255F888%253Blpstaid%253A986b3626%252D7fe5%252D3ac6%252D943d%252D163ec6b9dd49%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=EPDodjEwLjJ_k6BNZE3izxGJMjYwNwAAAAByHFU3;sectionid=149676551;kvpgcolo=bf1;kvhashtag=1996000;kvrs=lmsid:a0770000003n6b9aac:business_insider_articles_888:content:pd:0:pct:story:pt:site:lu:news:ver:article:986b3626-7fe5-3ac6-943d-163ec6b9dd49:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1996000;kvsecure=true;kvmn=y403553;kvy-bucket=usnd-a20-seamless-int3;kvwiki_topics=mike_pompeo:computer_security:united_states_department_of_state:malware:russia:fireeye:business_insider:the_pentagon:donald_trump:united_states_secretary_of_state:joe_biden:solarwinds:cyberattack:federal_government_of_the_united_states;kvsecure-darla=4-11-1%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830387%7C0%7C170%7CAdId=-41;BnId=2;ct=1914487186;st=15984;adcid=1;itime=825935753;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735830;imprefseq=135957967194302607;im...
5.ras.yahoo.com/ 1 B
33 B 371ms
50ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830387%7C0%7C170%7CAdId=-41;BnId=2;ct=1914487186;st=15984;adcid=1;itime=825935753;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735830;imprefseq=135957967194302607;imprefts=1682825935;adclntid=1004;spaceid=1197618800;adposition=LREC2;lmsid=a0770000003N6b9AAC;revshare=lmsid%253Aa0770000003N6b9AAC%253Brevsp%253Abusiness%255Finsider%255Farticles%255F888%253Blpstaid%253A986b3626%252D7fe5%252D3ac6%252D943d%252D163ec6b9dd49%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=EPDodjEwLjJ_k6BNZE3izxGJMjYwNwAAAAByHFU3;sectionid=149676551;kvpgcolo=bf1;kvhashtag=1996000;kvrs=lmsid:a0770000003n6b9aac:business_insider_articles_888:content:pd:0:pct:story:pt:site:lu:news:ver:article:986b3626-7fe5-3ac6-943d-163ec6b9dd49:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1996000;kvsecure=true;kvmn=y403554;kvy-bucket=usnd-a20-seamless-int3;kvwiki_topics=mike_pompeo:computer_security:united_states_department_of_state:malware:russia:fireeye:business_insider:the_pentagon:donald_trump:united_states_secretary_of_state:joe_biden:solarwinds:cyberattack:federal_government_of_the_united_states;kvsecure-darla=4-11-1%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 200 p
geo.yahoo.com/ 43 B
73 B 26ms
25ms Ping
image/gif 2001:4998:58:207::6000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=1197618800&t=hW8HOU7lD2BXvzho,0.8059980480714335&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_a1s%03d%3DAQABBM_iTWQCEMHY-YpvW9Z_BAt2sE2gk38FEgEBAQE0T2RXZAAAAAAA_eMAAA%26S%3DAQAAAt47xNq-yC0w6D5gZjH_J3w%26j%3DWORLD%04_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03usnd-a20-seamless-int3%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04A_sid%03GG7kiyUtagps51uv%04_w%03news.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html%04_rid%0374hs03li4romf%04abk%03%04colo%03bf1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03news%04uh_vw%030%04navtype%03server%04p_cpos%031%04p_hosted%03hosted%04pcp%03Sophia%20Ankel%04pct%03story%04pd%03non_modal%04pl2%03seamless-article%04pstaid%03986b3626-7fe5-3ac6-943d-163ec6b9dd49%04pstaid_p%03986b3626-7fe5-3ac6-943d-163ec6b9dd49%04pstcat%03politics%04pt%03content%04ver%03article%04ns_ready%031075%04dcl_ready%03-209%04_E%03saready%04_ts%031682825936%04_ms%03629%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:56 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-11-1/js/ Frame A3A3 63 KB
27 KB 30ms
30ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-11-1/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

ccbc7dfef689bdf1699866b475312f85ff8c72fa5d3b245a1d46ce5905074dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 1ABZH4A49T19PKHT
age: 24601
x-amz-server-side-encryption: AES256
x-amz-id-2: siZ87x7N95Y423XXPNpNigQgdJsqbNdVA2plG0W9nIcRtyTxu90Oo7OY83iDU4G1xrAkLCfTDB0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Mar 2023 17:14:01 GMT
server: ATS
etag: "0de33909203cc96a72112b50c54741ef-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 user.sync Show response
api.taboola.com/1.2/json/taboola-usersync/ 83 B
544 B 56ms
22ms Fetch
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.taboola.com/1.2/json/taboola-usersync/user.sync?app.type=desktop&app.apikey=e60e3b54fc66bae12e060a4a66536126f26e6cf8
Requested by: Host: opus.analytics.yahoo.com
URL: https://opus.analytics.yahoo.com/tag/opus.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a6fc54777e4afee5614ed7da2ced8696a1077cb7eda487df558e55c0fa2f9cd

Request headers

Accept: application/json
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms: 12
date: Sun, 30 Apr 2023 03:38:56 GMT
via: 1.1 varnish
x-served-by: cache-yul12833-YUL
server: nginx
x-timer: S1682825937.725649,VS0,VE12
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://news.yahoo.com
content-type: application/json;charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 opus-frame.html Show response
opus.analytics.yahoo.com/tag/ Frame 28D2 10 KB
4 KB 19ms
18ms Document
text/html 152.199.24.48
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://opus.analytics.yahoo.com/tag/opus-frame.html?referrer=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&tbla_id=

Requested by

Host: opus.analytics.yahoo.com
URL: https://opus.analytics.yahoo.com/tag/opus.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.24.48 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/4772) /

Resource Hash

127da417ab9263afaf1ee5d6c0c065aad7e3ddf772fa284bcab7bd8cc8c3954d

Security Headers

Name	Value
Content-Security-Policy	default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 292499
content-encoding: gzip
content-length: 3654
content-security-policy: default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
content-type: text/html
date: Sun, 30 Apr 2023 03:38:56 GMT
etag: "1959f47a433a660df93bc786c3375d1f+gzip"
last-modified: Wed, 26 Apr 2023 18:22:28 GMT
server: ECAcc (nyb/4772)
vary: Accept-Encoding
x-amz-id-2: E/nhmEjt5WiTNLOvggWG0BVPJjlWhpDy99BhwJKVPw9XnYabYfUoumdjQxB5iMsNrliJHy6BDEQ=
x-amz-request-id: ZTNHR5VH9PNTQN0P
x-cache: HIT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/ Frame A3A3 281 KB
91 KB 130ms
33ms Script
text/javascript 2600:9000:24d1:9e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24d1:9e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d74d96afbd3b57db7982c92cb7d8e32a16206fae78536e86765d04a77a6bd4a5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:11:39 GMT
x-amz-version-id: uLghqYitOO4Nmc_bKwuZ1CGZwnAmCNil
content-encoding: br
last-modified: Sun, 30 Apr 2023 02:57:56 GMT
server: AmazonS3
via: 1.1 320446d48de33b9e6a0384a85f613b80.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD58-P2
etag: W/"bd167392832c12b2f3fe8e15da6efc02"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 1638
x-amz-cf-id: wzxBxRHdghAMFxLM3hoUtdcU2w3rpJ3rrriYFyQ0Zl5lNhE7ygE9gQ==

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830384%7C0%7C225%7CAdId=-41;BnId=2;ct=1914487186;st=9043;adcid=1;itime=825935747;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735796;imprefseq=135957967194302598;imp...
5.ras.yahoo.com/ Frame A3A3 1 B
202 B 358ms
87ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 / Show response
tsdtocl.com/ Frame 4ECD 786 B
1 KB 37ms
10ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tsdtocl.com/
Requested by: Host: opus.analytics.yahoo.com
URL: https://opus.analytics.yahoo.com/tag/opus.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c30f0f816ada3a1410045d740a98e4d2faf07fc74ffc0430678b21abbd05138

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1696
content-length: 786
content-type: text/html
date: Sun, 30 Apr 2023 03:38:56 GMT
etag: "fb5a4594b9ffef704d61bb6e6f80f145"
last-modified: Wed, 05 Jan 2022 19:36:57 GMT
server: AmazonS3
via: 1.1 varnish
x-amz-id-2: OE3a+UOf7eRuyJlXEtEIL4frmVffDyG1Xmymz7QC5tLl2JiwiyBVATs7u+YBlQ5kovjWov4orrA=
x-amz-replication-status: COMPLETED
x-amz-request-id: 5NF2ZW3KSR0HNTWM
x-amz-version-id: Qk4nobcRRphLiqVWi0NeSs0dand8kap0
x-cache: HIT
x-cache-hits: 840
x-served-by: cache-yul12827-YUL
x-timer: S1682825937.796110,VS0,VE0

GET
H2 200 sp-frame.html Show response
tag.idsync.analytics.yahoo.com/ Frame EC4F 8 KB
3 KB 83ms
17ms Document
text/html 152.195.14.41
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A//news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Requested by: Host: opus.analytics.yahoo.com
URL: https://opus.analytics.yahoo.com/tag/opus-frame.html?referrer=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&tbla_id=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.14.41 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D2D) /
Resource Hash: e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74

Request headers

Referer: https://opus.analytics.yahoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 151
content-encoding: gzip
content-length: 3220
content-type: text/html
date: Sun, 30 Apr 2023 03:38:56 GMT
etag: "324f9bb044d7d71fa083c18b96aa4662+gzip"
last-modified: Wed, 18 Aug 2021 13:17:52 GMT
server: ECS (nyb/1D2D)
vary: Accept-Encoding
x-amz-id-2: CqqXbs1/G+sHIQisN5oXJPQnnQkWs0TTr1qtySscitxFR+WJ0EF9dRo4mhvkZrVrXjpiH5XtZLU=
x-amz-request-id: VJW7HQ135B6XYBHD
x-amz-server-side-encryption: AES256
x-amzn-internal-status: 304
x-cache: HIT

GET
H2

200

19505
tags.bluekai.com/site/ Frame A780
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=BLKAI&orig=ono
https://ups.analytics.yahoo.com/ups/58739/cms?partner_id=BLKAI&orig=ono
https://tags.bluekai.com/site/19505?id=y-xznai8hE2pJrxahSWKbpOAAEr96o.Sfk_yA-~A

62 B
466 B

184ms
97ms

Image
image/gif

23.213.157.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/19505?id=y-xznai8hE2pJrxahSWKbpOAAEr96o.Sfk_yA-~A
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Server: 23.213.157.58 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-157-58.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 30 Apr 2023 03:38:57 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/19505?id=y-xznai8hE2pJrxahSWKbpOAAEr96o.Sfk_yA-~A
date: Sun, 30 Apr 2023 03:38:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame A780
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&orig=ono
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-oW7RhFdE2pE1tyqLn57fag33wBUxTAUJD0w-~A&redir=https%3A%2F%2Fcms.analytics.yahoo.com%2Fcms%2F%3Fpartner_id%3DADOBE%26_origin%3Dfalse%26_redirect%3Dfalse...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30646

42 B
956 B

90ms
90ms

Image
image/gif

54.213.70.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30646

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

HTTP/1.1

Server

54.213.70.181 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-213-70-181.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v044-0c1bd0627.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: gs2xWanRQAQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-2-v044-081e88f80.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: aV6hH3/CQg4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30646
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58692/ Frame A780
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NEUAR&orig=ono
https://ups.analytics.yahoo.com/ups/58692/cms?partner_id=NEUAR&orig=ono
https://aa.agkn.com/adscores/g.pixel?sid=9202214988&yho=y-M5erbFpE2p6iw6L1jS7ErYNIKq2I_vRBGrg-~A
https://cms.analytics.yahoo.com/cms?partner_id=NEUAR&_origin=false&_redirect=false&_hosted_id=213590604502002831112&gdpr=&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58692/cms?partner_id=NEUAR&_origin=false&_redirect=false&_hosted_id=213590604502002831112&gdpr=&gdpr_consent=

0
239 B

28ms
27ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58692/cms?partner_id=NEUAR&_origin=false&_redirect=false&_hosted_id=213590604502002831112&gdpr=&gdpr_consent=

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0107.pbp.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
content-language: en
location: https://ups.analytics.yahoo.com/ups/58692/cms?partner_id=NEUAR&_origin=false&_redirect=false&_hosted_id=213590604502002831112&gdpr=&gdpr_consent=
content-type: text/html
cache-control: no-store
content-length: 427

GET
H/1.1

200
OK

info2
uipglob.semasio.net/oath/1/ Frame A780
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=SEMAS&orig=ono&sInitiator=external
https://ups.analytics.yahoo.com/ups/58699/cms?partner_id=SEMAS&orig=ono&sInitiator=external
https://uipglob.semasio.net/oath/1/info?sType=sync&_sdv&sExtCookieId=y-H71ecStE2oNwgzdqLuEb0CKpUqzMFtAH.7I-~A&sInitiator=external
https://uipglob.semasio.net/oath/1/info2?sType=sync&_sdv&sExtCookieId=y-H71ecStE2oNwgzdqLuEb0CKpUqzMFtAH.7I-~A&sInitiator=external

42 B
604 B

33ms
33ms

Image
image/gif

50.57.31.206
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/oath/1/info2?sType=sync&_sdv&sExtCookieId=y-H71ecStE2oNwgzdqLuEb0CKpUqzMFtAH.7I-~A&sInitiator=external
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: HTTP/1.1
Server: 50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:57 GMT
Frontend-ID: 10
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type: image/gif
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Content-Length: 42
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:57 GMT
Frontend-ID: 9
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: /oath/1/info2?sType=sync&_sdv&sExtCookieId=y-H71ecStE2oNwgzdqLuEb0CKpUqzMFtAH.7I-~A&sInitiator=external
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 px.gif
www.yahoo.com/ 42 B
574 B 336ms
99ms Image
image/gif 2001:4998:124:1507::f000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yahoo.com/px.gif?ch=1&rn=0.587134344472281

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:124:1507::f000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage&region=US&lang=en-US&device=desktop&yrid=30m6of9i4romh&partner=; frame-ancestors 'self' https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.search.aol.com https://.search.huffpost.com htts://.verizonmedia.com https://.publishing.oath.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage&region=US&lang=en-US&device=desktop&yrid=30m6of9i4romh&partner=; frame-ancestors 'self' https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.search.aol.com https://*.search.huffpost.com htts://*.verizonmedia.com https://*.publishing.oath.com
x-amz-request-id: H4ZQNK2KWVPQB8Z2
age: 0
x-amz-server-side-encryption: AES256
content-length: 42
x-amz-id-2: SZLjl29WXk95CATMTaNoX0hov5LPVhEF7wbOXM1+fQRADLMzmoBBPHxEhQn8fOukCA/r2Iz2sro=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 30 Nov 2022 19:09:07 GMT
server: ATS
etag: "b4682377ddfbe4e7dabfddb2e543e842"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 px.gif
www.yahoo.com/ 42 B
893 B 334ms
98ms Image
image/gif 2001:4998:124:1507::f000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yahoo.com/px.gif?ch=2&rn=0.587134344472281

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:124:1507::f000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage&region=US&lang=en-US&device=desktop&yrid=088k935i4romh&partner=; frame-ancestors 'self' https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.search.aol.com https://.search.huffpost.com htts://.verizonmedia.com https://.publishing.oath.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage&region=US&lang=en-US&device=desktop&yrid=088k935i4romh&partner=; frame-ancestors 'self' https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.search.aol.com https://*.search.huffpost.com htts://*.verizonmedia.com https://*.publishing.oath.com
x-amz-request-id: H4ZQP217W6ER47F2
age: 0
x-amz-server-side-encryption: AES256
content-length: 42
x-amz-id-2: hGOKd99YMP3WF8C5AqOS/9zCk8f+52y0sAJlIUe7EnJQlMUL+uYEn1RIAyvGxOl6hnUffu5iVAw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 30 Nov 2022 19:09:07 GMT
server: ATS
etag: "b4682377ddfbe4e7dabfddb2e543e842"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes

POST
H2 200 p
geo.yahoo.com/ 43 B
73 B 23ms
22ms Ping
image/gif 2001:4998:58:207::6000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=1197618800&t=y8WihYUBQyMYFVaq,0.16031067361807283&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_a1s%03d%3DAQABBM_iTWQCEMHY-YpvW9Z_BAt2sE2gk38FEgEBAQE0T2RXZAAAAAAA_eMAAA%26S%3DAQAAAt47xNq-yC0w6D5gZjH_J3w%26j%3DWORLD%04_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03usnd-a20-seamless-int3%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04A_sid%03GG7kiyUtagps51uv%04_w%03news.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html%04_rid%0374hs03li4romf%04abk%03%04colo%03bf1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03news%04uh_vw%030%04navtype%03server%04p_cpos%031%04p_hosted%03hosted%04pcp%03Sophia%20Ankel%04pct%03story%04pd%03non_modal%04pl2%03seamless-article%04pstaid%03986b3626-7fe5-3ac6-943d-163ec6b9dd49%04pstaid_p%03986b3626-7fe5-3ac6-943d-163ec6b9dd49%04pstcat%03politics%04pt%03content%04ver%03article%04A_pfb%03483%04A_pbp%03357%04A_psr%03651%04A_pdi%031258%04A_pdl%0322%04A_psh%0324%04A_psc%03166%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031682825936%04_ms%03831%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:56 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame EC4F 4 KB
4 KB 173ms
26ms XHR
application/json 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?gdpr=false&euconsent=undefined&us_privacy=1---&referrer=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html

Requested by

Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A//news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

5adc4a431b3f005e06a46026ded9a65c6254efb1280ea436aadc7ea722e58f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tag.idsync.analytics.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: ATS/9.1.10.25
age: 0
content-type: application/json
access-control-allow-origin: https://tag.idsync.analytics.yahoo.com
cache-control: no-cache
access-control-allow-credentials: true

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame A3A3 0
217 B 137ms
52ms XHR
text/plain 2600:9000:2507:a200:10:43f:4352:ad61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2507:a200:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 30 Apr 2023 03:38:57 GMT
via: 1.1 a4183ed156210b7ee2a8130a2e031ad4.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD58-P7
content-length: 0
x-amz-cf-id: lKgaoxPPtGOmeehiI5TvOFHzHU7qlro0UpdoV8hLiGNTBRPxFLzk3A==
x-cache: Miss from cloudfront

GET
H2 200 adEvent.do Show response
prod-m-node-1111.ssp.advertising.com/admax/ Frame A3A3 43 B
238 B 120ms
24ms XHR
image/gif 3.221.202.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-m-node-1111.ssp.advertising.com/admax/adEvent.do?tidi=770771327&dcn=brxd4464051&posi=783199&grp=%3F%3F%3F&nl=1682825935791&rts=1682825935633&pix=1&et=1&a=EPDodjEwLjJ_k6BNZE3izxGJMjYwNwAAAAByHFU3-0&m=aXAtMTAtMjItNC0xNzI.&p=MC4wMDAwNQ&b=MTM4NzM7NDU5NztjYXNpbm9kYXlzLmNvbTs7Ozs1MWZlOGM5YmVkMjk0ZTJiOWFkNDI2ZDBjZDZkMWQzOTs0Mjc3NzQyNzsxNjgyODIxODQ3OzswLjAwMDA1OzswOzs1ZGNua2wyYTtiYTk3ZDBkYzRlNmU0NWVlY2ViMWQ0ZmFhNzdlYTRlYmE2MDA1YmFjOzE7MTs.&uid=y-gVYBFW9E2rNEjqmbL1V7UaLrMqne_O1gSI39vbJalBZ1%7EA&tsrctype=2&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxDQU4.&hb=true&type=5&bkts=MjkjMTIw&af=2&brxdPublisherId=20459933223&brxdSiteId=4464051&brxdSectionId=149676551&dety=2
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.202.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-202-206.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
last-modified: Thu, 27 Apr 2023 00:31:38 GMT
server: nginx
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://s.yimg.com
accept-ranges: bytes
content-length: 43

GET
H2 200 iframe Show response
c.bannerflow.net/scripts/ Frame 22C4 2 KB
1 KB 233ms
198ms Document
text/html 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2da5e0a4637e412b237d8a941f6800b3748cbdc969402c1cac8d3174e43d597e

Request headers

Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cf-cache-status: MISS
cf-ray: 7bfcc13a1c86713f-YUL
content-encoding: br
content-md5: pRIJ2/N21dbBjDWXiJP+cQ==
content-type: text/html
date: Sun, 30 Apr 2023 03:38:57 GMT
last-modified: Wed, 29 Mar 2023 06:31:05 GMT
server: cloudflare
vary: Accept-Encoding
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 01378978-f01e-0092-3c15-7b69f0000000
x-ms-version: 2011-08-18

GET
H2 200 ca Show response
choices.truste.com/ Frame A3A3 27 KB
10 KB 134ms
58ms Script
text/javascript 18.160.225.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=qsus68b_zcnuy12_5dcnkl2a&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.225.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-225-129.ord58.r.cloudfront.net

Software

nginx /

Resource Hash

dec7fbc40686507059898081c8548c6129ac91bb97aa607f930112107f56a07d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 6af19ee26bf6ed454c71e179bec18e3c.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: ORD58-P4
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: gNfVl7n4yVoPT6WPsmMCf1dfvnjT1IfcASV5SN486KKEl5F-xLWqUg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame A3A3
Redirect Chain

https://usw-ca2.adsrvr.org/bid/feedback/rightmedia?t=1&iid=2610ccd1-bedc-4d05-b66c-c372cf9540e9&crid=5dcnkl2a&wp=0.05&aid=51fe8c9bed294e2b9ad426d0cd6d1d39-1&wpc=USD&sfe=168562cf&puid=&tdid=&pid=4pz...
https://ups.analytics.yahoo.com/ups/55953/sync?uid=40022b3b-2005-4517-8542-406606e8d366&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-mqqowrVE2uJqGZBy3qmpFpB5RVwWsq0-~A&gdpr=0

70 B
497 B

27ms
26ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-mqqowrVE2uJqGZBy3qmpFpB5RVwWsq0-~A&gdpr=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-mqqowrVE2uJqGZBy3qmpFpB5RVwWsq0-~A&gdpr=0
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame A3A3 3 KB
4 KB 111ms
27ms Script
application/javascript 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58294,58292,55972,58222,55986,56557,55964,55940,57926,57628,58529,58382&referrer=&limit=12&us_privacy=null&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

b51a3ca56424f87be3ccb2f4fc69426ff86edb91faca6a9d2e9bb603c21fe838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adfeedback-1.0.108.js Show response
s.yimg.com/cb/af/ Frame A3A3 129 KB
32 KB 34ms
31ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cb/af/adfeedback-1.0.108.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: FR3PQ9871MYCWW9R
age: 4499
x-amz-server-side-encryption: AES256
x-amz-id-2: fyaoKcJv4mBUQPBI0gFyZlSATAsmOvCu8h0gKdyQa6wF7h6XN44E4GgOqe59uuCmfidbWhi1mGw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 01:19:31 GMT
server: ATS
etag: "dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame A3A3 69 KB
16 KB 99ms
29ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WRWCTJ258ECY2D8Z
age: 6725
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: Rotpk5MOCxjiyWZ9j8VwsmO1ta/cazG8Ee89PBMLt86SOxPr9/V3h9xoIc9aEMYMDB46xuSQVIU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 usync
onevideosync.uplynk.com/ Frame 5A86 0
196 B 246ms
23ms Image
text/plain 18.211.69.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onevideosync.uplynk.com/usync?key=onevideo&comboId=y-nLPVcYRE2uEEAhzZ60OiBkcsrvkverlm~A&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.69.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-69-177.compute-1.amazonaws.com
Software: ribs2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
server: ribs2.0
content-length: 0
content-type: text/plain

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5A86
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1NZzVrOHQxRTJ1RzN1MHRJTHZDUTJsNTJia3YxNFdqVX5B&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1NZzVrOHQxRTJ1RzN1MHRJTHZDUTJsNTJia3YxNFdqVX5B&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=&google_tc=

170 B
244 B

42ms
41ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1NZzVrOHQxRTJ1RzN1MHRJTHZDUTJsNTJia3YxNFdqVX5B&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=&google_tc=

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1NZzVrOHQxRTJ1RzN1MHRJTHZDUTJsNTJia3YxNFdqVX5B&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 389
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

y-MdYAn0lE2uJtEOKtR8tL0D.cDcUKdFM-~A
pr-bh.ybp.yahoo.com/sync/adtech/ Frame 5A86
Redirect Chain

https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true
https://pr-bh.ybp.yahoo.com/sync/adtech/y-MdYAn0lE2uJtEOKtR8tL0D.cDcUKdFM-~A

43 B
458 B

85ms
28ms

Image
image/gif

2600:1f18:4e9:5a07:c5bd:680d:2822:1831
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adtech/y-MdYAn0lE2uJtEOKtR8tL0D.cDcUKdFM-~A

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Server

2600:1f18:4e9:5a07:c5bd:680d:2822:1831 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-disposition: inline;filename=f.txt
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/adtech/y-MdYAn0lE2uJtEOKtR8tL0D.cDcUKdFM-~A
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

28A9667348D76D8A104E757049EC6CB8
pr-bh.ybp.yahoo.com/sync/msn/ Frame 5A86
Redirect Chain

https://c.bing.com/c.gif?Red3=OATHMS_pd
https://pr-bh.ybp.yahoo.com/sync/msn/28A9667348D76D8A104E757049EC6CB8

43 B
426 B

56ms
29ms

Image
image/gif

2600:1f18:4e9:5a07:c5bd:680d:2822:1831
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/msn/28A9667348D76D8A104E757049EC6CB8

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Server

2600:1f18:4e9:5a07:c5bd:680d:2822:1831 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81881AFF1494491E9B19EC7EFD585459 Ref B: YMQ01EDGE0609 Ref C: 2023-04-30T03:38:57Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://pr-bh.ybp.yahoo.com/sync/msn/28A9667348D76D8A104E757049EC6CB8
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

8E56FC87-C7CD-409D-ACAD-C6740AF7784E&gdpr=0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5A86
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=undefined&gpp_sid=&gpp=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-mecNXXVE2uWJv...
https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=undefined&gpp_sid=&gpp=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-mecNXXVE2uWJv...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEU1NkZDODctQzdDRC00MDlELUFDQUQtQzY3NDBBRjc3ODRF&gdpr=0&gdpr_consent=undefined
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=undefined
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=undefined
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=&partnerID=156078&pmc=1&pr=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58292%2Fsync%3F_origin%3D0%26gdpr%3D0%2...
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=0&gdpr=0&gdpr_consent=undefined&gpp_sid=&gpp=&uid=8E56FC87-C7CD-409D-ACAD-C6740AF7784E&redir2=true
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8E56FC87-C7CD-409D-ACAD-C6740AF7784E&gdpr=0

43 B
426 B

28ms
28ms

Image
image/gif

2600:1f18:4e9:5a07:c5bd:680d:2822:1831
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/8E56FC87-C7CD-409D-ACAD-C6740AF7784E&gdpr=0

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Server

2600:1f18:4e9:5a07:c5bd:680d:2822:1831 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/pubmatic/8E56FC87-C7CD-409D-ACAD-C6740AF7784E&gdpr=0
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55953/ Frame 5A86
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=aef834df-63b1-4eaf-8e89-772e7531eb1a&_origin=0&gdpr=0&gdpr_consent=

0
247 B

26ms
26ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=aef834df-63b1-4eaf-8e89-772e7531eb1a&_origin=0&gdpr=0&gdpr_consent=

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=aef834df-63b1-4eaf-8e89-772e7531eb1a&_origin=0&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 267

GET

setuid
ib.adnxs.com/prebid/ Frame 5A86
Redirect Chain

https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=
https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-zqY4j_hE2uHYzKEOM7vD.S7gpB_4gg--~A&gdpr=0

0
0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58281/ Frame 5A86
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EYVppTnE5RTJ1RzlTcGxqS1Q1aE5RaWVPZS5SamNVeH5B&gdpr=0&gdpr_consent=undefined&_origin=0&gpp=&gpp_sid=
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EYVppTnE5RTJ1RzlTcGxqS1Q1aE5RaWVPZS5SamNVeH5B&gdpr=0&gdpr_consent=undefined&_origin=0&gpp=&gpp_sid=&google_tc=
https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=undefined&_origin=0&gpp=&gpp_sid=

0
247 B

26ms
23ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=undefined&_origin=0&gpp=&gpp_sid=

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=undefined&_origin=0&gpp=&gpp_sid=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/56613/ Frame 5A86 0
222 B 30ms
28ms Image
text/plain 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56613/sync?_origin=0&gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

xuid
eb2.3lift.com/ Frame 5A86
Redirect Chain

https://eb2.3lift.com/getuid?&gdpr=0&cmp_cs=undefined&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D...
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=undefined&us_privacy=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%...
https://ups.analytics.yahoo.com/ups/58382/sync?_origin=0&ums2=0&redir=true&uid=2721268965583522060162&gdpr=0&gdpr_consent=undefined&gpp_sid=&gpp=
https://eb2.3lift.com/sync?px=1&gdpr=0&axid=y-RtmEYBRE2uL9dX8oCIE9AVZfeRlhvFE_~A&ums2=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=40022b3b-2005-4517-8542-406606e8d366&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
355 B

25ms
25ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=40022b3b-2005-4517-8542-406606e8d366&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 03:38:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=40022b3b-2005-4517-8542-406606e8d366&dongle=0cfd&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 251

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame FADF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=175407&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26u...
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&gdpr=0&gdpr_consent=&s=1...

2 KB
3 KB

20ms
19ms

Document
text/html

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&gdpr=0&gdpr_consent=&s=175407&C=1
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 2db24362a9418e50935d3562c86c71edbdea73206cf031d73fca2d96198a429c

Request headers

Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1888
Content-Type: text/html
Date: Sun, 30 Apr 2023 03:38:57 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Sun, 30 Apr 2023 03:38:57 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&gdpr=0&gdpr_consent=&s=175407&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58294/ Frame A3A3
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26g...
https://us-u.openx.net/w/1.0/cm?cc=1&id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D...
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=a6b45b46-279a-48f8-ae32-0651f52dec4d

0
17 B

27ms
27ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=a6b45b46-279a-48f8-ae32-0651f52dec4d

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Sun, 30 Apr 2023 03:38:57 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=a6b45b46-279a-48f8-ae32-0651f52dec4d
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

8E56FC87-C7CD-409D-ACAD-C6740AF7784E&gdpr=0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A3A3
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-mecNXXVE2uWJvpBtOZ4TRT...
https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-mecNXXVE2uWJvpBtOZ4TRT...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzg3MzJDQzYtNTc0Qy00RkJGLUIxMkYtQTRGQjk0RDg4NzhC&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=undefined&gpp=&gpp_sid=&partnerID=156078&pmc=1&pr=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58292%2Fsync%3F_origin%3D0%26gdpr%3D0%2...
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=0&gdpr=0&gdpr_consent=undefined&gpp_sid=&gpp=&uid=8E56FC87-C7CD-409D-ACAD-C6740AF7784E&redir2=true
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8E56FC87-C7CD-409D-ACAD-C6740AF7784E&gdpr=0

43 B
603 B

28ms
27ms

Image
image/gif

2600:1f18:4e9:5a07:c5bd:680d:2822:1831
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/8E56FC87-C7CD-409D-ACAD-C6740AF7784E&gdpr=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Server

2600:1f18:4e9:5a07:c5bd:680d:2822:1831 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/pubmatic/8E56FC87-C7CD-409D-ACAD-C6740AF7784E&gdpr=0
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55972/ Frame A3A3
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558299&ev=1&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55972%2Fsync%3Fuid%3D%25%25VGUID%25%25%26_origin%3D0
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=XzFjU0tGYmdRVkNOLTRKZmFSbWZTQQ&gdpr=&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_hm=XzFjU0tGYmdRVkNOLTRKZmFSbWZTQQ&gdpr=&gdpr_consent=&google_tc=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEJDBfq9MCLkiiWlYfX6htVM&google_cver=1
https://ups.analytics.yahoo.com/ups/55972/sync?uid=wJzWN8AA4XC9&_origin=0&ev=1&gpp_sid=&gpp=&pid=558299&gdpr_consent=&gdpr=0

0
17 B

26ms
26ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55972/sync?uid=wJzWN8AA4XC9&_origin=0&ev=1&gpp_sid=&gpp=&pid=558299&gdpr_consent=&gdpr=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-CA
location: https://ups.analytics.yahoo.com/ups/55972/sync?uid=wJzWN8AA4XC9&_origin=0&ev=1&gpp_sid=&gpp=&pid=558299&gdpr_consent=&gdpr=0
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6c7cb7447-whv5f
expires: -1

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58222/ Frame A3A3
Redirect Chain

https://contextual.media.net/cksync.php?cs=3&type=vzn&ovsid=y-ox5tDsJE2uFM8q3t.7fbI3mwVrVg4Dpl~A&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsy...
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3258275371455332000V10&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

0
17 B

25ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3258275371455332000V10&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 30 Apr 2023 03:38:57 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3258275371455332000V10&gdpr=0&gdpr_consent=&gpp_sid=&gpp=
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Sun, 30 Apr 2023 03:38:57 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55986/ Frame A3A3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/eknnbrON?gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0%26gdpr%3D...
https://sync-tm.everesttech.net/ct/upi/pid/eknnbrON?gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0%26gdpr...
https://ups.analytics.yahoo.com/ups/55986/sync?uid=ZE3i0QAGellArAA9&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&_test=ZE3i0QAGellArAA9

0
17 B

26ms
26ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55986/sync?uid=ZE3i0QAGellArAA9&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&_test=ZE3i0QAGellArAA9

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

x-served-by: cache-yyz4552-YYZ
pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1682825937.167797,VS0,VE0
x-cache: HIT
location: https://ups.analytics.yahoo.com/ups/55986/sync?uid=ZE3i0QAGellArAA9&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&_test=ZE3i0QAGellArAA9
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 204 CookieBrightroll
rtb.adentifi.com/ Frame A3A3 0
36 B 93ms
24ms Image
text/plain 54.226.241.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieBrightroll?gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.226.241.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-241-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55964/ Frame A3A3
Redirect Chain

https://um.simpli.fi/yahoo?_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://ups.analytics.yahoo.com/ups/55964/sync?uid=B7F28402B343451C968533164C290EDF&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=

0
265 B

25ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55964/sync?uid=B7F28402B343451C968533164C290EDF&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ups.analytics.yahoo.com/ups/55964/sync?uid=B7F28402B343451C968533164C290EDF&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 29 Apr 2023 03:38:57 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/57926/ Frame A3A3
Redirect Chain

https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&tc=1
https://ups.analytics.yahoo.com/ups/57926/sync?uid=p05yXL96p4Ssu0UCcsXY&pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&tc=1

0
283 B

26ms
26ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57926/sync?uid=p05yXL96p4Ssu0UCcsXY&pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&tc=1

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57926/sync?uid=p05yXL96p4Ssu0UCcsXY&pi=aol&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&tc=1
pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT, Sun, 30 Apr 2023 03:38:57 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/57628/ Frame A3A3
Redirect Chain

https://a.tribalfusion.com/i.match?p=b17&u=y-FXg_LWBE2uhdwonF5dmb_Rkgl36kFfI-~A&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F57628%2Fsync%3F_origin%3D0%...
https://s.tribalfusion.com/z/i.match?p=b17&u=y-FXg_LWBE2uhdwonF5dmb_Rkgl36kFfI-~A&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F57628%2Fsync%3F_origin%3D...
https://ups.analytics.yahoo.com/ups/57628/sync?_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=18072662259299574469

0
17 B

27ms
27ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57628/sync?_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=18072662259299574469

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 121
content-type: text/html
location: https://ups.analytics.yahoo.com/ups/57628/sync?_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=18072662259299574469
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7bfcc13bcd794bd1-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58529/ Frame A3A3
Redirect Chain

https://ads.yieldmo.com/verizonsync?&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://ups.analytics.yahoo.com/ups/58529/sync?uid=gc50329cd6ebcc4d7e1b&_origin=0&gdpr=0&gdpr_consent=

0
275 B

25ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58529/sync?uid=gc50329cd6ebcc4d7e1b&_origin=0&gdpr=0&gdpr_consent=

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://ups.analytics.yahoo.com/ups/58529/sync?uid=gc50329cd6ebcc4d7e1b&_origin=0&gdpr=0&gdpr_consent=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2

200

ebda
eb2.3lift.com/ Frame A3A3
Redirect Chain

https://eb2.3lift.com/getuid?&gdpr=0&cmp_cs=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_...
https://ups.analytics.yahoo.com/ups/58382/sync?_origin=0&ums2=0&redir=true&uid=2721268965583522060162&gdpr=0&gdpr_consent=&gpp_sid=&gpp=
https://eb2.3lift.com/sync?px=1&gdpr=0&axid=y-RtmEYBRE2uL9dX8oCIE9AVZfeRlhvFE_~A&ums2=1
https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjcyMTI2ODk2NTU4MzUyMjA2MDE2Mg%3D%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
140 B

25ms
24ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6411e6dbc0f1dce23d450aaa Show response
c.bannerflow.net/a/ Frame 22C4 69 KB
23 KB 111ms
110ms Script
application/javascript 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/6411e6dbc0f1dce23d450aaa?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650&container=.creative
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7993d5719f1cf03b51f4924edd2d51e31f87978ea62fb9e646c857f2c388e7f7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 30 Apr 2023 03:38:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 7bfcc13b6ec9713f-YUL
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FADF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3i0bSC4Us4CNLOagYBPAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1

43 B
632 B

18ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&gdpr=0&gdpr_consent=&s=175407&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame FADF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMBZmAQcJO3zm9gak82ogAc&google_cver=1

43 B
766 B

18ms
17ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMBZmAQcJO3zm9gak82ogAc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&gdpr=0&gdpr_consent=&s=175407&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMBZmAQcJO3zm9gak82ogAc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame FADF 70 B
497 B 27ms
25ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&gdpr=0&gdpr_consent=&s=175407&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame FADF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

46ms
46ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&gdpr=0&gdpr_consent=&s=175407&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RX8G38KF1C3YDTN18S8A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: G38N3CMC7WBE78NWSASQ
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame FADF
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://casale-match.dotomi.com/match/bounce/current?DotomiTest=165377791c2121a1&is_secure=true&networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMB99YKhL4UQNeGALBAAAAAAA&expiration=1682912337&is_secure=true

43 B
632 B

190ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMB99YKhL4UQNeGALBAAAAAAA&expiration=1682912337&is_secure=true
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&gdpr=0&gdpr_consent=&s=175407&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMB99YKhL4UQNeGALBAAAAAAA&expiration=1682912337&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame FADF
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://x.bidswitch.net/ul_cb/sync?ssp=index
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=6c83439e-d517-4612-9960-cbdcac3931d0&gdpr=&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=6c83439e-d517-4612-9960-cbdcac3931d0&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=989ecf95-abe1-4a9c-a74c-f0f07c202d98&ssp=index&expires=30&user_group=5&bsw_param=6c83439e-d517-4612-9960-cbdcac3931d0
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=6c83439e-d517-4612-9960-cbdcac3931d0&gdpr=&gdpr_consent=&us_privacy=

43 B
632 B

19ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=6c83439e-d517-4612-9960-cbdcac3931d0&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&gdpr=0&gdpr_consent=&s=175407&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=6c83439e-d517-4612-9960-cbdcac3931d0&gdpr=&gdpr_consent=&us_privacy=
Date: Sun, 30 Apr 2023 03:38:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FADF
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3661470049074716140

43 B
632 B

30ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3661470049074716140
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&gdpr=0&gdpr_consent=&s=175407&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Date: Sun, 30 Apr 2023 03:38:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d3ea925a-7613-4a4f-867b-0a30e9c66c2c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3661470049074716140
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FADF
Redirect Chain

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=80a98190-5401-4876-982d-f0dcdd7b8480&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

43 B
632 B

19ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=80a98190-5401-4876-982d-f0dcdd7b8480&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&gdpr=0&gdpr_consent=&s=175407&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=80a98190-5401-4876-982d-f0dcdd7b8480&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date: Sun, 30 Apr 2023 03:38:57 GMT
server: _
content-length: 0

GET
H2

200

ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FADF
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=0&redir2=true&gdpr=0&gdpr_consent=&uid=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB
https://pr-bh.ybp.yahoo.com/sync/casale/ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB

43 B
603 B

28ms
28ms

Image
image/gif

2600:1f18:4e9:5a07:c5bd:680d:2822:1831
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB

Requested by

Protocol

Server

2600:1f18:4e9:5a07:c5bd:680d:2822:1831 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 performance
www.yahoo.com/_td_api/beacon/ 0
659 B 26ms
26ms Image
image/gif 2001:4998:124:1507::f000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yahoo.com/_td_api/beacon/performance?ybar-init_0=0.3999977111816406&ybar-mod-topnavigation_0=1.3000030517578125&ybar-mod-sidenav_0=0.09999847412109375&ybar-mod-logo_0=0.3000030517578125&ybar-mod-searchbox_0=0.3999977111816406&ybar-mod-assistjs_0=1.8999977111816406&ybar-mod-navigation_0=0&ybar-account-init_0=0.5&ybar-mail-init_0=1.3000030517578125&ybar-mod-navigation_1=2.3999977111816406&first-paint_0=1072.5&first-contentful-paint_1=1072.5&ybar-sticky_0=0.20000076293945312&src=ybar&_rdn=937214&apptype=&rid=74hs03li4romf&bucket=usnd-a20-seamless-int3&device=desktop&osName=windows%20nt&browserName=chrome&browserVersion=112.0&site=news

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:124:1507::f000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage&region=US&lang=en-US&device=desktop&yrid=2ts2fjpi4romh&partner=; frame-ancestors 'self' https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.search.aol.com https://.search.huffpost.com htts://.verizonmedia.com https://.publishing.oath.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Apr 2023 03:38:57 GMT
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage&region=US&lang=en-US&device=desktop&yrid=2ts2fjpi4romh&partner=; frame-ancestors 'self' https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.search.aol.com https://*.search.huffpost.com htts://*.verizonmedia.com https://*.publishing.oath.com
age: 0
x-powered-by: Express
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_beaconeater.media.yahoo.com
content-type: image/gif
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
jill.fc.yahoo.com/v2/ads/ 9 KB
4 KB 367ms
291ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jill.fc.yahoo.com/v2/ads/js?jacVersion=1.5.0&config=%7B%22adServer%22%3A%7B%22PG%22%3A%7B%22siteAttributes%22%3A%7B%22Y-BUCKET%22%3A%22usnd-a20-seamless-int3%22%2C%22wiki_topics%22%3A%22Mike_Pompeo%3BSolarWinds%3BUnited_States_Department_of_State%3BCyberattack%3BFederal_government_of_the_United_States%3BUnited_States_Secretary_of_State%3BDonald_Trump%3BFireEye%3BJoe_Biden%3BComputer_security%3BMalware%3BRussia%3BBusiness_Insider%3BThe_Pentagon%22%2C%22ctopid%22%3A%221996000%22%2C%22hashtag%22%3A%221996000%22%2C%22rs%22%3A%22lmsid%3Aa0770000003N6b9AAC%3Brevsp%3Abusiness_insider_articles_888%3Blpstaid%3A986b3626-7fe5-3ac6-943d-163ec6b9dd49%3Bpt%3Acontent%3Bpd%3Anon_modal%3Bver%3Aarticle%3Bpct%3Astory%3Blu%3A0%22%2C%22geminifed%22%3A%221%22%2C%22ctout%22%3A%22380%22%7D%7D%7D%2C%22positions%22%3A%7B%22LREC-1%22%3A%7B%22id%22%3A%22LREC%22%2C%22size%22%3A%5B%22300x250%22%5D%7D%2C%22MON-1%22%3A%7B%22id%22%3A%22MON%22%2C%22size%22%3A%5B%22300x600%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22fp%22%2C%22pageSessionId%22%3A%22ef308cb91%22%2C%22spaceId%22%3A%221197618800%22%2C%22url%22%3A%22https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A5%2C%22applies%22%3A0%7D%2C%22ccpa%22%3A%7B%22apiStatus%22%3A5%2C%22usPrivacy%22%3A%221---%22%7D%7D%7D%2C%22requestId%22%3A1%2C%22metrics%22%3Atrue%7D

Requested by

Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

91503fa3b29a29bb5390b21c9af1dcc7a2cc2c74977e3f628baf1193987f707d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 0
x-xss-protection: 1; mode=block
x-request-id: 28a6691a3fac1a677409ae6c577658bc873349
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
x-robots-tag: noindex, noarchive, nosnippet, nofollow
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Cache-Control,Content-Language,Content-Type,Cookie,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With

GET
H2 200 js Show response
jill.fc.yahoo.com/v2/ads/ 14 KB
5 KB 353ms
281ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jill.fc.yahoo.com/v2/ads/js?jacVersion=1.5.0&config=%7B%22adServer%22%3A%7B%22PG%22%3A%7B%22siteAttributes%22%3A%7B%22Y-BUCKET%22%3A%22usnd-a20-seamless-int3%22%2C%22wiki_topics%22%3A%22Mike_Pompeo%3BSolarWinds%3BUnited_States_Department_of_State%3BCyberattack%3BFederal_government_of_the_United_States%3BUnited_States_Secretary_of_State%3BDonald_Trump%3BFireEye%3BJoe_Biden%3BComputer_security%3BMalware%3BRussia%3BBusiness_Insider%3BThe_Pentagon%22%2C%22ctopid%22%3A%221996000%22%2C%22hashtag%22%3A%221996000%22%2C%22rs%22%3A%22lmsid%3Aa0770000003N6b9AAC%3Brevsp%3Abusiness_insider_articles_888%3Blpstaid%3A986b3626-7fe5-3ac6-943d-163ec6b9dd49%3Bpt%3Acontent%3Bpd%3Anon_modal%3Bver%3Aarticle%3Bpct%3Astory%3Blu%3A0%22%2C%22geminifed%22%3A%221%22%2C%22ctout%22%3A%22380%22%7D%7D%7D%2C%22positions%22%3A%7B%22LREC2-1%22%3A%7B%22id%22%3A%22LREC2%22%2C%22size%22%3A%5B%22300x250%22%5D%7D%2C%22MON2-1%22%3A%7B%22id%22%3A%22MON2%22%2C%22size%22%3A%5B%22300x600%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22fp%22%2C%22pageSessionId%22%3A%22ef308cb91%22%2C%22spaceId%22%3A%221197618800%22%2C%22url%22%3A%22https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A5%2C%22applies%22%3A0%7D%2C%22ccpa%22%3A%7B%22apiStatus%22%3A5%2C%22usPrivacy%22%3A%221---%22%7D%7D%7D%2C%22requestId%22%3A2%2C%22metrics%22%3Atrue%7D

Requested by

Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

72cba96ed171282ee756c3e6a6d87fb8bf9013fe9a4ea693a01ff5acaea8ec0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 0
x-xss-protection: 1; mode=block
x-request-id: 2966627d9cab7bc50aba4daa0a08c735d13353
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
x-robots-tag: noindex, noarchive, nosnippet, nofollow
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Cache-Control,Content-Language,Content-Type,Cookie,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/megalotto/5f7472ffab198f201c14e16d/published/4165006/5075065/ Frame 22C4 13 KB
13 KB 18ms
18ms Image
image/jpeg 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/megalotto/5f7472ffab198f201c14e16d/published/4165006/5075065/preload.jpg
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de83547b365a3952ac3a3ac8c81add0b93b255044f92d5163299117134b5e56d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 03:38:57 GMT
cf-cache-status: HIT
age: 1482806
content-length: 12825
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Wed, 15 Mar 2023 15:45:25 GMT
server: cloudflare
etag: "0x8DB256C4B81E15A"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: d0c79490-f01e-0014-4f98-6da549000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 7bfcc13c2fd4713f-YUL

POST
H2 200 5f7472ffab198f201c14e16d
c.bannerflow.net/tr/v2/pixel/ Frame 22C4 0
80 B 43ms
42ms Ping
text/plain 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/5f7472ffab198f201c14e16d
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6411e6dbc0f1dce23d450aaa?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bfcc13c4813713f-YUL
content-length: 0
request-context: appId=cid-v1:1fcf03fc-fba3-4651-852f-a11a7fdec64e

GET
H2 200 safeframe.html Show response
jac.yahoosandbox.com/1.5.0/ Frame 98EE 413 B
742 B 36ms
28ms Document
text/html 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/1.5.0/safeframe.html

Requested by

Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

efb208541e1c24936a12459cbab20dfa0aa80ba28e8d6e650e193e00e13c93b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
age: 260360
cache-control: max-age=31536000,s-maxage=31536000
content-length: 413
content-type: text/html
date: Thu, 27 Apr 2023 03:19:38 GMT
etag: "ddcbb328f37e5fb60a19139151a6d7c6"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
x-amz-id-2: msTBRuop6sXF+QM0QlW+2qwYEBrt0QK8PfqKOnUf1bhZC7Pl4FIMvTgYuoT6VmP3ASLD3Cq7iTmviY1ZbtKMfw==
x-amz-request-id: BMAX0572JPS51Z9K
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 safeframe.html Show response
jac.yahoosandbox.com/1.5.0/ Frame 2034 413 B
451 B 28ms
28ms Document
text/html 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/1.5.0/safeframe.html

Requested by

Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

efb208541e1c24936a12459cbab20dfa0aa80ba28e8d6e650e193e00e13c93b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
age: 260360
cache-control: max-age=31536000,s-maxage=31536000
content-length: 413
content-type: text/html
date: Thu, 27 Apr 2023 03:19:38 GMT
etag: "ddcbb328f37e5fb60a19139151a6d7c6"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
x-amz-id-2: msTBRuop6sXF+QM0QlW+2qwYEBrt0QK8PfqKOnUf1bhZC7Pl4FIMvTgYuoT6VmP3ASLD3Cq7iTmviY1ZbtKMfw==
x-amz-request-id: BMAX0572JPS51Z9K
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 safeframe.html Show response
jac.yahoosandbox.com/1.5.0/ Frame ADD4 413 B
451 B 28ms
28ms Document
text/html 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/1.5.0/safeframe.html

Requested by

Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

efb208541e1c24936a12459cbab20dfa0aa80ba28e8d6e650e193e00e13c93b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
age: 260360
cache-control: max-age=31536000,s-maxage=31536000
content-length: 413
content-type: text/html
date: Thu, 27 Apr 2023 03:19:38 GMT
etag: "ddcbb328f37e5fb60a19139151a6d7c6"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
x-amz-id-2: msTBRuop6sXF+QM0QlW+2qwYEBrt0QK8PfqKOnUf1bhZC7Pl4FIMvTgYuoT6VmP3ASLD3Cq7iTmviY1ZbtKMfw==
x-amz-request-id: BMAX0572JPS51Z9K
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 safeframe.html Show response
jac.yahoosandbox.com/1.5.0/ Frame 79AD 413 B
451 B 29ms
28ms Document
text/html 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/1.5.0/safeframe.html

Requested by

Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

efb208541e1c24936a12459cbab20dfa0aa80ba28e8d6e650e193e00e13c93b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
age: 260360
cache-control: max-age=31536000,s-maxage=31536000
content-length: 413
content-type: text/html
date: Thu, 27 Apr 2023 03:19:38 GMT
etag: "ddcbb328f37e5fb60a19139151a6d7c6"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
x-amz-id-2: msTBRuop6sXF+QM0QlW+2qwYEBrt0QK8PfqKOnUf1bhZC7Pl4FIMvTgYuoT6VmP3ASLD3Cq7iTmviY1ZbtKMfw==
x-amz-request-id: BMAX0572JPS51Z9K
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 jac.js Show response
jac.yahoosandbox.com/1.5.0/ Frame 98EE 130 KB
39 KB 29ms
29ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/1.5.0/jac.js

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

dffbef41df2c457469eaeafc355c043a0afbac1acae8528abf084429a3d6d2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WBBZMMCMCJWBAXXH
age: 775495
x-amz-server-side-encryption: AES256
content-length: 39811
x-amz-id-2: mhXjbVMz1lKc7I4Z2Osbmj/8dj5NQNn5fBaA7MGVqVKjlW7riU4+aogSNK3CPkhhQudFwp/zGEE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
server: ATS
etag: "ba7ab9e2045b668f3f93509ade11995d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes

GET
H2 200 jac.js Show response
jac.yahoosandbox.com/1.5.0/ Frame 2034 130 KB
39 KB 41ms
41ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/1.5.0/jac.js

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

dffbef41df2c457469eaeafc355c043a0afbac1acae8528abf084429a3d6d2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WBBZMMCMCJWBAXXH
age: 775495
x-amz-server-side-encryption: AES256
content-length: 39811
x-amz-id-2: mhXjbVMz1lKc7I4Z2Osbmj/8dj5NQNn5fBaA7MGVqVKjlW7riU4+aogSNK3CPkhhQudFwp/zGEE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
server: ATS
etag: "ba7ab9e2045b668f3f93509ade11995d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes

GET
H2 200 jac.js Show response
jac.yahoosandbox.com/1.5.0/ Frame ADD4 130 KB
39 KB 54ms
54ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/1.5.0/jac.js

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

dffbef41df2c457469eaeafc355c043a0afbac1acae8528abf084429a3d6d2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WBBZMMCMCJWBAXXH
age: 775495
x-amz-server-side-encryption: AES256
content-length: 39811
x-amz-id-2: mhXjbVMz1lKc7I4Z2Osbmj/8dj5NQNn5fBaA7MGVqVKjlW7riU4+aogSNK3CPkhhQudFwp/zGEE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
server: ATS
etag: "ba7ab9e2045b668f3f93509ade11995d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes

GET
H2 200 jac.js Show response
jac.yahoosandbox.com/1.5.0/ Frame 79AD 130 KB
39 KB 47ms
46ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/1.5.0/jac.js

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

dffbef41df2c457469eaeafc355c043a0afbac1acae8528abf084429a3d6d2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WBBZMMCMCJWBAXXH
age: 775495
x-amz-server-side-encryption: AES256
content-length: 39811
x-amz-id-2: mhXjbVMz1lKc7I4Z2Osbmj/8dj5NQNn5fBaA7MGVqVKjlW7riU4+aogSNK3CPkhhQudFwp/zGEE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
server: ATS
etag: "ba7ab9e2045b668f3f93509ade11995d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/ Frame 98EE 281 KB
91 KB 31ms
31ms Script
text/javascript 2600:9000:24d1:9e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24d1:9e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d74d96afbd3b57db7982c92cb7d8e32a16206fae78536e86765d04a77a6bd4a5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:11:39 GMT
x-amz-version-id: uLghqYitOO4Nmc_bKwuZ1CGZwnAmCNil
content-encoding: br
last-modified: Sun, 30 Apr 2023 02:57:56 GMT
server: AmazonS3
via: 1.1 320446d48de33b9e6a0384a85f613b80.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD58-P2
etag: W/"bd167392832c12b2f3fe8e15da6efc02"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 1639
x-amz-cf-id: sQGqn_HF7uWmD6Fkx6N3iSSfgwpUejDOkNkM734mMaMb7giaIdNmlA==

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830387%7C0%7C170%7CAdId=-41;BnId=2;ct=1916238305;st=6129;adcid=1;itime=825937502;reqtype=5;guid=7v4t09li4romf;;impref=16828259372521764742;imprefseq=30406083583420442;impr...
6.ras.yahoo.com/ Frame 98EE 1 B
34 B 49ms
37ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830387%7C0%7C170%7CAdId=-41;BnId=2;ct=1916238305;st=6129;adcid=1;itime=825937502;reqtype=5;guid=7v4t09li4romf;;impref=16828259372521764742;imprefseq=30406083583420442;imprefts=1682825937;adclntid=1004;spaceid=1197618800;adposition=LREC2;lmsid=a0770000003N6b9AAC;revshare=lmsid%253Aa0770000003N6b9AAC%253Brevsp%253Abusiness%255Finsider%255Farticles%255F888%253Blpstaid%253A986b3626%252D7fe5%252D3ac6%252D943d%252D163ec6b9dd49%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Bpct%253Astory%253Blu%253A0;pvid=2966627d9cab7bc50aba4daa0a08c735d13353;sectionid=149676551;kvpgcolo=us-east-1;kvhashtag=1996000;kvrs=lmsid:a0770000003n6b9aac:business_insider_articles_888:lu:pct:story:content:ver:0:pd:986b3626-7fe5-3ac6-943d-163ec6b9dd49:article:revsp:non_modal:lpstaid:pt;kvssp=ssp;kvctopid=1996000;kvsecure=true;kvmn=y403554;kvy-bucket=usnd-a20-seamless-int3;kvwiki_topics=mike_pompeo:computer_security:united_states_department_of_state:malware:russia:fireeye:business_insider:the_pentagon:donald_trump:united_states_secretary_of_state:joe_biden:solarwinds:cyberattack:federal_government_of_the_united_states;kvsecure-darla=3.49.1%7Cysd%7C2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C4880845%7C0%7C0%7CAdId=-41;BnId=0;ct=1916238305;st=8606;adcid=0;itime=825937504;reqtype=5;guid=7v4t09li4romf;;impref=16828259372521764751;imprefseq=30406083583420445;impref...
6.ras.yahoo.com/ Frame 2034 1 B
34 B 33ms
33ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4880845%7C0%7C0%7CAdId=-41;BnId=0;ct=1916238305;st=8606;adcid=0;itime=825937504;reqtype=5;guid=7v4t09li4romf;;impref=16828259372521764751;imprefseq=30406083583420445;imprefts=1682825937;adclntid=1004;spaceid=1197618800;adposition=MON2;lmsid=a0770000003N6b9AAC;revshare=lmsid%253Aa0770000003N6b9AAC%253Brevsp%253Abusiness%255Finsider%255Farticles%255F888%253Blpstaid%253A986b3626%252D7fe5%252D3ac6%252D943d%252D163ec6b9dd49%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Bpct%253Astory%253Blu%253A0;pvid=2966627d9cab7bc50aba4daa0a08c735d13353;sectionid=149676551;kvpgcolo=us-east-1;kvhashtag=1996000;kvrs=lmsid:a0770000003n6b9aac:business_insider_articles_888:lu:pct:story:content:ver:0:pd:986b3626-7fe5-3ac6-943d-163ec6b9dd49:article:revsp:non_modal:lpstaid:pt;kvssp=ssp;kvctopid=1996000;kvsecure=true;kvmn=y408863;kvy-bucket=usnd-a20-seamless-int3;kvwiki_topics=mike_pompeo:computer_security:united_states_department_of_state:malware:russia:fireeye:business_insider:the_pentagon:donald_trump:united_states_secretary_of_state:joe_biden:solarwinds:cyberattack:federal_government_of_the_united_states;kvsecure-darla=3.49.1%7Cysd%7C2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 js Show response
jill.fc.yahoo.com/v2/ads/ 14 KB
5 KB 282ms
281ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jill.fc.yahoo.com/v2/ads/js?jacVersion=1.5.0&config=%7B%22adServer%22%3A%7B%22PG%22%3A%7B%22siteAttributes%22%3A%7B%22Y-BUCKET%22%3A%22usnd-a20-seamless-int3%22%2C%22wiki_topics%22%3A%22Mike_Pompeo%3BSolarWinds%3BUnited_States_Department_of_State%3BCyberattack%3BFederal_government_of_the_United_States%3BUnited_States_Secretary_of_State%3BDonald_Trump%3BFireEye%3BJoe_Biden%3BComputer_security%3BMalware%3BRussia%3BBusiness_Insider%3BThe_Pentagon%22%2C%22ctopid%22%3A%221996000%22%2C%22hashtag%22%3A%221996000%22%2C%22rs%22%3A%22lmsid%3Aa0770000003N6b9AAC%3Brevsp%3Abusiness_insider_articles_888%3Blpstaid%3A986b3626-7fe5-3ac6-943d-163ec6b9dd49%3Bpt%3Acontent%3Bpd%3Anon_modal%3Bver%3Aarticle%3Bpct%3Astory%3Blu%3A0%22%2C%22geminifed%22%3A%221%22%2C%22ctout%22%3A%22380%22%7D%7D%7D%2C%22positions%22%3A%7B%22LREC3-1%22%3A%7B%22id%22%3A%22LREC3%22%2C%22size%22%3A%5B%22300x250%22%5D%7D%2C%22MON3-1%22%3A%7B%22id%22%3A%22MON3%22%2C%22size%22%3A%5B%22300x600%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22fp%22%2C%22pageSessionId%22%3A%22ef308cb91%22%2C%22spaceId%22%3A%221197618800%22%2C%22url%22%3A%22https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A5%2C%22applies%22%3A0%7D%2C%22ccpa%22%3A%7B%22apiStatus%22%3A5%2C%22usPrivacy%22%3A%221---%22%7D%7D%7D%2C%22requestId%22%3A3%2C%22metrics%22%3Afalse%7D

Requested by

Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

13d5821b3492cc1569f199d89954f49fe2c2bfdbf6247f61dd0b4d4a0821314e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 1
x-xss-protection: 1; mode=block
x-request-id: 27d913f3485d5a9eb261b09fdc49e183c53354
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
x-robots-tag: noindex, noarchive, nosnippet, nofollow
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Cache-Control,Content-Language,Content-Type,Cookie,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830386%7C0%7C170%7CAdId=-41;BnId=2;ct=1916238658;st=6278;adcid=1;itime=825937503;reqtype=5;guid=7v4t09li4romf;;impref=16828259372320453796;imprefseq=229971738992056442;imp...
6.ras.yahoo.com/ Frame ADD4 1 B
34 B 34ms
33ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830386%7C0%7C170%7CAdId=-41;BnId=2;ct=1916238658;st=6278;adcid=1;itime=825937503;reqtype=5;guid=7v4t09li4romf;;impref=16828259372320453796;imprefseq=229971738992056442;imprefts=1682825937;adclntid=1004;spaceid=1197618800;adposition=LREC;lmsid=a0770000003N6b9AAC;revshare=lmsid%253Aa0770000003N6b9AAC%253Brevsp%253Abusiness%255Finsider%255Farticles%255F888%253Blpstaid%253A986b3626%252D7fe5%252D3ac6%252D943d%252D163ec6b9dd49%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Bpct%253Astory%253Blu%253A0;pvid=28a6691a3fac1a677409ae6c577658bc873349;sectionid=149676551;kvpgcolo=us-east-1;kvhashtag=1996000;kvrs=lmsid:a0770000003n6b9aac:business_insider_articles_888:lu:pct:story:content:ver:0:pd:986b3626-7fe5-3ac6-943d-163ec6b9dd49:article:revsp:non_modal:lpstaid:pt;kvssp=ssp;kvctopid=1996000;kvsecure=true;kvmn=y403553;kvy-bucket=usnd-a20-seamless-int3;kvwiki_topics=mike_pompeo:computer_security:united_states_department_of_state:malware:russia:fireeye:business_insider:the_pentagon:donald_trump:united_states_secretary_of_state:joe_biden:solarwinds:cyberattack:federal_government_of_the_united_states;kvsecure-darla=3.49.1%7Cysd%7C2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adEvent.do Show response
us-east-1-web-oao.ssp.yahoo.com/admax/ Frame 79AD 43 B
370 B 100ms
25ms XHR
image/gif 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-east-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770771327&dcn=brxd4464051&posi=783173&grp=%3F%3F%3F&nl=1682825937598&rts=1682825937388&pix=1&et=1&a=28a6691a3fac1a677409ae6c577658bc873349-1&m=aXAtMTAtMjItMy0xNDc.&p=MC4wMDE2MQ&b=MTQxNDY7SW5kZXggRXhjaGFuZ2U7cHJlc2lkZW50c2Nob2ljZS5jYTs7OzsxMjU4MWJjOWExMWU0NjAxYTkxZTgwMGNiNjI5MzMxOTsxMTM3NDA7MTY4MjgyMTg0Nzs7MC4wMDE2MTs7MDs7MzI5ODAyNzc7OWI5YjVkMjEyZGM5Y2Q1Njk4ZjZhMmNmZGNlY2RkNDUxODM4NzM4ODsxOzE7&uid=y-gVYBFW9E2rNEjqmbL1V7UaLrMqne_O1gSI39vbJalBZ1%7EA&tsrctype=2&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxDQU4.&hb=true&type=5&af=2&brxdPublisherId=20459933223&brxdSiteId=4464051&brxdSectionId=149676551&dety=2
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
last-modified: Thu, 27 Apr 2023 00:31:38 GMT
server: ATS/9.1.10.25
age: 0
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://jac.yahoosandbox.com
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK cache Show response
prebid-ny.casalemedia.com/prebid-cache/ Frame 79AD 1 KB
1 KB 73ms
18ms Script
application/xml 192.40.39.248
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-ny.casalemedia.com/prebid-cache/cache?uuid=99c9519c-596b-41cc-b56b-ecd4d63d70ce&iurl=f5adf253-ff62-4105-a32d-743dcd367080&ap=1.61&source=audit
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.40.39.248 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: nginx/1.19.9 /
Resource Hash: 2476458327ad4820e7b315f1cc86f7b92b48c7cc5f59c81b1901719ba3adf643

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:57 GMT
Content-Encoding: gzip
Server: nginx/1.19.9
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/xml

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 79AD 2 KB
3 KB 29ms
27ms Script
application/javascript 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=56557,58456,58280,55853,57926,58301,58309,55936,58506,58160,58601,58557&referrer=&limit=12&us_privacy=null&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

7bfea4251883be5e3b3c6cb36c568583224c6d5d6ea04fbb9fa13817eaba83ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adfeedback-1.0.108.js Show response
s.yimg.com/cb/af/ Frame 79AD 129 KB
32 KB 33ms
31ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cb/af/adfeedback-1.0.108.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: FR3PQ9871MYCWW9R
age: 4500
x-amz-server-side-encryption: AES256
x-amz-id-2: fyaoKcJv4mBUQPBI0gFyZlSATAsmOvCu8h0gKdyQa6wF7h6XN44E4GgOqe59uuCmfidbWhi1mGw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 01:19:31 GMT
server: ATS
etag: "dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame 79AD 69 KB
16 KB 31ms
30ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WRWCTJ258ECY2D8Z
age: 6725
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: Rotpk5MOCxjiyWZ9j8VwsmO1ta/cazG8Ee89PBMLt86SOxPr9/V3h9xoIc9aEMYMDB46xuSQVIU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830391%7C0%7C0%7CAdId=-41;BnId=0;ct=1916238658;st=8934;adcid=0;itime=825937505;reqtype=5;guid=7v4t09li4romf;;impref=16828259372320453806;imprefseq=229971738992056445;impre...
6.ras.yahoo.com/ Frame 79AD 1 B
34 B 33ms
32ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830391%7C0%7C0%7CAdId=-41;BnId=0;ct=1916238658;st=8934;adcid=0;itime=825937505;reqtype=5;guid=7v4t09li4romf;;impref=16828259372320453806;imprefseq=229971738992056445;imprefts=1682825937;adclntid=1004;spaceid=1197618800;adposition=MON;lmsid=a0770000003N6b9AAC;revshare=lmsid%253Aa0770000003N6b9AAC%253Brevsp%253Abusiness%255Finsider%255Farticles%255F888%253Blpstaid%253A986b3626%252D7fe5%252D3ac6%252D943d%252D163ec6b9dd49%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Bpct%253Astory%253Blu%253A0;pvid=28a6691a3fac1a677409ae6c577658bc873349;sectionid=149676551;kvpgcolo=us-east-1;kvhashtag=1996000;kvrs=lmsid:a0770000003n6b9aac:business_insider_articles_888:lu:pct:story:content:ver:0:pd:986b3626-7fe5-3ac6-943d-163ec6b9dd49:article:revsp:non_modal:lpstaid:pt;kvssp=ssp;kvctopid=1996000;kvsecure=true;kvmn=y403548;kvy-bucket=usnd-a20-seamless-int3;kvwiki_topics=mike_pompeo:computer_security:united_states_department_of_state:malware:russia:fireeye:business_insider:the_pentagon:donald_trump:united_states_secretary_of_state:joe_biden:solarwinds:cyberattack:federal_government_of_the_united_states;kvsecure-darla=3.49.1%7Cysd%7C2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 98EE 0
216 B 70ms
69ms XHR
text/plain 2600:9000:2507:a200:10:43f:4352:ad61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2507:a200:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 30 Apr 2023 03:38:57 GMT
via: 1.1 a4183ed156210b7ee2a8130a2e031ad4.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD58-P7
content-length: 0
x-amz-cf-id: sJ1z8GKB3ObzIS47X9rk3thTMowYs_yUwIhEi44wuBqymsYcv9NfGA==
x-cache: Miss from cloudfront

GET
H2 200 adEvent.do Show response
prod-m-node-1111.ssp.advertising.com/admax/ Frame 98EE 43 B
244 B 25ms
24ms XHR
image/gif 3.221.202.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-m-node-1111.ssp.advertising.com/admax/adEvent.do?tidi=770771327&dcn=brxd4464051&posi=783355&grp=%3F%3F%3F&nl=1682825937622&rts=1682825937386&pix=1&et=1&a=2966627d9cab7bc50aba4daa0a08c735d13353-0&m=aXAtMTAtMjItNC0xNzI.&p=MC4wMDE2MQ&b=OTQ1MjtJbmRleCBFeGNoYW5nZTtwcmVzaWRlbnRzY2hvaWNlLmNhOzs7Ozc2MjJlOGNmMDZjODRiNmRhNjE5NGRiOTM3MzdiMWI3OzExMzc0MDsxNjgyODIxODQ3OzswLjAwMTYxOzswOzszMjk4MDE5OTsyYzg0NDAxYmZkMWJmMWUwYzU2MzMxZjYxMzg4YjczZDdiYmJiNzliOzE7MTs.&uid=y-gVYBFW9E2rNEjqmbL1V7UaLrMqne_O1gSI39vbJalBZ1%7EA&tsrctype=2&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxDQU4.&hb=true&type=5&af=2&brxdPublisherId=20459933223&brxdSiteId=4464051&brxdSectionId=149676551&dety=2
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.202.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-202-206.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
last-modified: Thu, 27 Apr 2023 00:31:38 GMT
server: nginx
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://jac.yahoosandbox.com
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK cache Show response
prebid-ny.casalemedia.com/prebid-cache/ Frame 98EE 1 KB
1 KB 60ms
19ms Script
application/xml 192.40.39.248
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-ny.casalemedia.com/prebid-cache/cache?uuid=c93c14d6-c8ed-434e-9b7b-64d8cdb5ebb8&iurl=ba382893-60e1-4637-beb3-e90fc1e8c50d&ap=1.61&source=audit
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.40.39.248 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: nginx/1.19.9 /
Resource Hash: d544fd58439ce92300e42630638d2244775ea8e341ba995f074db6ead97a702c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:57 GMT
Content-Encoding: gzip
Server: nginx/1.19.9
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/xml

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 98EE 2 KB
3 KB 27ms
26ms Script
application/javascript 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=56557,58309,57926,58456,58506,58280,55936,58301,55853,58601,58557,58160&referrer=&limit=12&us_privacy=null&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

b66d3d56d9d85db50d3c847c176a8f1101a39e94cab2347514d33f004dc1f11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adfeedback-1.0.108.js Show response
s.yimg.com/cb/af/ Frame 98EE 129 KB
32 KB 46ms
45ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cb/af/adfeedback-1.0.108.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: FR3PQ9871MYCWW9R
age: 4500
x-amz-server-side-encryption: AES256
x-amz-id-2: fyaoKcJv4mBUQPBI0gFyZlSATAsmOvCu8h0gKdyQa6wF7h6XN44E4GgOqe59uuCmfidbWhi1mGw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 01:19:31 GMT
server: ATS
etag: "dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame 98EE 69 KB
16 KB 45ms
44ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WRWCTJ258ECY2D8Z
age: 6725
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: Rotpk5MOCxjiyWZ9j8VwsmO1ta/cazG8Ee89PBMLt86SOxPr9/V3h9xoIc9aEMYMDB46xuSQVIU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 / Show response
adsvr.ecdrsvc.com/ed/3/ Frame 79AD 4 KB
5 KB 57ms
13ms Script
application/x-javascript 34.117.84.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsvr.ecdrsvc.com/ed/3/?6025352&cid=2603&tid=6025352&oid=5bc088d2-6c43-469a-a7d3-08764577aa78&vid=ZE3i0bSC4Us4CNLOagYBPAAA&iid=89b1f84b-e708-11ed-b713-2954332e98f5&p=2.00&bd2=ibH4TOcIEe23EylUMy6Y9bXzDOpaT0ssxTIq5w&bd3=El8BVIVRBvCwHA-oQLeJyTP5h2W_FgFoF227-iQUpXbII0BI39dhxAIcCsnQVxxp_Sheze9yXT570MH2y1xZ52ToOBBAW5ONAczRB1BEBPm02W5BbE1kyGkRb7ijCIuk-BoKAZQPIL2dnBH1vyICazA&rnd=-6545898822639552210&ex=CggKAkJWEgJOQQofCgNhaWQSGFpFM2kwYlNDNFVzNENOTE9hZ1lCUEFBQQ==
Requested by: Host: prebid-ny.casalemedia.com
URL: https://prebid-ny.casalemedia.com/prebid-cache/cache?uuid=99c9519c-596b-41cc-b56b-ecd4d63d70ce&iurl=f5adf253-ff62-4105-a32d-743dcd367080&ap=1.61&source=audit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.84.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 249.84.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 466dbcd8728f7fef0f4b8753bc487aad4dca87cc05913e15e94cc6811d8dcb45

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
via: 1.1 google
x-er-lastupdated: Sun Apr 30 03:38:11 UTC 2023
content-type: application/x-javascript;charset=iso-8859-1
x-er-rt: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4464

GET
H/1.1 200
OK v1
a3648.casalemedia.com/impression/ Frame 79AD 43 B
303 B 70ms
18ms Image
image/gif 209.204.233.220
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3648.casalemedia.com/impression/v1?bidID=3209cdca-7042-4aae-84b9-9a0900632ad0&traceID=ch6u5k9a76uq26hbe3q0&dspID=14&userID=ZE3i0bSC4Us4CNLOagYBPAAA&cmpro=1392&deviceType=2&expiryTime=1682826537&profileIDs=&ap=${AUCTION_PRICE}&siteID=895337&creativeID=1f73d35&pubID=183875&format=banner&channel=site
Requested by: Host: prebid-ny.casalemedia.com
URL: https://prebid-ny.casalemedia.com/prebid-cache/cache?uuid=99c9519c-596b-41cc-b56b-ecd4d63d70ce&iurl=f5adf253-ff62-4105-a32d-743dcd367080&ap=1.61&source=audit
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.204.233.220 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:57 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

GET
H2 200 / Show response
adsvr.ecdrsvc.com/ed/3/ Frame 98EE 4 KB
5 KB 56ms
14ms Script
application/x-javascript 34.117.84.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsvr.ecdrsvc.com/ed/3/?6025354&cid=2603&tid=6025354&oid=80e3c9be-90de-41e5-b9a1-327f13b387fd&vid=ZE3i0bSC4Us4CNLOagYBPAAA&iid=89b1d131-e708-11ed-b713-2954332e98f5&p=2.00&bd2=ibHRMucIEe23EylUMy6Y9ct2uklOzLPZSs2_Bw&bd3=El8BVIVRBtN2AcbGDVBhvWoc-W-ivJeOyi1Wy-sE8ACMNe3dSXFd42ZnupJTs_9M-mm-S5Aj4kk6Qc7jSpkzAlErbA_cFCp1TFwirayzwckRcRQDF-MvnlnzZ_1gQjYv7BoKAZQPIL1uvd189SICazA&rnd=-7074856263226551316&ex=CggKAkJWEgJOQQofCgNhaWQSGFpFM2kwYlNDNFVzNENOTE9hZ1lCUEFBQQ==
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.84.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 249.84.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 396df7309db0c2a64a5b6265888178c0100c2005cff106d6e8e51a79195c240b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
via: 1.1 google
x-er-lastupdated: Sun Apr 30 03:38:49 UTC 2023
content-type: application/x-javascript;charset=iso-8859-1
x-er-rt: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4464

GET
H/1.1 200
OK v1
a1310.casalemedia.com/impression/ Frame 98EE 43 B
303 B 69ms
18ms Image
image/gif 75.119.185.242
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a1310.casalemedia.com/impression/v1?bidID=f855f230-3a8f-40e2-8ae0-5f8a8f065c0b&traceID=ch6u5kahnavs14tglneg&dspID=14&userID=ZE3i0bSC4Us4CNLOagYBPAAA&cmpro=1392&deviceType=2&expiryTime=1682826537&profileIDs=&ap=${AUCTION_PRICE}&siteID=170075&creativeID=1f73ce7&pubID=183875&format=banner&channel=site
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 75.119.185.242 Wasilla, United States, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:57 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK viewport_html_forcedclicktag_4.0.js Show response
mcs.ecdrsvc.com/mcs/ Frame 79AD 12 KB
5 KB 177ms
27ms Script
application/x-javascript 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.ecdrsvc.com/mcs/viewport_html_forcedclicktag_4.0.js?bt=saf
Requested by: Host: adsvr.ecdrsvc.com
URL: https://adsvr.ecdrsvc.com/ed/3/?6025352&cid=2603&tid=6025352&oid=5bc088d2-6c43-469a-a7d3-08764577aa78&vid=ZE3i0bSC4Us4CNLOagYBPAAA&iid=89b1f84b-e708-11ed-b713-2954332e98f5&p=2.00&bd2=ibH4TOcIEe23EylUMy6Y9bXzDOpaT0ssxTIq5w&bd3=El8BVIVRBvCwHA-oQLeJyTP5h2W_FgFoF227-iQUpXbII0BI39dhxAIcCsnQVxxp_Sheze9yXT570MH2y1xZ52ToOBBAW5ONAczRB1BEBPm02W5BbE1kyGkRb7ijCIuk-BoKAZQPIL2dnBH1vyICazA&rnd=-6545898822639552210&ex=CggKAkJWEgJOQQofCgNhaWQSGFpFM2kwYlNDNFVzNENOTE9hZ1lCUEFBQQ==
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: e9b936cd8f711343db93990af75d47113234dc4c6b304671bf5bc35e0b7b71c8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Content-Length: 4414
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H2 200 moatad.js Show response
z.moatads.com/loblawdspdisplay883108631098/ Frame 79AD 308 KB
105 KB 193ms
60ms Script
application/x-javascript 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/loblawdspdisplay883108631098/moatad.js
Requested by: Host: adsvr.ecdrsvc.com
URL: https://adsvr.ecdrsvc.com/ed/3/?6025352&cid=2603&tid=6025352&oid=5bc088d2-6c43-469a-a7d3-08764577aa78&vid=ZE3i0bSC4Us4CNLOagYBPAAA&iid=89b1f84b-e708-11ed-b713-2954332e98f5&p=2.00&bd2=ibH4TOcIEe23EylUMy6Y9bXzDOpaT0ssxTIq5w&bd3=El8BVIVRBvCwHA-oQLeJyTP5h2W_FgFoF227-iQUpXbII0BI39dhxAIcCsnQVxxp_Sheze9yXT570MH2y1xZ52ToOBBAW5ONAczRB1BEBPm02W5BbE1kyGkRb7ijCIuk-BoKAZQPIL2dnBH1vyICazA&rnd=-6545898822639552210&ex=CggKAkJWEgJOQQofCgNhaWQSGFpFM2kwYlNDNFVzNENOTE9hZ1lCUEFBQQ==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a6eb0282649e7709b1e773f403c0a6cf97602395d26f1eaed9c8364e2fcc503c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:54:10 GMT
server: AmazonS3
x-amz-request-id: 4ZABXQRW7VNMBXAQ
etag: "b80c30842552bdbb115362be330258f3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=25211
accept-ranges: bytes
content-length: 107406
x-amz-id-2: jznAxvphhIuRe9O+m5UTy7SKw+fHCl3tXER6HW3eorxmOZQuMD7N2lTPKu12RSAhWm4Z+a5438Y=

GET
H/1.1 200
OK viewport_html_forcedclicktag_4.0.js Show response
mcs.ecdrsvc.com/mcs/ Frame 98EE 12 KB
5 KB 225ms
77ms Script
application/x-javascript 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.ecdrsvc.com/mcs/viewport_html_forcedclicktag_4.0.js?bt=saf
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: e9b936cd8f711343db93990af75d47113234dc4c6b304671bf5bc35e0b7b71c8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Content-Length: 4414
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H2 200 moatad.js Show response
z.moatads.com/loblawdspdisplay883108631098/ Frame 98EE 308 KB
105 KB 150ms
19ms Script
application/x-javascript 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/loblawdspdisplay883108631098/moatad.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a6eb0282649e7709b1e773f403c0a6cf97602395d26f1eaed9c8364e2fcc503c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:54:10 GMT
server: AmazonS3
x-amz-request-id: 4ZABXQRW7VNMBXAQ
etag: "b80c30842552bdbb115362be330258f3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=25211
accept-ranges: bytes
content-length: 107406
x-amz-id-2: jznAxvphhIuRe9O+m5UTy7SKw+fHCl3tXER6HW3eorxmOZQuMD7N2lTPKu12RSAhWm4Z+a5438Y=

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame B4F7 2 KB
3 KB 21ms
19ms Document
text/html 192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 17493f715ba449d34fffe225f07e22c6a4f3ab8d4735152c61cc57a91fa6b395

Request headers

Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1894
Content-Type: text/html
Date: Sun, 30 Apr 2023 03:38:57 GMT
Expires: 0
Keep-Alive: timeout=1, max=497
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58456/ Frame 79AD
Redirect Chain

https://ap.lijit.com/pixel?a=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID
https://ap.lijit.com/pixel?a=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID&sovrn_retry=true
https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GkK6aLZH85z68LNzQ26IXm57

0
17 B

26ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GkK6aLZH85z68LNzQ26IXm57

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GkK6aLZH85z68LNzQ26IXm57
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58280/ Frame 79AD
Redirect Chain

https://match.sharethrough.com/fUD7hqXV/v2?_origin=0
https://ups.analytics.yahoo.com/ups/58280/sync?uid=55069bc4-1af1-4a19-8909-5c6c1bea5df7&_origin=0

0
17 B

27ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58280/sync?uid=55069bc4-1af1-4a19-8909-5c6c1bea5df7&_origin=0

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58280/sync?uid=55069bc4-1af1-4a19-8909-5c6c1bea5df7&_origin=0
date: Sun, 30 Apr 2023 03:38:58 GMT
content-length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55853/ Frame 79AD
Redirect Chain

https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--~A&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fup...
https://aol-match.dotomi.com/match/bounce/current?DotomiTest=1dc5ef719bd321a1&is_secure=true&networkId=60&version=1&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--%7EA&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&ru...
https://ups.analytics.yahoo.com/ups/55853/sync?uid=AAAL8o5gQPAOhgMX_NHyAAAAAAA&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&expiration=1682912338&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--~A&gpp_sid=&...

0
17 B

29ms
29ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55853/sync?uid=AAAL8o5gQPAOhgMX_NHyAAAAAAA&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&expiration=1682912338&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--~A&gpp_sid=&gpp=&is_secure=true&gdpr_consent=&gdpr=0

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://ups.analytics.yahoo.com/ups/55853/sync?uid=AAAL8o5gQPAOhgMX_NHyAAAAAAA&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&expiration=1682912338&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--~A&gpp_sid=&gpp=&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 79AD
Redirect Chain

https://ssp-sync.criteo.com/user-sync/redirect?profile=73
https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_cons...

43 B
363 B

78ms
23ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 194442
expires: Sun, 30 Apr 2023 00:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=
date: Sun, 30 Apr 2023 03:38:57 GMT
cache-control: no-store,max-age=0
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel
content-length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58309/ Frame 79AD
Redirect Chain

https://i.ctnsnet.com/int/cm?exc=20&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&callback=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58309%2Fsync%3Fuid=%3CDSP_USER_ID%3E%26gdpr%3d0%26gdpr_consent%3d%26gpp...
https://ups.analytics.yahoo.com/ups/58309/sync?uid=e187070e04414816855c52da65d17ed6&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&_origin=0&y=null&gdpr=0

0
17 B

28ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58309/sync?uid=e187070e04414816855c52da65d17ed6&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&_origin=0&y=null&gdpr=0

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:54 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://ups.analytics.yahoo.com/ups/58309/sync?uid=e187070e04414816855c52da65d17ed6&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&_origin=0&y=null&gdpr=0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

3661470049074716140
pr-bh.ybp.yahoo.com/sync/msft/csrc/3/ Frame 79AD
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55936%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26redir2%3Dtrue
https://ups.analytics.yahoo.com/ups/55936/sync?uid=3661470049074716140&_origin=0&redir2=true
https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/3661470049074716140

43 B
603 B

27ms
27ms

Image
image/gif

2600:1f18:4e9:5a07:c5bd:680d:2822:1831
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/3661470049074716140

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

2600:1f18:4e9:5a07:c5bd:680d:2822:1831 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/3661470049074716140
date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58506/ Frame 79AD
Redirect Chain

https://trace.mediago.io/cs/verizon?gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://ups.analytics.yahoo.com/ups/58506/sync?uid=6a3fb85d6e857497dff66a15f28c90df&_origin=0&gdpr=0&gdpr_consent=

0
17 B

27ms
26ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58506/sync?uid=6a3fb85d6e857497dff66a15f28c90df&_origin=0&gdpr=0&gdpr_consent=

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58506/sync?uid=6a3fb85d6e857497dff66a15f28c90df&_origin=0&gdpr=0&gdpr_consent=
date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149
content-type: text/html; charset=utf-8

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58160/ Frame 79AD
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=oath&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LH2V447V-S-L9GB&gdpr=0

0
17 B

26ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LH2V447V-S-L9GB&gdpr=0

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LH2V447V-S-L9GB&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5daa34953a867809056448757b76591b
Expires: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58601/ Frame 79AD
Redirect Chain

https://rtb.gumgum.com/getuid/15563?gdpr=0&gdpr_consent=&gpp_sid=&gpp=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58601%2Fsync%3F_origin%3D0%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26gpp_...
https://ups.analytics.yahoo.com/ups/58601/sync?_origin=0&us_privacy=&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=u_6c549a63-ad12-4960-84bc-cfbd63514eee

0
17 B

25ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58601/sync?_origin=0&us_privacy=&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=u_6c549a63-ad12-4960-84bc-cfbd63514eee

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58601/sync?_origin=0&us_privacy=&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=u_6c549a63-ad12-4960-84bc-cfbd63514eee
date: Sun, 30 Apr 2023 03:38:58 GMT
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-CA

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58557/ Frame 79AD
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=216&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://ups.analytics.yahoo.com/ups/58557/sync?uid=bi9sRiiwWD1K7xIXMFDTrZU4mbk&_origin=0&gdpr=0&gdpr_consent=

0
17 B

26ms
26ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58557/sync?uid=bi9sRiiwWD1K7xIXMFDTrZU4mbk&_origin=0&gdpr=0&gdpr_consent=

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location: https://ups.analytics.yahoo.com/ups/58557/sync?uid=bi9sRiiwWD1K7xIXMFDTrZU4mbk&_origin=0&gdpr=0&gdpr_consent=
Date: Sun, 30 Apr 2023 03:38:58 GMT
Connection: keep-alive
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 79AD
Redirect Chain

https://ssp-sync.criteo.com/user-sync/redirect?profile=73&gdprapplies=0&gdpr=&gpp=&gpp_sid=
https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26gdprapplies%3d0%26gdpr%3d%26gpp%3d%26gpp_sid%3d%26uid%3d%40%40...

43 B
362 B

23ms
22ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26gdprapplies%3d0%26gdpr%3d%26gpp%3d%26gpp_sid%3d%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 303751
expires: Sun, 30 Apr 2023 00:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26gdprapplies%3d0%26gdpr%3d%26gpp%3d%26gpp_sid%3d%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=
date: Sun, 30 Apr 2023 03:38:57 GMT
cache-control: no-store,max-age=0
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel
content-length: 0

GET
H2 200 /
c1.adform.net/serving/cookie/match/ Frame 79AD 35 B
500 B 92ms
19ms Image
image/gif 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?CC=1&party=15&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&curl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55944%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3d0%26gdpr_consent%3d%26gpp_sid%3D%26gpp%3D

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 9B49 2 KB
2 KB 33ms
19ms Document
text/html 192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 5e80a40ac5afe43e17b803c553ffa8176082f0c065a1b59abace47177a1d5e76

Request headers

Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1793
Content-Type: text/html
Date: Sun, 30 Apr 2023 03:38:57 GMT
Expires: 0
Keep-Alive: timeout=1, max=496
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58309/ Frame 98EE
Redirect Chain

https://i.ctnsnet.com/int/cm?exc=20&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&callback=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58309%2Fsync%3Fuid=%3CDSP_USER_ID%3E%26gdpr%3d0%26gdpr_consent%3d%26gpp...
https://ups.analytics.yahoo.com/ups/58309/sync?uid=c5b32b93e8304d9996df6b1e078c1dad&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&_origin=0&y=null&gdpr=0

0
17 B

28ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58309/sync?uid=c5b32b93e8304d9996df6b1e078c1dad&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&_origin=0&y=null&gdpr=0

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:00 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://ups.analytics.yahoo.com/ups/58309/sync?uid=c5b32b93e8304d9996df6b1e078c1dad&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&_origin=0&y=null&gdpr=0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58456/ Frame 98EE
Redirect Chain

https://ap.lijit.com/pixel?a=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID
https://ap.lijit.com/pixel?a=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID&sovrn_retry=true
https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GkK6aLZH85z68LNzQ26IXm57

0
17 B

28ms
28ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GkK6aLZH85z68LNzQ26IXm57

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GkK6aLZH85z68LNzQ26IXm57
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58506/ Frame 98EE
Redirect Chain

https://trace.mediago.io/cs/verizon?gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://ups.analytics.yahoo.com/ups/58506/sync?uid=6a3fb85d6e857497dff66a15f28c90df&_origin=0&gdpr=0&gdpr_consent=

0
17 B

30ms
28ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58506/sync?uid=6a3fb85d6e857497dff66a15f28c90df&_origin=0&gdpr=0&gdpr_consent=

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58506/sync?uid=6a3fb85d6e857497dff66a15f28c90df&_origin=0&gdpr=0&gdpr_consent=
date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149
content-type: text/html; charset=utf-8

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58280/ Frame 98EE
Redirect Chain

https://match.sharethrough.com/fUD7hqXV/v2?_origin=0
https://ups.analytics.yahoo.com/ups/58280/sync?uid=5f254645-f6aa-4ea4-9d61-fe832a461cca&_origin=0

0
17 B

26ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58280/sync?uid=5f254645-f6aa-4ea4-9d61-fe832a461cca&_origin=0

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58280/sync?uid=5f254645-f6aa-4ea4-9d61-fe832a461cca&_origin=0
date: Sun, 30 Apr 2023 03:38:58 GMT
content-length: 0

GET
H2

200

3661470049074716140
pr-bh.ybp.yahoo.com/sync/msft/csrc/3/ Frame 98EE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55936%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26redir2%3Dtrue
https://ups.analytics.yahoo.com/ups/55936/sync?uid=3661470049074716140&_origin=0&redir2=true
https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/3661470049074716140

43 B
603 B

29ms
28ms

Image
image/gif

2600:1f18:4e9:5a07:c5bd:680d:2822:1831
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/3661470049074716140

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

2600:1f18:4e9:5a07:c5bd:680d:2822:1831 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/3661470049074716140
date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 98EE
Redirect Chain

https://ssp-sync.criteo.com/user-sync/redirect?profile=73
https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_cons...

43 B
362 B

79ms
24ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 221196
expires: Sun, 30 Apr 2023 00:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=
date: Sun, 30 Apr 2023 03:38:58 GMT
cache-control: no-store,max-age=0
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel
content-length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55853/ Frame 98EE
Redirect Chain

https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--~A&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fup...
https://aol-match.dotomi.com/match/bounce/current?DotomiTest=37ead98f0f4821dd&is_secure=true&networkId=60&version=1&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--%7EA&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&ru...
https://ups.analytics.yahoo.com/ups/55853/sync?uid=AAAHZlT2VHVPggMJPZnHAAAAAAA&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&expiration=1682912338&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--~A&gpp_sid=&...

0
17 B

25ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55853/sync?uid=AAAHZlT2VHVPggMJPZnHAAAAAAA&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&expiration=1682912338&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--~A&gpp_sid=&gpp=&is_secure=true&gdpr_consent=&gdpr=0

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://ups.analytics.yahoo.com/ups/55853/sync?uid=AAAHZlT2VHVPggMJPZnHAAAAAAA&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&expiration=1682912338&nuid=y-iXKXNAVE2umvi0dM5WQ8KnMUqYohJA--~A&gpp_sid=&gpp=&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58601/ Frame 98EE
Redirect Chain

https://rtb.gumgum.com/getuid/15563?gdpr=0&gdpr_consent=&gpp_sid=&gpp=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58601%2Fsync%3F_origin%3D0%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26gpp_...
https://ups.analytics.yahoo.com/ups/58601/sync?_origin=0&us_privacy=&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=u_6c549a63-ad12-4960-84bc-cfbd63514eee

0
17 B

28ms
27ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58601/sync?_origin=0&us_privacy=&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=u_6c549a63-ad12-4960-84bc-cfbd63514eee

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58601/sync?_origin=0&us_privacy=&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&uid=u_6c549a63-ad12-4960-84bc-cfbd63514eee
date: Sun, 30 Apr 2023 03:38:58 GMT
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-CA

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58557/ Frame 98EE
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=216&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://ups.analytics.yahoo.com/ups/58557/sync?uid=bi9sRiiwWD1K7xIXMFDTrZU4mbk&_origin=0&gdpr=0&gdpr_consent=

0
17 B

26ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58557/sync?uid=bi9sRiiwWD1K7xIXMFDTrZU4mbk&_origin=0&gdpr=0&gdpr_consent=

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location: https://ups.analytics.yahoo.com/ups/58557/sync?uid=bi9sRiiwWD1K7xIXMFDTrZU4mbk&_origin=0&gdpr=0&gdpr_consent=
Date: Sun, 30 Apr 2023 03:38:58 GMT
Connection: keep-alive
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58160/ Frame 98EE
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=oath&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LH2V44A7-21-H0JI&gdpr=0

0
482 B

26ms
26ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LH2V44A7-21-H0JI&gdpr=0

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LH2V44A7-21-H0JI&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5daa34953a867809056448757b76591b
Expires: 0

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 98EE
Redirect Chain

https://ssp-sync.criteo.com/user-sync/redirect?profile=73&gdprapplies=0&gdpr=&gpp=&gpp_sid=
https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26gdprapplies%3d0%26gdpr%3d%26gpp%3d%26gpp_sid%3d%26uid%3d%40%40...

43 B
362 B

23ms
23ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 158118
expires: Sun, 30 Apr 2023 00:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26gdprapplies%3d0%26gdpr%3d%26gpp%3d%26gpp_sid%3d%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=
date: Sun, 30 Apr 2023 03:38:58 GMT
cache-control: no-store,max-age=0
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel
content-length: 0

GET
H2 200 /
c1.adform.net/serving/cookie/match/ Frame 98EE 35 B
501 B 78ms
18ms Image
image/gif 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame B4F7 43 B
855 B 31ms
30ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 44D194CTR9XQKR9JBTA3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame B4F7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE5WKpMBA0X9rfZxmQml80E&google_cver=1

43 B
766 B

19ms
17ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE5WKpMBA0X9rfZxmQml80E&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE5WKpMBA0X9rfZxmQml80E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B4F7
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40022b3b-2005-4517-8542-406606e8d366&expiration=1685417938&gdpr=0&gdpr_consent=

43 B
632 B

20ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40022b3b-2005-4517-8542-406606e8d366&expiration=1685417938&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40022b3b-2005-4517-8542-406606e8d366&expiration=1685417938&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B4F7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3i0bSC4Us4CNLOagYBPAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1

43 B
632 B

18ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=493
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B4F7
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://pr-bh.ybp.yahoo.com/sync/casale/ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB

43 B
603 B

35ms
33ms

Image
image/gif

2600:1f18:4e9:5a07:c5bd:680d:2822:1831
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB

Requested by

Protocol

Server

2600:1f18:4e9:5a07:c5bd:680d:2822:1831 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB
date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B4F7
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2459948665330154167&gdpr=0&gdpr_consent=

43 B
632 B

19ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2459948665330154167&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=491
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2459948665330154167&gdpr=0&gdpr_consent=
date: Sun, 30 Apr 2023 03:38:57 GMT
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B4F7
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=a2f1bff0-5582-38c9-9ca97d26

43 B
632 B

18ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=a2f1bff0-5582-38c9-9ca97d26
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=a2f1bff0-5582-38c9-9ca97d26
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B4F7
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1698637138&external_user_id=ef8beab1-4cab-46bd-bb9d-d1c3ec1e139e

43 B
632 B

19ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1698637138&external_user_id=ef8beab1-4cab-46bd-bb9d-d1c3ec1e139e
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=492
Content-Length: 43
Expires: 0

Redirect headers

date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1698637138&external_user_id=ef8beab1-4cab-46bd-bb9d-d1c3ec1e139e
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H2 200 htw-pixel.gif
js-sec.indexww.com/ht/ Frame B4F7 43 B
354 B 78ms
32ms Image
image/gif 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB=&gpp=&gpp_sid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 1015
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7bfcc140ea695479-YYZ
content-length: 43
expires: Sun, 30 Apr 2023 07:38:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9B49
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40022b3b-2005-4517-8542-406606e8d366&expiration=1685417938&gdpr=0&gdpr_consent=

43 B
632 B

25ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40022b3b-2005-4517-8542-406606e8d366&expiration=1685417938&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40022b3b-2005-4517-8542-406606e8d366&expiration=1685417938&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 9B49 43 B
855 B 45ms
38ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gpp=&gpp_sid=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BETWYS40QX5FZ5EG6FTD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9B49
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3i0bSC4Us4CNLOagYBPAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1

43 B
632 B

19ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 9B49
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE5WKpMBA0X9rfZxmQml80E&google_cver=1

43 B
766 B

18ms
17ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE5WKpMBA0X9rfZxmQml80E&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE5WKpMBA0X9rfZxmQml80E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9B49
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3526114908186870879

43 B
632 B

19ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3526114908186870879
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3526114908186870879
pragma: no-cache
date: Sun, 30 Apr 2023 03:38:57 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame 9B49
Redirect Chain

https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=6d4894ce-1dfc-4c68-a404-fd590bdf31f5

43 B
632 B

19ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=6d4894ce-1dfc-4c68-a404-fd590bdf31f5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

x-servername: Track003-iad
pragma: no-cache
date: Sun, 30 Apr 2023 03:38:48 GMT
strict-transport-security: max-age=31536000;
content-type: text/html; charset=utf-8
location: https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=6d4894ce-1dfc-4c68-a404-fd590bdf31f5
cache-control: private,no-cache
content-length: 222
expires: -1

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9B49
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3i0QAGellArAA9

43 B
632 B

26ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3i0QAGellArAA9
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-yyz4552-YYZ
pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1682825938.043959,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3i0QAGellArAA9
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9B49
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4233628459017124396&gdpr=0&gdpr_consent=

43 B
632 B

19ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4233628459017124396&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4233628459017124396&gdpr=0&gdpr_consent=
date: Sun, 30 Apr 2023 03:38:57 GMT
content-length: 0

GET
H2 200 htw-pixel.gif
js-sec.indexww.com/ht/ Frame 9B49 43 B
102 B 63ms
42ms Image
image/gif 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB=&gpp=&gpp_sid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 1015
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7bfcc140ea6e5479-YYZ
content-length: 43
expires: Sun, 30 Apr 2023 07:38:58 GMT

GET
H2 200 safeframe.html Show response
jac.yahoosandbox.com/1.5.0/ Frame 80E3 413 B
457 B 28ms
28ms Document
text/html 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/1.5.0/safeframe.html

Requested by

Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

efb208541e1c24936a12459cbab20dfa0aa80ba28e8d6e650e193e00e13c93b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
age: 260361
cache-control: max-age=31536000,s-maxage=31536000
content-length: 413
content-type: text/html
date: Thu, 27 Apr 2023 03:19:38 GMT
etag: "ddcbb328f37e5fb60a19139151a6d7c6"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
x-amz-id-2: msTBRuop6sXF+QM0QlW+2qwYEBrt0QK8PfqKOnUf1bhZC7Pl4FIMvTgYuoT6VmP3ASLD3Cq7iTmviY1ZbtKMfw==
x-amz-request-id: BMAX0572JPS51Z9K
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 safeframe.html Show response
jac.yahoosandbox.com/1.5.0/ Frame 3692 413 B
451 B 29ms
28ms Document
text/html 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/1.5.0/safeframe.html

Requested by

Host: openweb.jac.yahoosandbox.com
URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

efb208541e1c24936a12459cbab20dfa0aa80ba28e8d6e650e193e00e13c93b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
age: 260361
cache-control: max-age=31536000,s-maxage=31536000
content-length: 413
content-type: text/html
date: Thu, 27 Apr 2023 03:19:38 GMT
etag: "ddcbb328f37e5fb60a19139151a6d7c6"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
x-amz-id-2: msTBRuop6sXF+QM0QlW+2qwYEBrt0QK8PfqKOnUf1bhZC7Pl4FIMvTgYuoT6VmP3ASLD3Cq7iTmviY1ZbtKMfw==
x-amz-request-id: BMAX0572JPS51Z9K
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK index.html Show response
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 5 KB
2 KB 194ms
23ms Document
text/html 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Requested by: Host: mcs.ecdrsvc.com
URL: https://mcs.ecdrsvc.com/mcs/viewport_html_forcedclicktag_4.0.js?bt=saf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 75d745f41a06d85a275f10ecb306256515e35e2bcc7150de0cbefd3fcfa71edf

Request headers

Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1324
Content-Type: text/html
Date: Sun, 30 Apr 2023 03:38:58 GMT
ETag: "641b4b0c-1497"
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
Vary: Accept-Encoding

GET
H2 200 baseline
aud.ecdrsvc.com/au2/ Frame 79AD 43 B
190 B 37ms
12ms Image
image/gif 34.117.84.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aud.ecdrsvc.com/au2/baseline?&id=89b1f84b-e708-11ed-b713-2954332e98f5&t=8025337&f=N&vv=0&g=ec3ca01a-86b8-402d-81e7-665862d8adb6&dd=https%3A%2F%2Fjac.yahoosandbox.com%2F1.5.0%2Fsafeframe.html&dr=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&res=0&oid=5bc088d2-6c43-469a-a7d3-08764577aa78

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.84.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.84.117.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 google
content-type: image/gif
cache-control: no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 viewability
aud.ecdrsvc.com/au2/ Frame 79AD 43 B
106 B 37ms
13ms Image
image/gif 34.117.84.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aud.ecdrsvc.com/au2/viewability?&id=89b1f84b-e708-11ed-b713-2954332e98f5&t=8025337&m=I

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.84.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.84.117.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 google
content-type: image/gif
cache-control: no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ahdim
aud.ecdrsvc.com/au2/ Frame 79AD 43 B
106 B 38ms
13ms Image
image/gif 34.117.84.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aud.ecdrsvc.com/au2/ahdim?&id=89b1f84b-e708-11ed-b713-2954332e98f5&tid=8025337&w=300&h=600

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.84.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.84.117.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 google
content-type: image/gif
cache-control: no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 rimp
adsvr.ecdrsvc.com/ Frame 79AD 43 B
118 B 13ms
12ms Image
image/gif 34.117.84.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsvr.ecdrsvc.com/rimp?6025352|8025337&iid=89b1f84b-e708-11ed-b713-2954332e98f5
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.84.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 249.84.117.34.bc.googleusercontent.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 google
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 jac.js Show response
jac.yahoosandbox.com/1.5.0/ Frame 80E3 130 KB
39 KB 31ms
30ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/1.5.0/jac.js

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

dffbef41df2c457469eaeafc355c043a0afbac1acae8528abf084429a3d6d2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WBBZMMCMCJWBAXXH
age: 775496
x-amz-server-side-encryption: AES256
content-length: 39811
x-amz-id-2: mhXjbVMz1lKc7I4Z2Osbmj/8dj5NQNn5fBaA7MGVqVKjlW7riU4+aogSNK3CPkhhQudFwp/zGEE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
server: ATS
etag: "ba7ab9e2045b668f3f93509ade11995d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes

GET
H2 200 jac.js Show response
jac.yahoosandbox.com/1.5.0/ Frame 3692 130 KB
39 KB 29ms
28ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/1.5.0/jac.js

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

dffbef41df2c457469eaeafc355c043a0afbac1acae8528abf084429a3d6d2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WBBZMMCMCJWBAXXH
age: 775496
x-amz-server-side-encryption: AES256
content-length: 39811
x-amz-id-2: mhXjbVMz1lKc7I4Z2Osbmj/8dj5NQNn5fBaA7MGVqVKjlW7riU4+aogSNK3CPkhhQudFwp/zGEE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Nov 2022 20:51:07 GMT
server: ATS
etag: "ba7ab9e2045b668f3f93509ade11995d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes

GET
H2 200 pixel.gif
px.moatads.com/ Frame 98EE 43 B
330 B 79ms
22ms Image
image/gif 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=LOBLAW_DISPLAY1&hp=1&ra=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fnews.yahoo.com&lp=https%3A%2F%2Fnews.yahoo.com&t=1682825938179&de=158958691464&m=0&ar=81c6b5a9873-clean&iw=fee3009&q=2&cb=0&ym=0&cu=1682825938179&ll=2&lm=1&ln=1&em=0&en=0&d=PC%20Masterbrand%3A2023_02605_LM_14_Q4_PCMB-Q2-CONSID-THINK-PC%20Coffee_AW_CA_EN-FR_DISPLAY-OLV_1PD%3A14_PCMB-Q1-CONSID-PC%20Coffee_DISP_MediaAisle_OPN_HTML5_CPM_000700_ROC_EN_Mass_OE%3A&zGSRC=1&gu=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&id=1&ii=3&bo=Display&bd=300x250&zMoatOrigSlicer1=Display&zMoatOrigSlicer2=300x250&zMoatDomain=yahoo.com&zMoatSubdomain=news.yahoo.com&gw=loblawdspdisplay883108631098&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A315&fs=203238&na=844684114&cs=0
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
x-check-cacheable: YES
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-pragma-client-ip: 10.33.41.138, 12.90.221.210
x-serial: 1
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:38:58 GMT

GET
H3 200 view
aud.ecdrsvc.com/au2/ Frame 79AD 43 B
60 B 14ms
13ms Image
image/gif 34.117.84.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aud.ecdrsvc.com/au2/view?&id=89b1f84b-e708-11ed-b713-2954332e98f5&m=I

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.84.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.84.117.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 google
content-type: image/gif
cache-control: no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 79AD 43 B
330 B 33ms
21ms Image
image/gif 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=LOBLAW_DISPLAY1&hp=1&ra=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fnews.yahoo.com&lp=https%3A%2F%2Fnews.yahoo.com&t=1682825938257&de=793131429498&m=0&ar=81c6b5a9873-clean&iw=fee3009&q=2&cb=0&ym=0&cu=1682825938257&ll=2&lm=1&ln=1&em=0&en=0&d=PC%20Masterbrand%3A2023_02605_LM_14_Q4_PCMB-Q2-CONSID-THINK-PC%20Coffee_AW_CA_EN-FR_DISPLAY-OLV_1PD%3A14_PCMB-Q1-CONSID-PC%20Coffee_DISP_MediaAisle_OPN_HTML5_CPM_000700_ROC_EN_Mass_OE%3A&zGSRC=1&gu=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&id=1&ii=3&bo=Display&bd=300x600&zMoatOrigSlicer1=Display&zMoatOrigSlicer2=300x600&zMoatDomain=yahoo.com&zMoatSubdomain=news.yahoo.com&gw=loblawdspdisplay883108631098&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A273&fs=203238&na=652821251&cs=0
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
x-check-cacheable: YES
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-pragma-client-ip: 10.33.41.138, 12.90.221.210
x-serial: 1
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:38:58 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/ Frame 80E3 281 KB
91 KB 31ms
31ms Script
text/javascript 2600:9000:24d1:9e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24d1:9e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d74d96afbd3b57db7982c92cb7d8e32a16206fae78536e86765d04a77a6bd4a5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:11:39 GMT
x-amz-version-id: uLghqYitOO4Nmc_bKwuZ1CGZwnAmCNil
content-encoding: br
last-modified: Sun, 30 Apr 2023 02:57:56 GMT
server: AmazonS3
via: 1.1 320446d48de33b9e6a0384a85f613b80.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD58-P2
etag: W/"bd167392832c12b2f3fe8e15da6efc02"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 1640
x-amz-cf-id: Basg3kYqs4jz3Pdqc4f0trm7-QVvYK9WCBQs3FPrJc9_Ry2B8anUhg==

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830388%7C0%7C170%7CAdId=-41;BnId=2;ct=1916681860;st=7693;adcid=1;itime=825937715;reqtype=5;guid=7v4t09li4romf;;impref=16828259372270124902;imprefseq=238134487546865641;imp...
6.ras.yahoo.com/ Frame 80E3 1 B
202 B 35ms
35ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830388%7C0%7C170%7CAdId=-41;BnId=2;ct=1916681860;st=7693;adcid=1;itime=825937715;reqtype=5;guid=7v4t09li4romf;;impref=16828259372270124902;imprefseq=238134487546865641;imprefts=1682825937;adclntid=1004;spaceid=1197618800;adposition=LREC3;lmsid=a0770000003N6b9AAC;revshare=lmsid%253Aa0770000003N6b9AAC%253Brevsp%253Abusiness%255Finsider%255Farticles%255F888%253Blpstaid%253A986b3626%252D7fe5%252D3ac6%252D943d%252D163ec6b9dd49%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Bpct%253Astory%253Blu%253A0;pvid=27d913f3485d5a9eb261b09fdc49e183c53354;sectionid=149676551;kvpgcolo=us-east-1;kvhashtag=1996000;kvrs=lmsid:a0770000003n6b9aac:business_insider_articles_888:lu:pct:story:content:ver:0:pd:986b3626-7fe5-3ac6-943d-163ec6b9dd49:article:revsp:non_modal:lpstaid:pt;kvssp=ssp;kvctopid=1996000;kvsecure=true;kvmn=y403555;kvy-bucket=usnd-a20-seamless-int3;kvwiki_topics=mike_pompeo:computer_security:united_states_department_of_state:malware:russia:fireeye:business_insider:the_pentagon:donald_trump:united_states_secretary_of_state:joe_biden:solarwinds:cyberattack:federal_government_of_the_united_states;kvsecure-darla=3.49.1%7Cysd%7C2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C5281798%7C0%7C0%7CAdId=-41;BnId=0;ct=1916681860;st=10357;adcid=0;itime=825937720;reqtype=5;guid=7v4t09li4romf;;impref=16828259372270124914;imprefseq=238134487546865644;impr...
6.ras.yahoo.com/ Frame 3692 1 B
34 B 34ms
34ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C5281798%7C0%7C0%7CAdId=-41;BnId=0;ct=1916681860;st=10357;adcid=0;itime=825937720;reqtype=5;guid=7v4t09li4romf;;impref=16828259372270124914;imprefseq=238134487546865644;imprefts=1682825937;adclntid=1004;spaceid=1197618800;adposition=MON3;lmsid=a0770000003N6b9AAC;revshare=lmsid%253Aa0770000003N6b9AAC%253Brevsp%253Abusiness%255Finsider%255Farticles%255F888%253Blpstaid%253A986b3626%252D7fe5%252D3ac6%252D943d%252D163ec6b9dd49%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Bpct%253Astory%253Blu%253A0;pvid=27d913f3485d5a9eb261b09fdc49e183c53354;sectionid=149676551;kvpgcolo=us-east-1;kvhashtag=1996000;kvrs=lmsid:a0770000003n6b9aac:business_insider_articles_888:lu:pct:story:content:ver:0:pd:986b3626-7fe5-3ac6-943d-163ec6b9dd49:article:revsp:non_modal:lpstaid:pt;kvssp=ssp;kvctopid=1996000;kvsecure=true;kvmn=y963925933;kvy-bucket=usnd-a20-seamless-int3;kvwiki_topics=mike_pompeo:computer_security:united_states_department_of_state:malware:russia:fireeye:business_insider:the_pentagon:donald_trump:united_states_secretary_of_state:joe_biden:solarwinds:cyberattack:federal_government_of_the_united_states;kvsecure-darla=3.49.1%7Cysd%7C2;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK index.html Show response
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 6 KB
2 KB 59ms
28ms Document
text/html 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 5e63dbb7de1d012d854144df23e01178d5851a2d55ed3ecff0a657134bb7dca5

Request headers

Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1460
Content-Type: text/html
Date: Sun, 30 Apr 2023 03:38:58 GMT
ETag: "641b4b0c-1942"
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
Vary: Accept-Encoding

GET
H3 200 baseline
aud.ecdrsvc.com/au2/ Frame 98EE 43 B
60 B 18ms
17ms Image
image/gif 34.117.84.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aud.ecdrsvc.com/au2/baseline?&id=89b1d131-e708-11ed-b713-2954332e98f5&t=8025339&f=N&vv=0&g=c58c8a8a-751b-46d4-a025-83179f7f0a02&dd=https%3A%2F%2Fjac.yahoosandbox.com%2F1.5.0%2Fsafeframe.html&dr=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&res=0&oid=80e3c9be-90de-41e5-b9a1-327f13b387fd

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.84.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.84.117.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 google
content-type: image/gif
cache-control: no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 viewability
aud.ecdrsvc.com/au2/ Frame 98EE 43 B
60 B 16ms
15ms Image
image/gif 34.117.84.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aud.ecdrsvc.com/au2/viewability?&id=89b1d131-e708-11ed-b713-2954332e98f5&t=8025339&m=I

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.84.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.84.117.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 google
content-type: image/gif
cache-control: no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 ahdim
aud.ecdrsvc.com/au2/ Frame 98EE 43 B
60 B 19ms
18ms Image
image/gif 34.117.84.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aud.ecdrsvc.com/au2/ahdim?&id=89b1d131-e708-11ed-b713-2954332e98f5&tid=8025339&w=300&h=250

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.84.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.84.117.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 google
content-type: image/gif
cache-control: no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 rimp
adsvr.ecdrsvc.com/ Frame 98EE 43 B
59 B 18ms
17ms Image
image/gif 34.117.84.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsvr.ecdrsvc.com/rimp?6025354|8025339&iid=89b1d131-e708-11ed-b713-2954332e98f5
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.84.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 249.84.117.34.bc.googleusercontent.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 google
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 widget.e41a0c4132970d505cc8.js Show response
c.bannerflow.net/scripts/ Frame 22C4 20 KB
8 KB 19ms
19ms Script
application/javascript 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6411e6dbc0f1dce23d450aaa?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: nZPaCeepSHMZbbh+xShfnA==
age: 206949
cf-polished: origSize=20123
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 07 Mar 2023 10:29:01 GMT
server: cloudflare
etag: W/"0x8DB1EF6C4FEC22F"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 020fc345-601e-005b-6f01-51d41d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7bfcc142788e713f-YUL

GET
H2 200 document.0000000406BEBF.js Show response
c.bannerflow.net/accounts/megalotto/5f7472ffab198f201c14e16d/published/4165006/5075065/ Frame 22C4 93 KB
24 KB 23ms
23ms Script
application/javascript 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/megalotto/5f7472ffab198f201c14e16d/published/4165006/5075065/document.0000000406BEBF.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6411e6dbc0f1dce23d450aaa?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a192445b0d5c49f5701652275e6defe86690c9be284657d872daa2622d899a2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: Bf8s+3TByp8NUf6SYzBnag==
age: 1482806
cf-polished: origSize=97603
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 15 Mar 2023 15:45:26 GMT
server: cloudflare
etag: W/"0x8DB256C4C24CA5C"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d8270deb-801e-001e-3798-6d01fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7bfcc1427890713f-YUL

GET
H2 200 animated-creative.5b52d8f9d40b2db6298f.js Show response
c.bannerflow.net/scripts/ Frame 22C4 156 KB
53 KB 25ms
24ms Script
application/javascript 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.5b52d8f9d40b2db6298f.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6411e6dbc0f1dce23d450aaa?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe202abf53bad9d94579af8970df45a80825ce2f107db690c1d71278826d157

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: yuPzqdVejh3V/xKTkpP2yw==
age: 3933049
cf-polished: origSize=159436
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 15 Mar 2023 09:37:34 GMT
server: cloudflare
etag: W/"0x8DB2538E82092A4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d54ebb90-b01e-0058-1137-573579000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7bfcc1427891713f-YUL

GET
H/1.1 200
OK style.css
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 1 KB
741 B 43ms
23ms Stylesheet
text/css 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/style.css
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 927171ed702f41bc4e96437ea16eeac8dede0dc72e06b62a4aff240c2905561d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-470"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 425

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 217D 57 KB
23 KB 92ms
37ms Script
text/javascript 2607:f8b0:4006:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 03:38:58 GMT

GET
H/1.1 200
OK coffee-1.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 64 KB
64 KB 36ms
36ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/coffee-1.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: f786f45222cb81815708434be558757639ce56411529bbde6e761906a1f43bac

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-fee8"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65256

GET
H/1.1 200
OK txt1-1.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 2 KB
2 KB 22ms
22ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/txt1-1.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 6bb6f83a657b837f82dd8a9f1e6717d4cd964fd1d86060da7ca5f0a31b2bbc71

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-794"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1940

GET
H/1.1 200
OK txt1-2.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 3 KB
3 KB 27ms
26ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/txt1-2.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 5063f8d87bce8da6151e0d297e0c3e3c62cfa8226894a6bd8e9f28c2639f837a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-a75"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2677

GET
H/1.1 200
OK txt2-2.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 3 KB
4 KB 23ms
23ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/txt2-2.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 8ff624c0f46a8b526b363680c8d530da7fb8012fa47a8c68a540cd9d86a43e3f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-de6"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3558

GET
H/1.1 200
OK txt3-1.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 2 KB
3 KB 127ms
43ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/txt3-1.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: b5c67bf2e5937e76b23fcb546924e24f303de9e988ca95d7553b57f58fbfadfc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-9b8"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2488

GET
H/1.1 200
OK txt3-2.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 3 KB
3 KB 122ms
34ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/txt3-2.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 2b3d1be68f8b27a5cd0c0f5926bbb9b88362d4e3c07e1471256ffb769e4ae35b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-cc7"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3271

GET
H/1.1 200
OK coffee-1-1.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 19 KB
19 KB 137ms
36ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/coffee-1-1.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: a9e26e54848b684fa831d06e995e18a830ea8adfa82641e476c46a5368a56c69

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-4bf1"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19441

GET
H/1.1 200
OK coffee-2.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 26 KB
26 KB 163ms
33ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/coffee-2.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 380f5092d76981a9d6c240ee9be0b2b2fcc7cf30886ee49d7ecdc19d734230f5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-677a"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26490

GET
H/1.1 200
OK coffee-3.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 22 KB
22 KB 123ms
44ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/coffee-3.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 95d4bf8170d74d5467a1dc97e3649dcd3f5292f568236cc6441f9e105e9e4190

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-5699"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22169

GET
H/1.1 200
OK legal.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 2 KB
2 KB 96ms
26ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/legal.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: ebb1795588933b545317322099c39981c69f2d25736f11b3bf5f7c50a5b71af1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-7c0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1984

GET
H/1.1 200
OK logo.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 3 KB
3 KB 76ms
23ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/logo.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: a0ebc8daa8fb15b4b1810052b40a37cd9fc66bf89874894d8126c4dea48ee818

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-ad5"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2773

GET
H/1.1 200
OK cta.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 2 KB
3 KB 84ms
30ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/cta.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 77727e8106e018227cbc90cbe2761b38ac3a09079ccd1a1015ecbfd253a2a155

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-9f8"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2552

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 80E3 0
216 B 53ms
53ms XHR
text/plain 2600:9000:2507:a200:10:43f:4352:ad61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2507:a200:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 a4183ed156210b7ee2a8130a2e031ad4.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD58-P7
content-length: 0
x-amz-cf-id: 4wI2n6L9PhRWPwVfqCej8LLVuNXIE2pEs93BDVEt5Yy2WkaJq2hm9w==
x-cache: Miss from cloudfront

GET
H2 200 moatad.js Show response
z.moatads.com/millennialnexageinapp768429046591/ Frame 80E3 330 KB
112 KB 23ms
21ms Script
application/x-javascript 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/millennialnexageinapp768429046591/moatad.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: db643845996600e7c9f288e918e6521721aa2ee46a6307bcd16dce6287db85db

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:54:00 GMT
server: AmazonS3
x-amz-request-id: 4ZA8WEA4M85RC5A7
etag: "b27da5bffc37ad805984ae6f69bf00c6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=25021
accept-ranges: bytes
content-length: 113977
x-amz-id-2: NTE7IHx69IL29anrbpPARCI6d14gbAPy7S66iim3hp2Pr713LyvNK70nhKPF3u6H0Mwwo1tTpBU=

GET
H/1.1 200
OK cache Show response
prebid-ny.casalemedia.com/prebid-cache/ Frame 80E3 10 KB
5 KB 19ms
18ms Script
application/xml 192.40.39.248
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-ny.casalemedia.com/prebid-cache/cache?uuid=1a3a1bea-84be-4c03-9111-bd5845fe1538&iurl=37ef842e-02dd-4c1a-8f94-7f85fed42e40&ap=0.12&source=audit
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.40.39.248 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: nginx/1.19.9 /
Resource Hash: 947ddb329f5109c8d916629d85865a456b2c1bd513514e2d13a353ed6995ce5d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Content-Encoding: gzip
Server: nginx/1.19.9
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/xml

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 80E3 2 KB
3 KB 28ms
27ms Script
application/javascript 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=56557,58255,58456,58280,55853,58301,58309,55936,58506,58160,58601,58557&referrer=&limit=12&us_privacy=null&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

81cb71467cf796d3b014e5fa7de13ce3441c930e58716a8121bede8a56519a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame 80E3 69 KB
16 KB 31ms
30ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WRWCTJ258ECY2D8Z
age: 6726
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: Rotpk5MOCxjiyWZ9j8VwsmO1ta/cazG8Ee89PBMLt86SOxPr9/V3h9xoIc9aEMYMDB46xuSQVIU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 adfeedback-1.0.108.js Show response
s.yimg.com/cb/af/ Frame 80E3 129 KB
32 KB 32ms
31ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cb/af/adfeedback-1.0.108.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: FR3PQ9871MYCWW9R
age: 4501
x-amz-server-side-encryption: AES256
x-amz-id-2: fyaoKcJv4mBUQPBI0gFyZlSATAsmOvCu8h0gKdyQa6wF7h6XN44E4GgOqe59uuCmfidbWhi1mGw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 01:19:31 GMT
server: ATS
etag: "dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H/1.1 200
OK style.css
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 994 B
732 B 38ms
38ms Stylesheet
text/css 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/style.css
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 312ba629e189cfcb503f6ab65cbf3dd465477ecc8848adc6a2b6e74a61742a45

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-3e2"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 416

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9D04 57 KB
23 KB 55ms
54ms Script
text/javascript 2607:f8b0:4006:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 03:38:58 GMT

GET
H/1.1 200
OK coffee-1.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 36 KB
36 KB 26ms
25ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/coffee-1.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 2a0e5dd526ac88d271ba82edffa5e3466ff353b5cb41a8e7f859253be858c69f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-8e36"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36406

GET
H/1.1 200
OK txt1-1.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 856 B
1 KB 23ms
23ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/txt1-1.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 0127c0cc309f80de600b02352dab75b89747edce2aec9ee3fc35d776dc3d4363

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-358"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 856

GET
H/1.1 200
OK txt1-2.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 1 KB
1 KB 124ms
37ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/txt1-2.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 72984bb925c9991bc10312db0be50b2f62310af60405ba531df1dd05f13e718d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-4db"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1243

GET
H/1.1 200
OK txt2-2.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 959 B
1 KB 168ms
38ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/txt2-2.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: fc186ecd3bff41b61f8d27585c0957072220c25f5e1670e84bf2cead1cae1570

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-3bf"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 959

GET
H/1.1 200
OK txt2-3.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 1 KB
1 KB 152ms
22ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/txt2-3.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 743a1a86660207959451fe6ebf18f57b3b813b82d9e6d6072fcb4f89c2220048

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-439"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1081

GET
H/1.1 200
OK txt3-1.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 1 KB
1 KB 153ms
23ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/txt3-1.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 4614d2b1db3af5d06cf4030a79fe0b23b65a1d2b5c77ab7faaec372fbe9611df

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-42e"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1070

GET
H/1.1 200
OK txt3-2.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 2 KB
2 KB 151ms
21ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/txt3-2.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: b2c77f588fc4ade464464e36c06ae9172cff75fddffbdf79ea5d6e3612345cfe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-617"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1559

GET
H/1.1 200
OK coffee-1-1.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 11 KB
11 KB 53ms
42ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/coffee-1-1.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 54c4bc2715c83cb5f7e1fead63b1024880440d894a4287efa914315eef974929

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-2a84"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10884

GET
H/1.1 200
OK coffee-2.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 9 KB
9 KB 43ms
32ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/coffee-2.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 950b4034fdf5809c051dbe6e3ea5615f07cab70d8bbbc0fa7946d9c49211b93d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-225a"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8794

GET
H/1.1 200
OK coffee-3.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 10 KB
10 KB 77ms
26ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/coffee-3.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 39cea4ad44e6e42a2d0d0eafc6d07b2b77608874e16166918498468916206a5c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-284b"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10315

GET
H/1.1 200
OK coffee-4.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 10 KB
10 KB 48ms
32ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/coffee-4.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 2af789c015870b13cb4ab4ca55d75bfca349ad5a163be8c5135518b9b7ef51d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-281d"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10269

GET
H/1.1 200
OK coffee-5.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 11 KB
11 KB 52ms
23ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/coffee-5.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 844e6e097f70d5938b028d64f70b2f94befce948a56a1a9ac4e30f9147b36136

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-2c3e"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11326

GET
H/1.1 200
OK legal.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 759 B
1 KB 69ms
24ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/legal.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 5a67791963b378c89c0abf29e732790c09768576c6b9295ade1a366bfdeadc9d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-2f7"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 759

GET
H/1.1 200
OK logo.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 2 KB
2 KB 118ms
85ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/logo.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 2192310576ec8cccec85c93dfdc3671a18d9a62efea1bea3c94869519ef9ada1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-664"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1636

GET
H/1.1 200
OK cta.png
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/ Frame 9D04 1 KB
1 KB 75ms
26ms Image
image/png 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/cta.png
Requested by: Host: resource.ecdrsvc.com
URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 0aa20c178349c13ec0e7ce2ea3fedfc562a14cc1e46d50d5704ef865f1270fb6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1/index.html?tid=8025339&sid=6025354&guid=82593830203&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025339%26iid%3D89b1d131-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D80e3c9be-90de-41e5-b9a1-327f13b387fd%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:58 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-423"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1059

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 80E3 110 B
286 B 440ms
42ms Script
text/html 18.117.20.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=4243053063&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-teJyB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-Iw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=MILLENNIALNEXAGEINAPP1&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fnews.yahoo.com&lp=https%3A%2F%2Fnews.yahoo.com&t=1682825938420&de=685618450416&m=0&ar=81c6b5a9873-clean&iw=44b2edf&q=2&cb=0&ym=0&cu=1682825938420&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=14146%3AIndex%20Exchange%3A3593822%3A19512475&zGSRC=1&gu=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&id=1&ii=3&bo=217738&bd=783368&zMoatOrigSlicer1=217738&zMoatOrigSlicer2=783368&zMoatDomain=yahoo.com&zMoatSubdomain=news.yahoo.com&gw=millennialnexageinapp768429046591&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=203238&na=1764844174&cs=0&ord=1682825938420&jv=728039011&callback=DOMlessLLDcallback_23782685
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.117.20.224 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-117-20-224.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: bbdd94a6ea64870f5e0df75ef2162348aa80dbb1ad9396ec90f2c7548eb04c4f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "1f687e73ef2ba460cd4c4f698f90fa3747bd04bd"
content-length: 110
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame 80E3 43 B
330 B 20ms
20ms Image
image/gif 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MILLENNIALNEXAGEINAPP1&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fnews.yahoo.com&lp=https%3A%2F%2Fnews.yahoo.com&t=1682825938420&de=685618450416&m=0&ar=81c6b5a9873-clean&iw=44b2edf&q=3&cb=0&ym=0&cu=1682825938420&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=14146%3AIndex%20Exchange%3A3593822%3A19512475&zGSRC=1&gu=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&id=1&ii=3&bo=217738&bd=783368&zMoatOrigSlicer1=217738&zMoatOrigSlicer2=783368&zMoatDomain=yahoo.com&zMoatSubdomain=news.yahoo.com&gw=millennialnexageinapp768429046591&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=203238&na=850977476&cs=0
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
x-check-cacheable: YES
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-pragma-client-ip: 10.33.41.138, 12.90.221.210
x-serial: 1
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:38:58 GMT

GET
H2 200 adEvent.do Show response
us-east-1-web-oao.ssp.yahoo.com/admax/ Frame 80E3 43 B
265 B 26ms
25ms XHR
image/gif 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-east-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770771327&dcn=brxd4464051&posi=783368&grp=%3F%3F%3F&nl=1682825938068&rts=1682825937829&pix=1&et=1&a=27d913f3485d5a9eb261b09fdc49e183c53354-0&m=aXAtMTAtMjItNS0yNDA.&p=MC4wMDAxMg&b=MTQxNDY7SW5kZXggRXhjaGFuZ2U7dmlkZW90cm9uLmNvbTs7OzthN2EwYmI0ZWUyOGY0Y2Q4OWNlODAwNmNkMTZmNzNjNzsxMTM3NDA7MTY4MjgyMTg0Nzs7MC4wMDAxMjs7MDs7MTk1MTI0NzU7ZTM3ZjczYmZmYTcwMTI5NjJmZDE1ZTYzYmY2ZGNiMDM2Zjg2NWU2ZTsxOzE7&uid=y-gVYBFW9E2rNEjqmbL1V7UaLrMqne_O1gSI39vbJalBZ1%7EA&tsrctype=2&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxDQU4.&hb=true&type=5&bkts=MjkjMTIw&af=2&brxdPublisherId=20459933223&brxdSiteId=4464051&brxdSectionId=149676551&dety=2
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
last-modified: Thu, 27 Apr 2023 00:31:38 GMT
server: ATS/9.1.10.25
age: 0
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://jac.yahoosandbox.com
accept-ranges: bytes
content-length: 43

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5DD1 663 B
591 B 116ms
55ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLaZGhCq47ECGO_irW8wAQ&v=APEucNXy2Bn7E1iUA64D9lNmnNYr-PjMygecs3DZsVXL_SEzMvWdym5JeUI_18yvSfJpcTfrgBcMJMrm-gpWgmR8NurVS8EHow

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 03:38:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 80E3 78 KB
28 KB 99ms
50ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 03:38:58 GMT

GET
H/1.1 200
OK v1
a491.casalemedia.com/impression/ Frame 80E3 43 B
303 B 80ms
19ms Image
image/gif 209.204.232.43
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a491.casalemedia.com/impression/v1?bidID=b119fa13-d7ad-440e-8d5e-34860bd0fdfd&traceID=ch6u5kf1k2kvl8fpdf2g&dspID=85&userID=ZE3i0bSC4Us4CNLOagYBPAAA&cmpro=1392&deviceType=2&expiryTime=1682826538&profileIDs=&ap=${AUCTION_PRICE}&siteID=895337&creativeID=129bc9b&pubID=183875&format=banner&channel=site
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.204.232.43 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80E3 42 B
111 B 87ms
39ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AglRBboEGKsxdRezwofHdchF3y5_R5xh5SjWjP3hFNQfJ_HdwZMQLhK_5jjEWPvXSX5wjx27InLU95Kgl5-EGibMTISQSVz18boDlMwvtC0pcHcBo

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80E3 0
350 B 87ms
39ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7809418477920863265&x=13&ct=76

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame A3A3 7 KB
3 KB 131ms
50ms Script
text/javascript 18.172.134.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=qsus68b_zcnuy12_5dcnkl2a&w=728&h=90&c=tradedesk01cont1&js=pmw1&base=te-clr1-4112da1c-3cec-422b-a3b5-22e3de362e5d&sid=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.134.90 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-134-90.ord56.r.cloudfront.net

Software

nginx /

Resource Hash

ad8bdd9c577fc10c8ca958a5bcd4ef26cd0f907b4b76034c1f1842aed528accb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 28ed87dfd4b7048158850cc507f867ba.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: ORD56-P7
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2413
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: PO153XKe_hFM2gPy-CJ_0WGTQsHawTZUygJnoKSAewspFiRTMRUNnw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame A3A3 38 KB
12 KB 121ms
41ms Script
text/javascript 18.172.134.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=qsus68b_zcnuy12_5dcnkl2a&w=728&h=90&c=tradedesk01cont1&js=pmw2

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.134.90 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-134-90.ord56.r.cloudfront.net

Software

nginx /

Resource Hash

e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 28ed87dfd4b7048158850cc507f867ba.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: ORD56-P7
cross-origin-embedder-policy: unsafe-none
age: 7411
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: zWDKzpelRhagkxahtna5B9KVmd2qwDuhFUE4bgbCz5rXZ0gp0YXtUQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame A3A3 43 B
1 KB 132ms
52ms Image
image/gif 18.172.134.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=qsus68b_zcnuy12_5dcnkl2a&w=728&h=90&c=3fc9

Requested by

Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.134.90 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-134-90.ord56.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via: 1.1 28ed87dfd4b7048158850cc507f867ba.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P7
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: ir6r7ZGZNKMomofjLkff-mtFSs_4pE78l5ygEtCqvk0HVv70GesaYA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 22C4 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 408ae7ca-9480-474d-9035-59d001ea9f4d Show response
https://c.bannerflow.net/ Frame 6CA3 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c.bannerflow.net/408ae7ca-9480-474d-9035-59d001ea9f4d
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.5b52d8f9d40b2db6298f.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 22C4 6 KB
6 KB 17ms
17ms Font
font/woff 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e73613e90c3a5081c4865b7%2F8bda3a54-36b9-49b9-b62f-05360d359bde.woff&t=%20%26%2B19ACOPRTabcdeilnoprsty%7C
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f79c34b8f417cf7280dd25b165606e23a07afec7b95e42ad48376a5e698906c0

Request headers

Referer: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
Origin: https://c.bannerflow.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 15 Mar 2023 23:20:07 GMT
server: cloudflare
age: 3903452
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=8bda3a54-36b9-49b9-b62f-05360d359bde-subset.woff
cf-ray: 7bfcc143fa69713f-YUL
expires: Thu, 14 Mar 2024 23:20:07 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 22C4 6 KB
6 KB 24ms
19ms Font
font/woff 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e73613e90c3a5081c4865b7%2F80fd968b-9167-402d-87c7-ef15cc609e24.woff&t=%20%26DENSUacdefgilmnoprsvwx
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34e201d305ce199006e712b04b7e8d7257dd6dbb63bc53b6e82a5a9d1f1a6cc8

Request headers

Referer: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
Origin: https://c.bannerflow.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Apr 2023 23:40:25 GMT
server: cloudflare
age: 1482805
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=80fd968b-9167-402d-87c7-ef15cc609e24-subset.woff
cf-ray: 7bfcc1445b01713f-YUL
expires: Thu, 11 Apr 2024 23:40:25 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame 5DD1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEFKM5nbQz-EB9m2eBPa4vMc&google_cver=1

43 B
535 B

210ms
23ms

Image
image/gif

146.20.128.158
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEFKM5nbQz-EB9m2eBPa4vMc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLaZGhCq47ECGO_irW8wAQ&v=APEucNXy2Bn7E1iUA64D9lNmnNYr-PjMygecs3DZsVXL_SEzMvWdym5JeUI_18yvSfJpcTfrgBcMJMrm-gpWgmR8NurVS8EHow
Protocol: H2
Server: 146.20.128.158 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEFKM5nbQz-EB9m2eBPa4vMc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5DD1
Redirect Chain

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=SWZLRkxGdmgydFk

170 B
188 B

38ms
38ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=SWZLRkxGdmgydFk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLaZGhCq47ECGO_irW8wAQ&v=APEucNXy2Bn7E1iUA64D9lNmnNYr-PjMygecs3DZsVXL_SEzMvWdym5JeUI_18yvSfJpcTfrgBcMJMrm-gpWgmR8NurVS8EHow

Protocol

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 30 Apr 2023 03:38:58 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=SWZLRkxGdmgydFk
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5DD1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1

43 B
632 B

19ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLaZGhCq47ECGO_irW8wAQ&v=APEucNXy2Bn7E1iUA64D9lNmnNYr-PjMygecs3DZsVXL_SEzMvWdym5JeUI_18yvSfJpcTfrgBcMJMrm-gpWgmR8NurVS8EHow
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5DD1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE3i0bSC4Us4CNLOagYBPAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1

43 B
632 B

19ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLaZGhCq47ECGO_irW8wAQ&v=APEucNXy2Bn7E1iUA64D9lNmnNYr-PjMygecs3DZsVXL_SEzMvWdym5JeUI_18yvSfJpcTfrgBcMJMrm-gpWgmR8NurVS8EHow
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80E3 0
57 B 37ms
36ms Ping
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7992006656468&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80E3 0
57 B 36ms
19ms Ping
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7992006656468&version=m202301230201&ct=76&x=13&cor=7809418477920863000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 80E3 71 KB
34 KB 80ms
71ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJOpIhNkt3noadjoMqIq5Jm4I6BOWWxMJuT4WX_Tb8KIgdk9WYBuV7DJlAXiCa5iicYuUMzPOL2TSe9ynhmlo1fZkpqm16sGulSvxSE1CzOpZPf-e0EHkhl4Exz7yc-vYUHcOnZtV4VfGauApefCOXzY9YN4pfwtiAZsZjSvPnxUWC1aQ&dbm_d=AKAmf-DNT00aSjeAf8ft4YDtYqqcmeh0ppH2szsZS9SwA61socAyCtJZlU-XovoSK6atVDfHE4b_zM1Hc_wQ7zCQY2uoKC2Uo4c2Fh1xZGgTG8746uyqzH2dLSJKefNFTDGiAvPzuNuuKp5oJcgAbVwwFXZDJEiADYkqmgpxe9O_nMcyk7HJUHanvzh2CgPQt_GkmowxBLSuqn50lo7qT-0wrrtktTcBIG_oOboWt8cV0E6Z2MadKIkGKYQQvUbttF7FcZSG3Bex00mOXQAUIZicbdw5gWIN1kkImDspMDpb0-mfHhCwgaT2g8bg5milo7MfyZlEQ-dtxDTWrMzRl1faxyZNjNE7JxwEuctYWT02zNsm788cnaAJmtuJXfUtBvzVw0YY0ZF8L-HoO3z-GvrjI81fm2OeEaY8kSYR3e8VzPUpuTs0Je558cTAL48nBy0AehmwcW7AZ0h8pDAv7uYe1Zw3V859KavKiVYGN8Uujd3L3EZoOSMMeGVcReDRsstFD0cAaB3sPF6oKRMDomQKWUucaBFK8qroWL5QrBTzTk401cpp4YNEHiWnOw2HuARwi0ZoTtwcNZzZ5KDBnjnQwdRAjeEK85pVPFPwQy9qni2z24LgxqUG1kL4Lc1LAficMqxpXz0wILp1JsktcKt1zJWWV3d7AZWMqB_724mK3FHB2KQIkKG-zZuUWRDeqqHGQdCR9T3FS6Qw9ZQSl__-L1euoNI5Lrv6N0lEi7r3z3Ei00XkIJGEAY7zv6fo5QysYq4sLiznn422MfJOqye19gCdXO0XUC_uoHMhUPFEK378wMeoSOeH4wnzt-MCrDWQ00ZC0oAs2j2VDUrGVpeWu-iWN6jL6hNIzEHLFh3WXL-rHgI4z0j3PoCxF_Uf95wlxvvHduBz46zIXsR0dVHcWqtHmfNfbwq-WpZyW0zGneRRgQ-Hgeriyxb-qGyJBVJHdGlXBBo4qYeoAl6_NxJwiOVVSsny-U4HJhRUJbCQ9YmvioIKuqEIXD4WrJkW2QOITffcpVRBvSrRdVOZgsJyEqOtvrB-l05MxDqxO9RLIgHnVhvtSkqkMcJLymiT-waL_6JcXZ23axxduTzwm8TiqvaXXrGB-r_Kim9oteZFN-NVbefu_WhM4ZUP1koGzOGDbL-j-UI47Wr__LI_pJJyKRLVLnFC_8eV0rjAxzAYA_ASxEpi5trEo66XVY7g1Ej0XKbljPJTX_wEL08lr8s-SBtbbafLsWzOZx9Kh8F087aGcTFo1TIC6_RQAqC0N0Z_gz4KP3Ic9b4rZuzEQ9ZdCr-FCKeTaXfEG_hzknoKiDGp1hAei07aWHsO-xH2pnbHPxY-wKYKgjbPjML06Y5uoF8tfgE2sg1QuvTX5KNMGtVg5VyX-xFx587lyJnm-0A7wqEFB4opOcUp_Dej-YY5C7q2Z8FdFbbQu8NYxR2EP_nDNK8QHa3vszmtnNA0r2E9T2a09AnyfmgQ4WZNMLjNggJLyfq0QLH-e3S20pt-igOIjV_bvs51fHe114RXSaVzaM-kdCz0fBleevfpcmbOeQPj9wNF-HeiaDY9OZwwkMS7U0MCaYbv0DvFVCaCnMoJM04de8HjCcYMaCpQnjirI0GOHMII4dhmsJJo1MNHbPC9fMnxpQnNtvR1nTTtE8peFwoHZDI-UT9CS5ufoHVGTd2LdR8tgm2eEvspcJeU4_rs6nwXfZQhMkjhvuPzikyASUByru0WIh2uJZLHUrdiy_ZOPZ6QJj1NnlrKWON1VZ3qXN1FGlf5svH0hLgdhjWFIshRk8X1-CVXyYlWOjXW910CKVwjUIwpQ5j2wBP0qLDuGLIkjIBf_ZST2G2krn-13Tu9Itqzs4aQ7zcxOgJqWfSTd22Gl39wd8ShjeWizM8PDanPY1cCL5WxqpNwwxHX0o5ErO7a2TsA7NoKUOMSTKSKb4lNK7q63069SXIFU6cqfW0698F3hsmeBSuTAqfPSuQRuiNBKPOfqLu714qtQFthf23itX3xQakMCMtxfY_1W_3G6Z79LaORphLvAh8cjx_8g4He2WoWjB4AXJNfvgC5Bu63A78yMjY3IKLoyXGAqHYRcI0O1trF0A3uM1whHl2RCmQjxgML0SpVz2XrIzjp2G1MOA96J-0zJp1PdEp-BjRN9ntBUirp30FrsZ9l9pRtSTw4KFSA7g8nYQT15smPvGBpgdw--VIp2zBv4d-cMbepWF8KAjD1416NtrCnO70WvapUf6oHBBDdvyYv42-6cbmnAWJu7G6CjUxDoi5JHBbRhDY_z9BZ8uzFVoRiF6leHiFtsCMXtPFaVjkzp4lhJaUfX0O8F39i6nkMaqMF84eijrRcaNIOEKQY5EjamTKm8eyzeKxj2TWkeFP0jpiwb_1ttBWuJY2vo_RGipaM68oXeFgP7iSat-sgLpAr0-ReBE9J3U76UQT_weGbRHFJ_Ah7GQ4rOrX7g_H01TOqz-DNw8n1xQzNbwyG7XDZ8qmyyr6_0fS2CqSePnU0GGEis48u04Hgr6-T9_ycf2U0LVWCWUSxld4MAIDvrc1DjuuQ5vITa3fip2sfxjwcYYKvZcja2bi1kGtPe6Ui31dBBOwoIE-2VU2ggJRVYbbWQpgIfWFZuj27rMuDMovr863YPx8rdhRRgGBR1mFV6zqmc1dMTo-xkMMdnn-q2TlIlFtX8YVouVS2v3fI201B2bhlNSWuKFVDRwUNcwlU5ivsu4-WKKvw23Ql7CPyr0dVPPloxlyr7jb1l7AHKmGM91jI6v2kBkPppSL0eGSlH7sM3shOf9UzWu7RnxLCXQNNuPqjkuN_FTAqe4HhxczII2tYeR2GJhijRUgsua0KooXtsQPO2NBByHgUlXs4uyK2kvZ5ujj7W-R8RtvAJmpy2wqlhy-xE2E8c_L6ZA4LCtiehB3ptD_YivGdiYughGrsG8Tx3X8MKFCMzYlmuHVDBZ9gMROgqfhwPcep4A4DwPSkN-j-ezzU6ELGRV_XhZrXHyzstJjTlBsxNMty5-hDPawefohzooaujv1xTp0bEc88-HiOsR68DXg8YezZghxKso__VzgoQuyChATOeF1cpQJ8r2fTniSIU8G1KeQXEmw9f7TGDhtqX_mkWJAE1zH6Nudlb06hm4f8be66AeMyLv202prOhcZmKvvF951EPdQxUR_QC3jV3hi5vZhDAX2ue3Drs08UpwOzOvLL6r_wkgOwc3XV2YmpxAOr3l5jImxy4bm5bPmcbtsSuNP_mX6RQCMI-VKIYQtlrbn54sCpTodVRUXDX2-mg5RE4tgbnSSlPv601TND7k6m_HxBR1GVrtGoz0yPpxl2cEeGINgOPXTcz831JAFa-4w_ZaRtw6ZUUxAMLTA&pr=13%3AZE3i0gAAAAAmDsBBy4XOTZqkfcki8MSP0mPVoQ&cid=CAQSKQBygQiDEQaTf9_N9FTlPYJF42kzagV1jaFyRbrhA6YziRbPbFu3uK0XGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&ds=l&xdt=1&iif=1&cor=7809418477920863000&adk=1723620398&idt=111&cac=0&dtd=6

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ef1dec25a77aa82cab7f648bf3b512c93b126f677b0a405d64d4c44f2800edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34479
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4cb09f83-ed08-4240-b67d-fdd1afe25cad.svg
c.bannerflow.net/accounts/megalotto/5f7472ffab198f201c14e16d/images/ Frame 650E 21 KB
7 KB 20ms
19ms Image
image/svg+xml 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/megalotto/5f7472ffab198f201c14e16d/images/4cb09f83-ed08-4240-b67d-fdd1afe25cad.svg
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d232d0933c08ae3db31bcd206c5a05ccdb76b98437f223098a4b907da1a11e8b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 6zHh1wkYfOoJOwk9oL9Urw==
age: 62
x-ms-lease-status: unlocked
last-modified: Tue, 31 Jan 2023 10:33:37 GMT
server: cloudflare
etag: W/"0x8DB03769D17221E"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 171d93c5-e01e-007a-0c94-57f066000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7bfcc144bbd2713f-YUL

GET
H2 200 426b3244-50a5-49ba-89c9-9c45eb413f16.svg
c.bannerflow.net/accounts/megalotto/5f7472ffab198f201c14e16d/images/ Frame 650E 7 KB
3 KB 22ms
21ms Image
image/svg+xml 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/megalotto/5f7472ffab198f201c14e16d/images/426b3244-50a5-49ba-89c9-9c45eb413f16.svg
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db0c2cb5ec6c78105f4a5abc470c9a3455e2fa162e6455c666261cbe4cfb6a29

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: KtmPNrfMr04dn1CB/UHAdg==
age: 727
x-ms-lease-status: unlocked
last-modified: Tue, 31 Jan 2023 10:37:37 GMT
server: cloudflare
etag: W/"0x8DB03772C16002F"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a8b84482-501e-0040-2894-57ea1e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7bfcc144bbd5713f-YUL

GET
H2 200 get
choices.trustarc.com/ Frame A3A3 287 B
637 B 29ms
28ms Image
image/png 18.172.134.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.134.90 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-134-90.ord56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Apr 2023 06:59:34 GMT
via: 1.1 28ed87dfd4b7048158850cc507f867ba.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: ORD56-P7
age: 419964
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 287
x-amz-cf-id: X8UgRsFu7vV4d8JHWXeFliayW46tASMi2cHigyEU9EDntTwAoeFsEw==
expires: Thu, 25 May 2023 06:59:34 GMT

GET
H2 206 CasinoDays_Digital_1080x1080_MALE02.mp4
cdn-rhino.b-cdn.net/videos/ Frame 9A4D 399 KB
0 198ms
47ms Media
video/mp4 2400:52e0:1a00::845:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-rhino.b-cdn.net/videos/CasinoDays_Digital_1080x1080_MALE02.mp4
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-845 /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
cdn-edgestorageid: 1029
cdn-storageserver: DE-168
Content-Range: bytes 0-1302125/1302126
cdn-cachedat: 03/15/2023 22:30:17
cdn-pullzone: 432439
Content-Length: 1302126
last-modified: Tue, 03 Jan 2023 10:41:23 GMT
server: BunnyCDN-IL1-845
cdn-fileserver: 90
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp4
cdn-cache: HIT
cdn-uid: 632776cd-0e27-4f2f-9e50-6a233f7e45c4
cache-control: public, max-age=31919000
cdn-requestid: 3504ef258814833dfbb0b8635203aecb
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pixel.gif
px.moatads.com/ Frame 98EE 43 B
330 B 25ms
25ms Image
image/gif 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fresource.ecdrsvc.com%2Fapi%2Fapi%2F7000998%2FPCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x250_v1%2Findex.html%3Ftid%3D8025339%26sid%3D6025354%26guid%3D82593830203%26clicktag%3Dhttps%253A%252F%252Fadsvr.ecdrsvc.com%252Fc%252F%253FtokenID%253D8025339%2526iid%253D89b1d131-e708-11ed-b713-2954332e98f5%2526type%253D1%2526oid%253D80e3c9be-90de-41e5-b9a1-327f13b387fd%2526cn%253D0%26oob%3Dundefined&i=LOBLAW_DISPLAY1&ol=4243053063&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-b34pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-sXZ5VnlY3Ncxlw%3D%3D&sc=1&os=1-vw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&id=1&ii=3&f=1&j=https%3A%2F%2Fnews.yahoo.com&lp=https%3A%2F%2Fnews.yahoo.com&t=1682825938179&de=158958691464&cu=1682825938179&m=588&ar=81c6b5a9873-clean&iw=fee3009&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=268&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A1088%3A315&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=148&cd=0&ah=148&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=PC%20Masterbrand%3A2023_02605_LM_14_Q4_PCMB-Q2-CONSID-THINK-PC%20Coffee_AW_CA_EN-FR_DISPLAY-OLV_1PD%3A14_PCMB-Q1-CONSID-PC%20Coffee_DISP_MediaAisle_OPN_HTML5_CPM_000700_ROC_EN_Mass_OE%3A&bo=Display&bd=300x250&gw=loblawdspdisplay883108631098&zMoatOrigSlicer1=Display&zMoatOrigSlicer2=300x250&zMoatDomain=yahoo.com&zMoatSubdomain=news.yahoo.com&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=203238&na=1348804556&cs=0
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
x-check-cacheable: YES
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-pragma-client-ip: 10.33.41.138, 12.90.221.210
x-serial: 1
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:38:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 80E3 28 KB
11 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 10:37:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10878
x-xss-protection: 0
server: cafe
etag: 6410051166583139006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 10:37:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80E3 158 KB
49 KB 141ms
36ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Apr 2023 03:38:58 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 80E3 11 KB
4 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 10:37:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 10:37:51 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 80E3 0
0 151ms
48ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudHv8DbaaSPi_FtY8ZafObRqFYDvlOFAHuf0s89I-hCbK5B2swaSTvI-1angyEIpXvf5p7TKmC7TLlS-IX-ddCDvSPbxFJqRWza0ZUb_ffkE1uRT5Om2tuuDRYnpM9v-_WKhbX7RMXVB8FQ41pwjHFgULTp6YhVkQMUzJObgnOpt9zlNtzHjPICFXRlYRpuRVwcKiAOHOV_Kdo5Vwmo8y-lSbyALGyCzz_71VfPTFtRwQ_ER-dGMgnrweD92QQkd0lmNWF2BEQvAd3qnrxMWtmnHGfjR6WUwbexLMHeDKHRQ1eA8q_Mo9PHhYtIgkyhE_JEfelAoiS3Jn6VpJK4UYF-8dcGNcU8f8ZGABbsz5f7MgacmqJ6MCbDimLAKVxYgm3gwo2t_Y1s1BQEiRHFhdSibBaNwo7n1a1H92x33I2J2ehFf0cnp0_NDwuVOvhoyklNipKOeipdL52YbEvii4YXlHCrEZO1E2GMEF0-IzEZi2ROOu8Ka_fpVhHk3NmAg5QULwVOEkslRBFunV7lR2RYWla5f_nV9uQ9XYgIJUzuODQPZye1LX7fi9gJTkmTnO5UZ8syM1-9d4ARARvkcLFFALqc4mRhfn4fhKrtiuERgtP8rQqYKUqUwr2NIvwlD9-tzf9pATJftbu8TpPm2D03yi1Q5ohpQJg7_aVZxhgcvMqdK2K-lava9TSvER10dB6Pw9XTZ50UBsSGhdEHhFWNPdEqlKcD4NAI_cB_heTf5nOw3exu7sRV0tMoGMqzkpUiyJmH9qFIc4pasK4s1tpt7GqmilqqiB6qynGa6ECb-24wbELj830gggawFZ626ggum-zKTyODyFsmyuHnFBGOnGb8KJ0yxu42s8w5uh4x6eRGaYCt73xlqqcH2HrW-rAe7vcelJAoydfW2IH4p_v5HJ7E3QDVqR5miaomGnW63Sa39CeQ7Jh0XfrcxOZaICreFb8gCl4IiwA1BDPBFodGxg-6LgSPklI0S_-P9FWWJ-cWhxa3V5fDPt-ArPkfhyYsjPKq8KgODHB9hY73G314CyjBF5448Nh51Ov9fPEZaAI6CQznRW8AbL8NuUh_1d9dQYEcBDmvC-TSpBbgp-0CVsWrpVTkI9kk1kw1dTQ5fLUqGVwRmTOo1wDDPvQo-gjTuDU8AH48UfEn3QkZ4Z6X3t5efzLDz5rHTI6TmfUhOKjmmdVQ3R2Iw&sai=AMfl-YQndeVlNCg63frfbX_N3AQbf1nxCe7lfXEFkMBQLVWKlHr64RgLh23jeoo_jebBJ8YAinbHtCv-LPt7RRNtvpYnOFp6vMf4jM1i2-4v1RgzegNdNGTRPSBqKAffpCHW9RxhpvG-RZd6eYEuzz8lBu_LBCzKuc9i6HU0mX74-2Fzh05LFgjISmlJjkJ-B8hDhZyeH7ykdYP9&sig=Cg0ArKJSzGQaZv6D_qljEAE&uach_m=[UACH]&pr=13:ZE3i0gAAAAAmDsBBy4XOTZqkfcki8MSP0mPVoQ&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230426.78554&arae=0&ftch=1&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 30 Apr 2023 03:38:58 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 30 Apr 2023 03:38:58 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 80E3 41 KB
15 KB 121ms
19ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:59:31 GMT

GET
H2 200 12288636848045160295
s0.2mdn.net/simgad/ Frame 80E3 29 KB
29 KB 21ms
20ms Image
image/gif 2607:f8b0:4006:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12288636848045160295

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483b45c4f53740c3a006036313f9bf6b23978fc136812498992b0b50270918f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:40:47 GMT
x-content-type-options: nosniff
age: 75491
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29916
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 14:31:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 06:40:47 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 79AD 43 B
330 B 21ms
20ms Image
image/gif 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fresource.ecdrsvc.com%2Fapi%2Fapi%2F7000998%2FPCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1%2Findex.html%3Ftid%3D8025337%26sid%3D6025352%26guid%3D82593813393%26clicktag%3Dhttps%253A%252F%252Fadsvr.ecdrsvc.com%252Fc%252F%253FtokenID%253D8025337%2526iid%253D89b1f84b-e708-11ed-b713-2954332e98f5%2526type%253D1%2526oid%253D5bc088d2-6c43-469a-a7d3-08764577aa78%2526cn%253D0%26oob%3Dundefined&i=LOBLAW_DISPLAY1&ol=4243053063&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-yWMJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-CyV0nPQ2oUtvHw%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&id=1&ii=3&f=1&j=https%3A%2F%2Fnews.yahoo.com&lp=https%3A%2F%2Fnews.yahoo.com&t=1682825938257&de=793131429498&cu=1682825938257&m=545&ar=81c6b5a9873-clean&iw=fee3009&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=618&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A1048%3A273&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=59&cd=0&ah=59&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=PC%20Masterbrand%3A2023_02605_LM_14_Q4_PCMB-Q2-CONSID-THINK-PC%20Coffee_AW_CA_EN-FR_DISPLAY-OLV_1PD%3A14_PCMB-Q1-CONSID-PC%20Coffee_DISP_MediaAisle_OPN_HTML5_CPM_000700_ROC_EN_Mass_OE%3A&bo=Display&bd=300x600&gw=loblawdspdisplay883108631098&zMoatOrigSlicer1=Display&zMoatOrigSlicer2=300x600&zMoatDomain=yahoo.com&zMoatSubdomain=news.yahoo.com&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=203238&na=444653104&cs=0
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
x-check-cacheable: YES
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-pragma-client-ip: 10.33.41.138, 12.90.221.210
x-serial: 1
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:38:58 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 80E3 0
0 112ms
40ms Fetch
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudHv8DbaaSPi_FtY8ZafObRqFYDvlOFAHuf0s89I-hCbK5B2swaSTvI-1angyEIpXvf5p7TKmC7TLlS-IX-ddCDvSPbxFJqRWza0ZUb_ffkE1uRT5Om2tuuDRYnpM9v-_WKhbX7RMXVB8FQ41pwjHFgULTp6YhVkQMUzJObgnOpt9zlNtzHjPICFXRlYRpuRVwcKiAOHOV_Kdo5Vwmo8y-lSbyALGyCzz_71VfPTFtRwQ_ER-dGMgnrweD92QQkd0lmNWF2BEQvAd3qnrxMWtmnHGfjR6WUwbexLMHeDKHRQ1eA8q_Mo9PHhYtIgkyhE_JEfelAoiS3Jn6VpJK4UYF-8dcGNcU8f8ZGABbsz5f7MgacmqJ6MCbDimLAKVxYgm3gwo2t_Y1s1BQEiRHFhdSibBaNwo7n1a1H92x33I2J2ehFf0cnp0_NDwuVOvhoyklNipKOeipdL52YbEvii4YXlHCrEZO1E2GMEF0-IzEZi2ROOu8Ka_fpVhHk3NmAg5QULwVOEkslRBFunV7lR2RYWla5f_nV9uQ9XYgIJUzuODQPZye1LX7fi9gJTkmTnO5UZ8syM1-9d4ARARvkcLFFALqc4mRhfn4fhKrtiuERgtP8rQqYKUqUwr2NIvwlD9-tzf9pATJftbu8TpPm2D03yi1Q5ohpQJg7_aVZxhgcvMqdK2K-lava9TSvER10dB6Pw9XTZ50UBsSGhdEHhFWNPdEqlKcD4NAI_cB_heTf5nOw3exu7sRV0tMoGMqzkpUiyJmH9qFIc4pasK4s1tpt7GqmilqqiB6qynGa6ECb-24wbELj830gggawFZ626ggum-zKTyODyFsmyuHnFBGOnGb8KJ0yxu42s8w5uh4x6eRGaYCt73xlqqcH2HrW-rAe7vcelJAoydfW2IH4p_v5HJ7E3QDVqR5miaomGnW63Sa39CeQ7Jh0XfrcxOZaICreFb8gCl4IiwA1BDPBFodGxg-6LgSPklI0S_-P9FWWJ-cWhxa3V5fDPt-ArPkfhyYsjPKq8KgODHB9hY73G314CyjBF5448Nh51Ov9fPEZaAI6CQznRW8AbL8NuUh_1d9dQYEcBDmvC-TSpBbgp-0CVsWrpVTkI9kk1kw1dTQ5fLUqGVwRmTOo1wDDPvQo-gjTuDU8AH48UfEn3QkZ4Z6X3t5efzLDz5rHTI6TmfUhOKjmmdVQ3R2Iw&sai=AMfl-YQndeVlNCg63frfbX_N3AQbf1nxCe7lfXEFkMBQLVWKlHr64RgLh23jeoo_jebBJ8YAinbHtCv-LPt7RRNtvpYnOFp6vMf4jM1i2-4v1RgzegNdNGTRPSBqKAffpCHW9RxhpvG-RZd6eYEuzz8lBu_LBCzKuc9i6HU0mX74-2Fzh05LFgjISmlJjkJ-B8hDhZyeH7ykdYP9&sig=Cg0ArKJSzGQaZv6D_qljEAE&uach_m=[UACH]&pr=13:ZE3i0gAAAAAmDsBBy4XOTZqkfcki8MSP0mPVoQ&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=32&vt=11&dtpt=31&dett=2&cstd=0&cisv=r20230426.78554&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 30 Apr 2023 03:38:58 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 0CFB 287 B
638 B 29ms
29ms Image
image/png 18.172.134.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.134.90 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-134-90.ord56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Apr 2023 06:59:34 GMT
via: 1.1 28ed87dfd4b7048158850cc507f867ba.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: ORD56-P7
age: 419964
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 287
x-amz-cf-id: GUQholLujP9heQWPC__KJVJf1ypIcs9F2lF7H1W5LkCjm8FpEMGJNg==
expires: Thu, 25 May 2023 06:59:34 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 0CFB 739 B
1 KB 28ms
28ms Image
image/png 18.172.134.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.134.90 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-134-90.ord56.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Apr 2023 06:30:39 GMT
via: 1.1 28ed87dfd4b7048158850cc507f867ba.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: ORD56-P7
age: 2322499
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: vYI14UGY4WfPgF9-2r3EWtv5lciDi2LdLv-YqVMkEXkYXL_hVeBQSQ==
expires: Wed, 03 May 2023 06:30:39 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 0B37 2 KB
3 KB 25ms
19ms Document
text/html 192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 74cb9edcb17909f63599d4000c08471dcd682f0ece00a1abea267cac04dfe455

Request headers

Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1973
Content-Type: text/html
Date: Sun, 30 Apr 2023 03:38:58 GMT
Expires: 0
Keep-Alive: timeout=1, max=493
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58255/ Frame 80E3
Redirect Chain

https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&gpp_sid=&gpp=&loc=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58255%2Fsync%3Fuid%3D%5BUID%5D%26_origin%3D0%26gdpr%3d0%26gdpr_consent%3d%26gpp_si...
https://ups.analytics.yahoo.com/ups/58255/sync?uid=d8916908-fecc-4207-b68f-82b7928c26ed&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

0
17 B

25ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58255/sync?uid=d8916908-fecc-4207-b68f-82b7928c26ed&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-104
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ups.analytics.yahoo.com/ups/58255/sync?uid=d8916908-fecc-4207-b68f-82b7928c26ed&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

y-SujqHu9E2uFkihFOs0YdFcsIsmDZNDlP~A
pr-bh.ybp.yahoo.com/sync/adtech/ Frame 80E3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58319/sync?_origin=0&redir=true
https://ups.analytics.yahoo.com/ups/58319/sync?_origin=0&uid=y-SujqHu9E2uFkihFOs0YdFcsIsmDZNDlP~A&redir2=true
https://pr-bh.ybp.yahoo.com/sync/adtech/y-SujqHu9E2uFkihFOs0YdFcsIsmDZNDlP~A

43 B
426 B

27ms
27ms

Image
image/gif

2600:1f18:4e9:5a07:c5bd:680d:2822:1831
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adtech/y-SujqHu9E2uFkihFOs0YdFcsIsmDZNDlP~A

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

2600:1f18:4e9:5a07:c5bd:680d:2822:1831 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/adtech/y-SujqHu9E2uFkihFOs0YdFcsIsmDZNDlP~A
date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/56551/ Frame 80E3
Redirect Chain

https://sync.1rx.io/usersync2/brxd?&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://sync.1rx.io/usersync2/brxd?zcc=1&cb=1682825939022
https://ad.turn.com/r/cs?pid=45&rndcb=5705589493
https://sync.1rx.io/usersync/turn/3526114908186870879?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-bcb915d6-5729-476f-8e2e-174a247c5d47-005?redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F56551%2Fsync%3Fuid%3DRX-bcb915d6-5729-476f-8e2e-174a247c...
https://ups.analytics.yahoo.com/ups/56551/sync?uid=RX-bcb915d6-5729-476f-8e2e-174a247c5d47-005&_origin=1

0
17 B

26ms
26ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56551/sync?uid=RX-bcb915d6-5729-476f-8e2e-174a247c5d47-005&_origin=1

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location: https://ups.analytics.yahoo.com/ups/56551/sync?uid=RX-bcb915d6-5729-476f-8e2e-174a247c5d47-005&_origin=1
Date: Sun, 30 Apr 2023 03:38:59 GMT
Content-Type: text/html
Connection: keep-alive
ETag: RXbcb915d65729476f8e2e174a247c5d47005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55859/ Frame 80E3
Redirect Chain

https://x.bidswitch.net/sync?ssp=rmx&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=rmx
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=rmx
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=64bec325-e584-4d6f-a910-b7ed225d480a&ssp=rmx
https://ups.analytics.yahoo.com/ups/55859/sync?uid=6c83439e-d517-4612-9960-cbdcac3931d0&_origin=0&gdpr=&gdpr_consent=

0
17 B

27ms
26ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55859/sync?uid=6c83439e-d517-4612-9960-cbdcac3931d0&_origin=0&gdpr=&gdpr_consent=

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location: //ups.analytics.yahoo.com/ups/55859/sync?uid=6c83439e-d517-4612-9960-cbdcac3931d0&_origin=0&gdpr=&gdpr_consent=
Date: Sun, 30 Apr 2023 03:38:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58267/ Frame 80E3
Redirect Chain

https://p.rfihub.com/cm?pub=37527&in=1&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58267%2Fsync%3Fuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3...
https://ups.analytics.yahoo.com/ups/58267/sync?uid=1791377147153345054&_origin=0

0
674 B

26ms
26ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58267/sync?uid=1791377147153345054&_origin=0

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location: https://ups.analytics.yahoo.com/ups/58267/sync?uid=1791377147153345054&_origin=0
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55939/ Frame 80E3
Redirect Chain

https://ad.turn.com/r/cs?pid=18&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://ups.analytics.yahoo.com/ups/55939/sync?uid=3526114908186870879&_origin=0&gdpr=0&gdpr_consent=&us_privacy=

0
17 B

30ms
26ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55939/sync?uid=3526114908186870879&_origin=0&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55939/sync?uid=3526114908186870879&_origin=0&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 genericusersync.ashx
sync.tidaltv.com/ Frame 80E3 42 B
198 B 376ms
22ms Image
image/gif 2600:1f18:1c96:4103:85f9:b152:a5d7:cc08
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.tidaltv.com/genericusersync.ashx?dpid=3173&gdpr=0&gdpr_consent=&gpp=&gpp_sid=

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:1c96:4103:85f9:b152:a5d7:cc08 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 30 Apr 2023 03:38:59 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1

200

ping_match.gif
pm.w55c.net/ Frame 80E3
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=ONEMOBILE&gdpr=0&cs=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F56554%2Fsync%3Fuid%3D_wfivefivec_%26_origin%3D0&gdpr=0&gdpr_consent=%26gp...
https://pm.w55c.net/ping_match.gif?scc=1&st=ONEMOBILE&gdpr=0&cs=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F56554%2Fsync%3Fuid%3D_wfivefivec_%26_origin%3D0&gdpr=0&gdpr_consent...

42 B
690 B

25ms
24ms

Image
image/gif

54.162.158.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pm.w55c.net/ping_match.gif?scc=1&st=ONEMOBILE&gdpr=0&cs=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F56554%2Fsync%3Fuid%3D_wfivefivec_%26_origin%3D0&gdpr=0&gdpr_consent=%26gpp_sid%3D%26gpp%3D

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

HTTP/1.1

Server

54.162.158.9 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-158-9.compute-1.amazonaws.com

Software

PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0ee9e37f6f1ce5e71@us-east-1e@dxedge-app-us-east-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0ee9e37f6f1ce5e71@us-east-1e@dxedge-app-us-east-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0676d2a12ac6591e8@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://pm.w55c.net/ping_match.gif?scc=1&st=ONEMOBILE&gdpr=0&cs=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F56554%2Fsync%3Fuid%3D_wfivefivec_%26_origin%3D0&gdpr=0&gdpr_consent=%26gpp_sid%3D%26gpp%3D
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/56550/ Frame 80E3
Redirect Chain

https://yhp.mxptint.net/sn.ashx?
https://ups.analytics.yahoo.com/ups/56550/sync?uid=R35CA9_101EB2196_9A8B9AC0&_origin=1

0
17 B

27ms
26ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56550/sync?uid=R35CA9_101EB2196_9A8B9AC0&_origin=1

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location: https://ups.analytics.yahoo.com/ups/56550/sync?uid=R35CA9_101EB2196_9A8B9AC0&_origin=1
Date: Sun, 30 Apr 2023 03:38:58 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-365830738; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 207
Content-Type: text/html; charset=utf-8

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58183/ Frame 80E3
Redirect Chain

https://ssc-cms.33across.com/ps/?ri=0010b00002EdWnZAAV&us_privacy=&&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&ru=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58183%2Fsync%3Fuid%3D33XUSERID33X%26_origin%3...
https://ups.analytics.yahoo.com/ups/58183/sync?uid=212120393663280&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&us_privacy=

0
17 B

27ms
27ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58183/sync?uid=212120393663280&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&us_privacy=

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
referrer-policy: unsafe-url
server: 33XP017
x-33x-status: 100000000008200000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://ups.analytics.yahoo.com/ups/58183/sync?uid=212120393663280&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55938/ Frame 80E3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=21&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55938%2Fsync%3Fuid%3D%5BMM_UUID%5D%26_origin%3D0%26gdpr%3D0%26gdp...
https://ups.analytics.yahoo.com/ups/55938/sync?uid=75bc644d-e2d3-4700-8bfe-e5289ba777c1&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

0
17 B

26ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55938/sync?uid=75bc644d-e2d3-4700-8bfe-e5289ba777c1&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Sun, 30 Apr 2023 03:38:59 GMT
Server: MT3 830 785530e master ord-pixel-x20 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://ups.analytics.yahoo.com/ups/55938/sync?uid=75bc644d-e2d3-4700-8bfe-e5289ba777c1&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 30 Apr 2023 03:38:58 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58561/ Frame 80E3
Redirect Chain

https://beacon.lynx.cognitivlabs.com/yahoo.gif
https://ups.analytics.yahoo.com/ups/58561/sync?uid=9419444e-5826-484d-b4c3-15c35ec653ed&_origin=0

0
17 B

26ms
25ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58561/sync?uid=9419444e-5826-484d-b4c3-15c35ec653ed&_origin=0

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location: https://ups.analytics.yahoo.com/ups/58561/sync?uid=9419444e-5826-484d-b4c3-15c35ec653ed&_origin=0
Date: Sun, 30 Apr 2023 03:38:59 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0B37
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3i0bSC4Us4CNLOagYBPAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1

43 B
632 B

19ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAsppPsvHR_plkxSDGtKPKo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 0B37
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE5WKpMBA0X9rfZxmQml80E&google_cver=1

43 B
766 B

18ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE5WKpMBA0X9rfZxmQml80E&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=492
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE5WKpMBA0X9rfZxmQml80E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0B37
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40022b3b-2005-4517-8542-406606e8d366&expiration=1685417938&gdpr=0&gdpr_consent=

43 B
632 B

21ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40022b3b-2005-4517-8542-406606e8d366&expiration=1685417938&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=40022b3b-2005-4517-8542-406606e8d366&expiration=1685417938&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 0B37 43 B
855 B 34ms
30ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB&gpp=&gpp_sid=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CDVPQTGK53K5HGSMNGN7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0B37
Redirect Chain

https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259299574469

43 B
632 B

19ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259299574469
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=493
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:59 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 1862
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259299574469
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7bfcc1465c474bd1-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0B37
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4233628459017124396&gdpr=0&gdpr_consent=

43 B
632 B

19ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4233628459017124396&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4233628459017124396&gdpr=0&gdpr_consent=
date: Sun, 30 Apr 2023 03:38:58 GMT
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0B37
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3i0QAGellArAA9

43 B
632 B

20ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3i0QAGellArAA9
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-yyz4552-YYZ
pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1682825939.934592,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3i0QAGellArAA9
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 113
match.deepintent.com/usersync/ Frame 0B37 0
223 B 84ms
24ms Image
image/gif 8.18.47.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 03:38:58 GMT
server: c
content-length: 0
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'

GET
H2 200 htw-pixel.gif
js-sec.indexww.com/ht/ Frame 0B37 43 B
104 B 30ms
26ms Image
image/gif 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?ZE3i0bSC4Us4CNLOagYBPAAABXAAAAIB=&gpp=&gpp_sid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=183875&us_privacy=&gdpr_consent=&gdpr=0&gpp=&gpp_sid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:58 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 1015
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7bfcc1465b465479-YYZ
content-length: 43
expires: Sun, 30 Apr 2023 07:38:58 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3907 22 KB
8 KB 22ms
21ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 27589
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 19:59:09 GMT
expires: Sun, 28 Apr 2024 19:59:09 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ Frame 79AD 43 B
330 B 23ms
20ms Image
image/gif 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=LOBLAW_DISPLAY1&ol=4243053063&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-yWMJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-CyV0nPQ2oUtvHw%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&id=1&ii=3&f=1&j=https%3A%2F%2Fnews.yahoo.com&lp=https%3A%2F%2Fnews.yahoo.com&t=1682825938257&de=793131429498&cu=1682825938257&m=684&ar=81c6b5a9873-clean&iw=fee3009&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=618&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1048%3A273&aa=0&ad=71&cn=0&gk=71&gl=0&ik=71&ic=71&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=59&cd=59&ah=59&am=59&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=PC%20Masterbrand%3A2023_02605_LM_14_Q4_PCMB-Q2-CONSID-THINK-PC%20Coffee_AW_CA_EN-FR_DISPLAY-OLV_1PD%3A14_PCMB-Q1-CONSID-PC%20Coffee_DISP_MediaAisle_OPN_HTML5_CPM_000700_ROC_EN_Mass_OE%3A&bo=Display&bd=300x600&gw=loblawdspdisplay883108631098&zMoatOrigSlicer1=Display&zMoatOrigSlicer2=300x600&zMoatDomain=yahoo.com&zMoatSubdomain=news.yahoo.com&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=203238&na=403516386&cs=0
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:58 GMT
x-check-cacheable: YES
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-pragma-client-ip: 10.33.41.138, 12.90.221.210
x-serial: 1
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:38:58 GMT

GET
H2 200 v2 Show response
mb.moatads.com/s/ Frame 80E3 150 B
324 B 70ms
57ms Script
text/html 18.117.20.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s/v2?url=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&pcode=millennialnexageinapp768429046591&ord=1682825938420&jv=1210068153&callback=BrandSafetyNadoscallback_23782685
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/30c6f9e1-792e-44c7-9ce4-9c6875020868/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.117.20.224 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-117-20-224.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: b20a15b71ee8f82a7cfd01ea23a13b26637043f4237f223a5861ce8e2a522480

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "b7d2271a3adeb8c5153e6ee6ce091b3bfd8587b7"
content-length: 150
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ Frame 80E3 43 B
262 B 106ms
20ms Image
image/gif 23.34.249.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=170&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=news.yahoo.com&L1id=14146&L2id=Index%20Exchange&L3id=3593822&L4id=19512475&S1id=217738&S2id=783368&ord=1682825938420&r=685618450416&t=meas&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fnews.yahoo.com%252Fmike-pompeo-says-russia-pretty-102330062.html&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.249.16 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-34-249-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:38:59 GMT

GET
H2 200 pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ Frame 80E3 43 B
262 B 103ms
18ms Image
image/gif 23.34.249.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=170&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=news.yahoo.com&L1id=14146&L2id=Index%20Exchange&L3id=3593822&L4id=19512475&S1id=217738&S2id=783368&ord=1682825938420&r=685618450416&t=nht&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fnews.yahoo.com%252Fmike-pompeo-says-russia-pretty-102330062.html&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.249.16 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-34-249-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:38:59 GMT

GET
H2 200 pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ Frame 80E3 43 B
262 B 102ms
19ms Image
image/gif 23.34.249.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=170&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=news.yahoo.com&L1id=14146&L2id=Index%20Exchange&L3id=3593822&L4id=19512475&S1id=217738&S2id=783368&ord=1682825938420&r=685618450416&t=bs&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fnews.yahoo.com%252Fmike-pompeo-says-russia-pretty-102330062.html&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.249.16 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-34-249-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:38:59 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 80E3 43 B
330 B 20ms
20ms Image
image/gif 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsimgad%2F12288636848045160295&i=MILLENNIALNEXAGEINAPP1&ol=4243053063&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-teJyB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-Iw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&id=1&ii=3&f=1&j=https%3A%2F%2Fnews.yahoo.com&lp=https%3A%2F%2Fnews.yahoo.com&t=1682825938420&de=685618450416&cu=1682825938420&m=604&ar=81c6b5a9873-clean&iw=44b2edf&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=449&lg=1&lh=16&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A790&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=170&cd=0&ah=170&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=14146%3AIndex%20Exchange%3A3593822%3A19512475&bo=217738&bd=783368&gw=millennialnexageinapp768429046591&zMoatOrigSlicer1=217738&zMoatOrigSlicer2=783368&zMoatDomain=yahoo.com&zMoatSubdomain=news.yahoo.com&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tc=0&fs=203238&na=248774936&cs=0
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:59 GMT
x-check-cacheable: YES
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-pragma-client-ip: 10.33.41.138, 12.90.221.210
x-serial: 1
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:38:59 GMT

GET
H3 200 wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3907 36 KB
14 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 11:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14195
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Apr 2024 11:44:41 GMT

GET
H2 206 CasinoDays_Digital_1080x1080_MALE02.mp4
cdn-rhino.b-cdn.net/videos/ Frame 9A4D 24 KB
24 KB 34ms
33ms Media
video/mp4 2400:52e0:1a00::845:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-rhino.b-cdn.net/videos/CasinoDays_Digital_1080x1080_MALE02.mp4
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-845 /
Resource Hash: 1c1238d8bec78dcb5ebd1d726f69fe77a385722323e6f3ea09bc942519a643d5

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range: bytes=1277952-

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
cdn-edgestorageid: 1029
cdn-storageserver: DE-168
Content-Range: bytes 1277952-1302125/1302126
cdn-cachedat: 03/15/2023 22:30:17
cdn-pullzone: 432439
Content-Length: 24174
last-modified: Tue, 03 Jan 2023 10:41:23 GMT
server: BunnyCDN-IL1-845
cdn-fileserver: 90
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp4
cdn-cache: HIT
cdn-uid: 632776cd-0e27-4f2f-9e50-6a233f7e45c4
cache-control: public, max-age=31919000
cdn-requestid: 31552dd97d64b067515417b6e1f883e5
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ Frame 80E3 43 B
262 B 94ms
20ms Image
image/gif 23.34.249.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=203&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=news.yahoo.com&L1id=14146&L2id=Index%20Exchange&L3id=3593822&L4id=19512475&S1id=217738&S2id=783368&ord=1682825938420&r=685618450416&t=hdn&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fnews.yahoo.com%252Fmike-pompeo-says-russia-pretty-102330062.html&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.249.16 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-34-249-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:38:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3907 0
20 B 40ms
39ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bbm-J0uJNZPT4KZC_NerLmNgPAAAAADgB4AQC&bg=!9vWl9aHNAAb9Sbh13Uk7ADkAdvg8Wup71GqLuzb17rpnDcEUVTyNQ2ePDA_0xs3XGBCNrcIoJWKc3ufMkWRVagPFMYh-lKE_qV8CAAAAcFIAAAACaAEHmQLw_C1GZEDnt43aITf2s7Ywg0wSRhB19qXt0O0ReIjNFLu3z5y5mjvDtcBLRDCJtlzDnAjjGngqjchGs_XfP72deQDQ078MgjZfc0izqw52BR7ZsRZVw38EfeWyT2khpK14p3VKQzSGn1rZXYTpa_g8LzyE3UHYVJAh3iCg4stluagUmkmDMo-iSnqq8akqG1GfJWB2bDQoJ6qkJVRIDKHWtvyvUWk2OUo3GkqNFVql_7WlJXd0-WNeEM5Ie_JU8QZIN46eL8UmJWq2s6CuceP8C70WmKAbxO8g8Rw0QNT1Rs9d6EtLEFcu7TM4b3HbGclb0ivNXkJYvTOtiGAU0NTn1vt4BBBlHtrQa1BnoorA28Eg5Fr4X1MCXc06kLHKSMGTh-IQr10TXtd8NpUaIEBPlOKX7V9HjIoD57Ni-doJMEJux4lHWnIGYweT-El9q8r4ENS-OZCiQzkJJ54f8MK5ZK34d72jpImd_09NOsx8dgYWsjdc36IeORQmHLeOz_c6fseRyYcZAftk9xJvZ9u4Vh0Ks0cDKicr0LJim2BITKDiTGDiDynS7x1dzRiVpjHobmsKQYEuuWQdkdnj-u1U3El_9ELnHBTdY-NVrXA9gugXXDpmhgucJYRenlXeMVICjISh9cVVmaWEQ5V1zI6uvJUmMKnBKlmrecZmXgP0CNEBTE7rxXwsac6EVxb9d1QZ9P-OHDBnb1FlsTdvaaYK7f3svQhRJr2HI5MXCOTDvnxTqqlV9OZHqBjS5s5GOJcTr0I73AgY8nLROO17Df1YjrbSrDWzoeETz8-bbIRV5MvO4Hvj3KwfLJltgJxY6PVwlXQ0g8upDFcuvNcNGD-CXfJY7Qas7gRJotvfNdMBW9isofROo9rSyrmbQSpYQEY3J6cX6tT8q0fFbQXXqt0RkKCgY9W8q0D8ZbUdhFyisVjS6X_xlMHo7-gTcP_rqhSP1Zpa1YvFTZ7TGdqEix5j7zpCh6jUCavFm5RCuFlmn8o

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/1.5.0/safeframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r-sf.html Show response
s.yimg.com/rq/darla/4-11-1/html/ Frame A4F8 2 KB
818 B 30ms
30ms Document
text/html 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/js/g-r-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 10059
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 753
content-type: text/html; charset=utf-8
date: Sun, 30 Apr 2023 00:51:21 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Tue, 21 Mar 2023 17:13:59 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
x-amz-id-2: 4d3Tuu2LPrDUzMg1VX5XiXAwxtQDYvo2KV8mM+UPpU59GFMvIR7eWATpBizt5z0TIZ0XZPtVbhs=
x-amz-request-id: TDQNMY773QDGCAJJ
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830385%7C0%7C225%7CAdId=-41;BnId=2;ct=1914487186;st=11406;adcid=1;itime=825935748;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735814;imprefseq=135957967194302601;im...
5.ras.yahoo.com/ 1 B
57 B 36ms
35ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C4830385%7C0%7C225%7CAdId=-41;BnId=2;ct=1914487186;st=11406;adcid=1;itime=825935748;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735814;imprefseq=135957967194302601;imprefts=1682825935;adclntid=1004;spaceid=1197618800;adposition=LDRB2;lmsid=a0770000003N6b9AAC;revshare=lmsid%253Aa0770000003N6b9AAC%253Brevsp%253Abusiness%255Finsider%255Farticles%255F888%253Blpstaid%253A986b3626%252D7fe5%252D3ac6%252D943d%252D163ec6b9dd49%253Bpt%253Acontent%253Bpd%253Anon%255Fmodal%253Bver%253Aarticle%253Blu%253A0%253Bpct%253Astory%253Bsite%253Anews;pvid=EPDodjEwLjJ_k6BNZE3izxGJMjYwNwAAAAByHFU3;sectionid=149676551;kvpgcolo=bf1;kvhashtag=1996000;kvrs=lmsid:a0770000003n6b9aac:business_insider_articles_888:content:pd:0:pct:story:pt:site:lu:news:ver:article:986b3626-7fe5-3ac6-943d-163ec6b9dd49:revsp:lpstaid:non_modal;kvssp=ssp;kvctopid=1996000;kvsecure=true;kvmn=y403552;kvy-bucket=usnd-a20-seamless-int3;kvwiki_topics=mike_pompeo:computer_security:united_states_department_of_state:malware:russia:fireeye:business_insider:the_pentagon:donald_trump:united_states_secretary_of_state:joe_biden:solarwinds:cyberattack:federal_government_of_the_united_states;kvsecure-darla=4-11-1%7Cysd%7C1;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 sfext-min.js Show response
s.yimg.com/rq/darla/4-11-1/js/ Frame A4F8 63 KB
27 KB 30ms
30ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/4-11-1/js/sfext-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

ccbc7dfef689bdf1699866b475312f85ff8c72fa5d3b245a1d46ce5905074dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 1ABZH4A49T19PKHT
age: 24604
x-amz-server-side-encryption: AES256
x-amz-id-2: siZ87x7N95Y423XXPNpNigQgdJsqbNdVA2plG0W9nIcRtyTxu90Oo7OY83iDU4G1xrAkLCfTDB0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Mar 2023 17:14:01 GMT
server: ATS
etag: "0de33909203cc96a72112b50c54741ef-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A4F8 74 KB
25 KB 113ms
48ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5ec11b118ec2b2687b7070fec24eb96110f5c8a5144985a5201fc5cb9fa0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24760
x-xss-protection: 0
server: cafe
etag: 559 / 19477 / 31074188 / config-hash: 17856767610576847833
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 03:38:59 GMT

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame A4F8 2 KB
3 KB 32ms
26ms Script
application/javascript 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58294,58292,55972,58222,55986,56557,55964,55940,58309,57628,57630,57926&referrer=&limit=12&us_privacy=null&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

a6ca552062553bbf86c063204857125c5b27f09b62b6f54e98846ccef427e795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adEvent.do
us-east-1-web-oao.ssp.yahoo.com/admax/ Frame A4F8 43 B
318 B 89ms
25ms Image
image/gif 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-east-1-web-oao.ssp.yahoo.com/admax/adEvent.do?tidi=770771327&dcn=brxd4464051&posi=783797&grp=%3F%3F%3F&nl=1682825935865&rts=1682825935633&pix=1&et=1&a=EPDodjEwLjJ_k6BNZE3izxGJMjYwNwAAAAByHFU3-1&m=aXAtMTAtMjItMTEtMTY1&b=MTMxMjM7VVMgLSBBZFggUGFzc2JhY2s7Pz8_Ozs7OzUyZWQyNWQzOGU5MjRjMzA4NWNmNzJmNzA5MGFjM2RmOzI5NDYzODY4OzE2ODI4MjE4NDc7OzA7OzA7O3Bhc3NiYWNrLTE4Mzs7MTsxOw..&uid=y-gVYBFW9E2rNEjqmbL1V7UaLrMqne_O1gSI39vbJalBZ1%7EA&tsrctype=2&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxDQU4.&hb=true&type=5&af=7&brxdPublisherId=20459933223&brxdSiteId=4464051&brxdSectionId=149676551&dety=5
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/js/sfext-min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
last-modified: Thu, 27 Apr 2023 00:31:38 GMT
server: ATS/9.1.10.25
accept-ranges: bytes
age: 0
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame A4F8 69 KB
16 KB 35ms
30ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WRWCTJ258ECY2D8Z
age: 6727
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: Rotpk5MOCxjiyWZ9j8VwsmO1ta/cazG8Ee89PBMLt86SOxPr9/V3h9xoIc9aEMYMDB46xuSQVIU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 adcount%7C2.0%7C5113.1%7C4830385%7C0%7C225%7CAdId=-41;BnId=2;ct=1914487186;st=11406;adcid=1;itime=825935748;reqtype=5;guid=7v4t09li4romf;;impref=16828259352261735814;imprefseq=135957967194302601;im...
5.ras.yahoo.com/ Frame A4F8 1 B
202 B 52ms
47ms Image
application/x-javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/js/sfext-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK heart-in.gif
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 7 KB
8 KB 25ms
22ms Image
image/gif 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/heart-in.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: d38970cf787848e7132a1b89b12aa630ace01f56f72f51f687dab954e0aac201

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:59 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-1d53"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7507

GET
H/1.1

403
Forbidden

us.php
gu.dyntrk.com/adx/adptv/ Frame A4F8
Redirect Chain

https://ups.analytics.yahoo.com/ups/57630/sync?_origin=0&gdpr=0&gdpr_consent=&redir=true&gpp=&gpp_sid=
https://gu.dyntrk.com/adx/adptv/us.php?dynk=176a0l&gdpr=0&adexuid=y-W1EoY0BE2uj7san21FDIfnQsSS4NUpA-~A

0
0

93ms
22ms

Image
text/html

135.148.35.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/adptv/us.php?dynk=176a0l&gdpr=0&adexuid=y-W1EoY0BE2uj7san21FDIfnQsSS4NUpA-~A
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Protocol: HTTP/1.1
Server: 135.148.35.198 , United States, ASN16276 (OVH, FR),
Reverse DNS: ns1015826.ip-135-148-35.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location: https://gu.dyntrk.com/adx/adptv/us.php?dynk=176a0l&gdpr=0&adexuid=y-W1EoY0BE2uj7san21FDIfnQsSS4NUpA-~A
date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58373/ Frame A4F8
Redirect Chain

https://bttrack.com/pixel/cookiesync?source=833de4fa-20e8-4216-9db8-82268d53cb15&secure=1&_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://ups.analytics.yahoo.com/ups/58373/sync?uid=6d4894ce-1dfc-4c68-a404-fd590bdf31f5&_origin=1

0
17 B

36ms
36ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58373/sync?uid=6d4894ce-1dfc-4c68-a404-fd590bdf31f5&_origin=1

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

x-servername: Track002-iad
pragma: no-cache
date: Sun, 30 Apr 2023 03:38:49 GMT
strict-transport-security: max-age=31536000;
content-type: text/html; charset=utf-8
location: https://ups.analytics.yahoo.com/ups/58373/sync?uid=6d4894ce-1dfc-4c68-a404-fd590bdf31f5&_origin=1
cache-control: private,no-cache
content-length: 218
expires: -1

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58335/ Frame A4F8
Redirect Chain

https://ums.acuityplatform.com/tum?umid=24&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58335%2Fsync%3Fuid%3D___AUID___%26_origin%3D0%26gdpr%3D0%26gdpr_cons...
https://ups.analytics.yahoo.com/ups/58335/sync?uid=773720596559&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

0
17 B

39ms
24ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58335/sync?uid=773720596559&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Access-Control-Allow-Origin: *
Location: https://ups.analytics.yahoo.com/ups/58335/sync?uid=773720596559&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=
Content-Length: 0

GET
H/1.1

400
Bad Request

at&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
match.prod.bidr.io/cookie-sync/ Frame A4F8
Redirect Chain

https://match.prod.bidr.io/cookie-sync/at&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://match.prod.bidr.io/cookie-sync/at&gdpr=0&gdpr_consent=&gpp=&gpp_sid=?_bee_ppp=1

19 B
19 B

31ms
26ms

Image
text/plain

54.210.120.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/at&gdpr=0&gdpr_consent=&gpp=&gpp_sid=?_bee_ppp=1

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

HTTP/1.1

Server

54.210.120.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-120-215.compute-1.amazonaws.com

Software

gunicorn /

Resource Hash

6b7dab6ddc60aab5337a476cfeaacb8014fa40c25338aea30eafc4aebd2aec2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 19
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/at&gdpr=0&gdpr_consent=&gpp=&gpp_sid=?_bee_ppp=1
Date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

cksync.php
contextual.media.net/ Frame A4F8
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=vmx&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58275%2Fsync%3Fuid%3D%7B%24UID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_con...
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=vmx&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58275%2Fsync%3Fuid%3D%7B%24UID%7D%26_origin%3D0%26gdpr%3D0%26gd...
https://ups.analytics.yahoo.com/ups/58275/sync?uid=1e2cfdbe-8719-420a-89dd-39e2b1db231d&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redir=true
https://rtb.mfadsrvr.com/sync?mf_uid=1e2cfdbe-8719-420a-89dd-39e2b1db231d&gdpr=0
https://contextual.media.net/cksync.php?type=mf&ovsid=1e2cfdbe-8719-420a-89dd-39e2b1db231d&cs=3&redirect=https://rtb-use.mfadsrvr.com/sync

61 B
481 B

77ms
76ms

Image
image/gif

96.17.64.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=1e2cfdbe-8719-420a-89dd-39e2b1db231d&cs=3&redirect=https://rtb-use.mfadsrvr.com/sync

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Server

96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-17-64-29.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 30 Apr 2023 03:39:00 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sun, 30 Apr 2023 03:39:00 GMT

Redirect headers

location: //contextual.media.net/cksync.php?type=mf&ovsid=1e2cfdbe-8719-420a-89dd-39e2b1db231d&cs=3&redirect=https://rtb-use.mfadsrvr.com/sync
date: Sun, 30 Apr 2023 03:39:00 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK Yahoo
crb.kargo.com/api/v1/dsync/ Frame A4F8 43 B
504 B 149ms
27ms Image
image/gif 34.235.90.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/Yahoo?gdpr=0&gdpr_consent=&gpp_sid=&gpp=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58715%2Fsync%3Fuid%3D%7BKID%7D
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.90.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-90-200.compute-1.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:38:59 GMT
X-Accel-Expires: 0
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58172/ Frame A4F8
Redirect Chain

https://gocm.c.appier.net/verizonmedia?_origin=0&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://ups.analytics.yahoo.com/ups/58172/sync?uid=FX3EiqH4CEaxQwKq1OJNZA&_origin=0&gdpr=0&gdpr_consent=

0
17 B

30ms
29ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58172/sync?uid=FX3EiqH4CEaxQwKq1OJNZA&_origin=0&gdpr=0&gdpr_consent=

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:39:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58172/sync?uid=FX3EiqH4CEaxQwKq1OJNZA&_origin=0&gdpr=0&gdpr_consent=
date: Sun, 30 Apr 2023 03:39:00 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
server: nginx
content-length: 139
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58405/ Frame A4F8
Redirect Chain

https://sync.aralego.com/idsync?&gdpr=0&gdpr_consent=&gpp_sid=&gpp=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58405%2Fsync%3Fuid%3DUCFUID%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26g...
https://ups.analytics.yahoo.com/ups/58405/sync?uid=a1772a10-494b-3d37-a75f-04a78e71d2e7&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

0
17 B

35ms
27ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58405/sync?uid=a1772a10-494b-3d37-a75f-04a78e71d2e7&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58405/sync?uid=a1772a10-494b-3d37-a75f-04a78e71d2e7&_origin=0&gdpr=0&gdpr_consent=&gpp_sid=&gpp=
date: Sun, 30 Apr 2023 03:38:59 GMT
connection: close
content-length: 154
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2

204

1
sync.connectad.io/umatch/ Frame A4F8
Redirect Chain

https://sync-eu.connectad.io/syncer/1?bidder=yahoo&dataid=data18&uuid=y-7vReeGZE2uPX4NlblsX_x75sZLrLIA--~A
https://sync.connectad.io/umatch/1?bidder=yahoo&dataid=data18&uuid=y-7vReeGZE2uPX4NlblsX_x75sZLrLIA--~A

0
108 B

153ms
139ms

Image
text/plain

2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.connectad.io/umatch/1?bidder=yahoo&dataid=data18&uuid=y-7vReeGZE2uPX4NlblsX_x75sZLrLIA--~A
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Protocol: H2
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:39:00 GMT
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bfcc14d7f593ff1-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sun, 30 Apr 2023 03:38:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html; charset=UTF-8
location: https://sync.connectad.io/umatch/1?bidder=yahoo&dataid=data18&uuid=y-7vReeGZE2uPX4NlblsX_x75sZLrLIA--~A
cache-control: no-cache, private
cf-ray: 7bfcc14c4d6c3ff1-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hbpix
idpix.media6degrees.com/orbserv/ Frame A4F8 43 B
578 B 207ms
54ms Image
image/gif 2606:4700::6812:16ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idpix.media6degrees.com/orbserv/hbpix?pixId=15194&pcv=50
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:16ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 7bfcc14cabda713e-YUL
content-length: 43

GET
H2

200

push
exchange.mediavine.com/usersync/ Frame A4F8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58242/sync?_origin=0&gdpr=0&gdpr_consent=&redir=true&gpp=&gpp_sid=
https://exchange.mediavine.com/usersync/push?partner=verizon&partnerId=y-ADS8aJxE2uFkfHxYEoLITdEmvkftobgF~A&gdpr_in_effect=0

0
967 B

75ms
25ms

Image
text/html

3.209.252.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=verizon&partnerId=y-ADS8aJxE2uFkfHxYEoLITdEmvkftobgF~A&gdpr_in_effect=0
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Protocol: H2
Server: 3.209.252.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-252-165.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:38:59 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

Redirect headers

location: https://exchange.mediavine.com/usersync/push?partner=verizon&partnerId=y-ADS8aJxE2uFkfHxYEoLITdEmvkftobgF~A&gdpr_in_effect=0
date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

403
Forbidden

us.php
gu.dyntrk.com/adx/adptv/ Frame A4F8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58245/sync?_origin=0&gdpr=0&gdpr_consent=&redir=true&gpp=&gpp_sid=
https://gu.dyntrk.com/adx/adptv/us.php?dynk=176a0l&gdpr=0&adexuid=y-0LxA4QNE2uHym.AjTVNi3annxqAiGVzS~A

0
0

90ms
23ms

Image
text/html

135.148.35.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/adptv/us.php?dynk=176a0l&gdpr=0&adexuid=y-0LxA4QNE2uHym.AjTVNi3annxqAiGVzS~A
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Protocol: HTTP/1.1
Server: 135.148.35.198 , United States, ASN16276 (OVH, FR),
Reverse DNS: ns1015826.ip-135-148-35.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location: https://gu.dyntrk.com/adx/adptv/us.php?dynk=176a0l&gdpr=0&adexuid=y-0LxA4QNE2uHym.AjTVNi3annxqAiGVzS~A
date: Sun, 30 Apr 2023 03:38:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ Frame A4F8 398 KB
123 KB 31ms
19ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 14:58:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45623
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126109
x-xss-protection: 0
server: cafe
etag: 6695821980177688499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Apr 2024 14:58:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 79AD 43 B
330 B 31ms
20ms Image
image/gif 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=LOBLAW_DISPLAY1&ol=4243053063&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-yWMJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-CyV0nPQ2oUtvHw%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&id=1&ii=3&f=1&j=https%3A%2F%2Fnews.yahoo.com&lp=https%3A%2F%2Fnews.yahoo.com&t=1682825938257&de=793131429498&cu=1682825938257&m=1704&ar=81c6b5a9873-clean&iw=fee3009&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=618&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1048%3A273&aa=1&ad=1093&cn=71&gn=1&gk=1093&gl=71&ik=1093&ic=1093&ez=1&co=1093&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1020&cd=59&ah=1020&am=59&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=PC%20Masterbrand%3A2023_02605_LM_14_Q4_PCMB-Q2-CONSID-THINK-PC%20Coffee_AW_CA_EN-FR_DISPLAY-OLV_1PD%3A14_PCMB-Q1-CONSID-PC%20Coffee_DISP_MediaAisle_OPN_HTML5_CPM_000700_ROC_EN_Mass_OE%3A&bo=Display&bd=300x600&gw=loblawdspdisplay883108631098&zMoatOrigSlicer1=Display&zMoatOrigSlicer2=300x600&zMoatDomain=yahoo.com&zMoatSubdomain=news.yahoo.com&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=203238&na=416761715&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:38:59 GMT
x-check-cacheable: YES
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-pragma-client-ip: 10.33.41.138, 12.90.221.210
x-serial: 1
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:38:59 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 79AD 43 B
328 B 24ms
20ms Image
image/gif 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=LOBLAW_DISPLAY1&ol=4243053063&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-yWMJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-CyV0nPQ2oUtvHw%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&id=1&ii=3&f=1&j=https%3A%2F%2Fnews.yahoo.com&lp=https%3A%2F%2Fnews.yahoo.com&t=1682825938257&de=793131429498&cu=1682825938257&m=1706&ar=81c6b5a9873-clean&iw=fee3009&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=618&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1048%3A273&aa=1&ad=1093&cn=1093&gn=1&gk=1093&gl=1093&ik=1093&ic=1093&ez=1&co=1093&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1020&cd=1020&ah=1020&am=1020&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=PC%20Masterbrand%3A2023_02605_LM_14_Q4_PCMB-Q2-CONSID-THINK-PC%20Coffee_AW_CA_EN-FR_DISPLAY-OLV_1PD%3A14_PCMB-Q1-CONSID-PC%20Coffee_DISP_MediaAisle_OPN_HTML5_CPM_000700_ROC_EN_Mass_OE%3A&bo=Display&bd=300x600&gw=loblawdspdisplay883108631098&zMoatOrigSlicer1=Display&zMoatOrigSlicer2=300x600&zMoatDomain=yahoo.com&zMoatSubdomain=news.yahoo.com&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=203238&na=1724921256&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:00 GMT
x-check-cacheable: YES
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-pragma-client-ip: 10.33.41.138, 12.90.221.210
x-serial: 1
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:39:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ Frame A4F8 107 B
531 B 83ms
35ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A4F8 107 B
456 B 99ms
50ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yimg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A4F8 47 KB
20 KB 357ms
357ms XHR
text/plain 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4214816832776671&correlator=262156190233921&eid=31074188%2C44752585&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=108347105%2Cca-pub-5786243031610172-tag%2C7141153936%2Cynews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=1&adks=2811807170&sfv=1-0-40&prev_scp=ADPOSITION%3DLDRB2%26SITEID%3D217738&eri=4&sc=1&cdm=s.yimg.com&abxe=1&dt=1682825940085&dlt=1682825939671&idt=327&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=728&ish=90&scr_x=-12245933&scr_y=-12245933&ucis=o2a6pklougx0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&loc=https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-11-1%2Fhtml%2Fr-sf.html&top=news.yahoo.com&frm=24&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1230526069.1682825940&ga_sid=1682825940&ga_hid=220981856&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cde95dc0628f2b879653d1c73581af763eee29cf68dfcc2a49c01c5d3f30adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:39:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20000
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s.yimg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0B41 6 KB
3 KB 99ms
33ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 03:39:00 GMT
expires: Mon, 29 Apr 2024 03:39:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ Frame 79AD 43 B
328 B 24ms
18ms Image
image/gif 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=LOBLAW_DISPLAY1&ol=4243053063&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-yWMJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-CyV0nPQ2oUtvHw%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&id=1&ii=3&f=1&j=https%3A%2F%2Fnews.yahoo.com&lp=https%3A%2F%2Fnews.yahoo.com&t=1682825938257&de=793131429498&cu=1682825938257&m=1706&ar=81c6b5a9873-clean&iw=fee3009&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=618&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1048%3A273&aa=1&ad=1093&cn=1093&gn=1&gk=1093&gl=1093&ik=1093&ic=1093&ez=1&co=1093&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1020&cd=1020&ah=1020&am=1020&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=PC%20Masterbrand%3A2023_02605_LM_14_Q4_PCMB-Q2-CONSID-THINK-PC%20Coffee_AW_CA_EN-FR_DISPLAY-OLV_1PD%3A14_PCMB-Q1-CONSID-PC%20Coffee_DISP_MediaAisle_OPN_HTML5_CPM_000700_ROC_EN_Mass_OE%3A&bo=Display&bd=300x600&gw=loblawdspdisplay883108631098&zMoatOrigSlicer1=Display&zMoatOrigSlicer2=300x600&zMoatDomain=yahoo.com&zMoatSubdomain=news.yahoo.com&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=203238&na=152806858&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:00 GMT
x-check-cacheable: YES
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-pragma-client-ip: 10.33.41.138, 12.90.221.210
x-serial: 1
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:39:00 GMT

GET
H/1.1 200
OK heart-loop.gif
resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/ Frame 217D 12 KB
13 KB 25ms
24ms Image
image/gif 96.6.30.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/heart-loop.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.6.30.77 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-30-77.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 50c83747e36fd50f036d6ad93affed0a48eb7dabeb0b17122096b28e9f4822a4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resource.ecdrsvc.com/api/api/7000998/PCMB_Q4_CN_Nat_EN_MB_DISPLAY_Coffee_A_300x600_v1/index.html?tid=8025337&sid=6025352&guid=82593813393&clicktag=https%3A%2F%2Fadsvr.ecdrsvc.com%2Fc%2F%3FtokenID%3D8025337%26iid%3D89b1f84b-e708-11ed-b713-2954332e98f5%26type%3D1%26oid%3D5bc088d2-6c43-469a-a7d3-08764577aa78%26cn%3D0&oob=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:39:00 GMT
Last-Modified: Wed, 22 Mar 2023 18:38:04 GMT
Server: nginx/1.14.2
ETag: "641b4b0c-3185"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12677

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80E3 0
20 B 50ms
47ms Ping
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7992006656468&version=m202301230201&ct=76&x=13&cor=7809418477920863000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C7A1 6 KB
3 KB 21ms
20ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 03:39:00 GMT
expires: Mon, 29 Apr 2024 03:39:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C7A1 0
0 42ms
41ms Fetch
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnOCQ1OJNZPikCbHA1wWXgKawAqOmsctshcifqa0QwI23ARABIABg_eiigfADggEXY2EtcHViLTU3ODYyNDMwMzE2MTAxNzLIAQngAgCoAwHIAwKqBKACT9D-zZExOBPE0_9txZbswseaoUYXf0q74e0lWrVPZbg5AjqRe0AkO0FqBkJG-VT2VJKcpM3da_m7q0t4uONo2_Hk5uKHiRj9ykXknghqjmQ_6Y51m8qc8AN16q85TVGpi8qGfOLeGcaeq0uJkSq1E2YF6O4668ZplDxx0-SdY3xhmLUSqL1DQvMGCUn3Z1f_xwxvrsz6jsN3F7y5e7XsoLZEKKLAw76hfNofd-pO038E3jehmzz8JpNG5qWsm882RHqprxF6A_dBakHzRpL_7_bUeyh3UPG32DGKiFXoYm_We16fPRAgLltugZPDibVnIAS66teLLX_BptsWnkyEgFP26LtOYdSZQ1wKS6QEKneqEQEQKmj43oubkW5t0Fz84AQBgAb61ZDxqs7YsEigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01Nzg2MjQzMDMxNjEwMTcyGLHoGg&sigh=Y4siwntU604&uach_m=[UACH]&cid=CAQSKQBygQiD_96--8eJ_H5MdkomBtYBtHg8xbiIm8oi6kd8vpzJ539PJfHxGAE
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 winnotice
trace.mediago.io/api/log/ Frame C7A1 0
0 43ms
38ms Fetch 35.208.249.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://trace.mediago.io/api/log/winnotice?tn=41b6e88a2b85b0e731ef8e73e5558712&winloss=2&id=9f20fede7ad9e0f37f1e202795f463c7&seat_id=${AUCTION_SEAT_ID}&currency=${AUCTION_CURRENCY}&bid_id=${AUCTION_BID_ID}&ad_id=${AUCTION_AD_ID}&loss=${AUCTION_LOSS}&imp_id=1&price=${AUCTION_PRICE}&test=0&time=1682825940&dp=tN8L5d7-NdsG6N0mwgdcNfs2LEyRIzumeQzZpTDAe9w&dsp_id=22&url=fJI9rElunllWY_ligO6UfGp0qlnwz2_uc8fsK2ko7UA&sp=tN8L5d7-NdsG6N0mwgdcNfs2LEyRIzumeQzZpTDAe9w
Requested by: Host: news.yahoo.com
URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:39:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 style_banner_728x90_standard_127e5e.css
cdn.mediago.io/js/template/style/ Frame C7A1 4 KB
4 KB 74ms
21ms Stylesheet
text/css 52.85.61.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/template/style/style_banner_728x90_standard_127e5e.css
Requested by: Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-120.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60c3a5babd0a75ece28db3fb5de437637ebeccdd2e8f3f99c760b6fb1910d3d5

Request headers

Referer: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/
Origin: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: viD_AJufokwJlGj2EargcMbRBxVoKRzl
date: Sat, 29 Apr 2023 18:33:45 GMT
via: 1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
last-modified: Wed, 26 Apr 2023 07:01:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 32716
x-amz-server-side-encryption: AES256
etag: "fb044b942a726f3fe8fbb3de5c0c0690"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3751
x-amz-cf-id: r59CkH8q66e7odCsRw7R5lClH8bPQee2VyMUOn2eJu6yUoW681emfA==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame C7A1 3 KB
1 KB 28ms
25ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:59:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 19:59:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame C7A1 19 KB
8 KB 24ms
20ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:59:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 May 2023 19:59:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C7A1 0
0 91ms
39ms Image
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR8EbsH0cHKXXbBa0RwOcOmDmgNHpqOfBhfAQDZ4fyUNki_P5_WZbl7TQS7Nuuo_O2N46x9WTunvCy1NGAXGiYeUV_nGw
Requested by: Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C7A1 24 KB
6 KB 25ms
22ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:59:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 28 Apr 2024 19:59:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C7A1 158 KB
49 KB 58ms
55ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Apr 2023 03:39:00 GMT

GET
H2 200 861c26d9c6fbc1da1d81ce063994bc39__scv1__300x175.png
d2cli4kgl5uxre.cloudfront.net/ML/ Frame C7A1 83 KB
84 KB 100ms
29ms Image
image/png 2600:9000:233d:5800:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cli4kgl5uxre.cloudfront.net/ML/861c26d9c6fbc1da1d81ce063994bc39__scv1__300x175.png
Requested by: Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:233d:5800:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e008a6f0412cc524bceae5a0669d6008caf51e49096efe5db5acb3e0e70d2ca9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Kndaj8o17aKpsiTs.91n_zv4R99m8FkB
date: Sat, 29 Apr 2023 11:15:01 GMT
via: 1.1 83e9543a0c721a5a36e6bcd3e84e87c0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P4
age: 59040
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 85126
last-modified: Wed, 26 Apr 2023 14:14:40 GMT
server: AmazonS3
etag: "de139e64c0f553b37e94aa817072e4a3"
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 7e1HbzJDefZRx2frOJyQ4ZcnmRA2RJ7QyuffyCq5cXyxYgjNGNhiGg==

GET
H2 204 ic
trace.mediago.io/ju/ Frame C7A1 0
38 B 40ms
40ms Image
text/html 35.208.249.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=1b6d0fcca96ab509363ce1917bb9841a&acid=348&data=b8bHmC12ezeEwwZs1v8YOQvK9MXnL_PjSWANg8H1Jt98uV9fhDEk_HdldwRnpa0jpITw9xkAeWkruJMK_IikcRnl8IvU5vUTCokT-TFFMOu98Bm2mw3ymhuC-LXFwPNEMh3A8VMaKIP_GZLFJJF0eBIsMNnNA5sN_06A1DgB6jrKQ2Uk4XvfEkqhdPJJChqquDBo4pDkUhkLCwSs8SKzcEB_MYTWGdgEZiiZ-lc2HuhxZYwJORJLwmOWZ4M7Kaz9m7Wv5L4mp4jVI6tbfTXRXSi2tVgdfAl293yTIoCWOsBBOOzr59vdJmtCHEcpHvMpI0iaTsE_DfeYNKLIZ9jp1CKVAIHVqI6lDE6tZQ7Y_yX-x8jOUmS_J-_wiz3X58AiIQm4GDIAixcyKaTBK_tjHDnzFZiwPWWPkm7QOteNPAlJbFIllPlzN_-rQNMfwXPU4PMo3lVO0eXBkrlVql9TMP5sYzqudAI3tsEoMqmA5hpNCE8R3NzLaUIrtLQzMlLF4o5qatsognaOVoWQY6kmAkLD-UrBCdVXcYzB4MkaNPONTYYQqLBa4l-vweznqDJhYSXXa2FuDTY44LcUmbq1RZulD4MOYLh2-Sq3l6u7TwqAjqTDlO-QseiXhROMsCQEVUMWgGfAoxnrBL_JYogkRKk5W-P9SsZXd2OQGTxj-WnsDMgEDDqCH_bfgpFXLsNo5Scou4h42nF9tEAsfyhmGfSFCxopJ9T-_J2tq5hkhawCPeHGHQeDl7lHKueqqN4sz3qXgmBX4xnOmJIUKmqEln5km19ej78b9A11LCRxEiaZcIk4K5HupjDj1qFywTuZonDYDL9X-NzuT0u1ZlOwIOUh0r6vay2hA50vLJMHo--eNJz8uJpnu-K28OS6aAwRia4m2G2BZQHECB8YC8BnS2pbXvB0DUX2gNdVCLDR8KyXQG6X81pYxZlH2sMCJsNo8oMP9eB1N3C0NsQ_SAGuw9ESDbD8iuTWRf8uR6IHBndsRUFNCvhlMW8wMmQMPsWz&uid=CAESENfGhO17O0y_HT33gotB02Q&mguid=&ap={AUCTION_PRICE}
Requested by: Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:39:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2813 1 KB
643 B 20ms
20ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 61269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 10:37:51 GMT
etag: 48472445140208031
expires: Sun, 30 Apr 2023 10:37:51 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C7A1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85e57464cd3567585dbecf459f23e2127f18fd758ec5083ebe41abf37315f0a2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2813
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIF80I68BEdciMSmcn5auU4&google_cver=1&google_push=ATf1kGOZ0q844ay0zn0WFGtKEOP616Hx6pQUEwEjnowVn4qgYkm4x6Of9rR0FbGBTe1h0rT3aQEoVWPmNftYka_sxHEJlhsS6Iw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzUyNjExNDkwODE4Njg3MDg3OQ==&gdpr=0&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEIF80I68BEdciMSmcn5auU4&google_cver=1

43 B
407 B

122ms
42ms

Image
image/gif

2620:112:f002:bbbb::21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEIF80I68BEdciMSmcn5auU4&google_cver=1
Requested by: Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 30 Apr 2023 03:39:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEIF80I68BEdciMSmcn5auU4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2813 35 B
465 B 110ms
33ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMQg8boohDvWQL5Uvk-yEko&google_cver=1&google_push=ATf1kGPcKq7_RSahkEo0nP4KBLXyo3oxVGaYHOMLMzZmj6TvsXeLrDFet90yoSg6QxnwuGFG90xdVwK6TdphUj0FJF4rIliocVI

Requested by

Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2813
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESELr9S2L34saTGqA00pFVIeY&google_cver=1&google_push=ATf1kGMjA8WCVFt391O1vKecf9Gzcl37C2IzclF28d2En0y5ERQ6nNo_CefFEdbfRdRbEJsTpxQecB5SrErLkaJZmbw5kfcUJ8Y
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1ODI3NTM3MTQ1NTMzMjAwMFYxMA%3d%3d&mn_hm=MzI1ODI3NTM3MTQ1NTMzMjAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGMjA8WCVFt391O1vKecf9Gzcl3...

170 B
188 B

38ms
37ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1ODI3NTM3MTQ1NTMzMjAwMFYxMA%3d%3d&mn_hm=MzI1ODI3NTM3MTQ1NTMzMjAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGMjA8WCVFt391O1vKecf9Gzcl37C2IzclF28d2En0y5ERQ6nNo_CefFEdbfRdRbEJsTpxQecB5SrErLkaJZmbw5kfcUJ8Y&gdpr=&gdpr_consent=

Protocol

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:39:00 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI1ODI3NTM3MTQ1NTMzMjAwMFYxMA%3d%3d&mn_hm=MzI1ODI3NTM3MTQ1NTMzMjAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGMjA8WCVFt391O1vKecf9Gzcl37C2IzclF28d2En0y5ERQ6nNo_CefFEdbfRdRbEJsTpxQecB5SrErLkaJZmbw5kfcUJ8Y&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Sun, 30 Apr 2023 03:39:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2813
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESELN3HG_GZnYFna3mBhO4eAw&google_cver=1&google_push=ATf1kGMHAlUO66K8-newAWaPnLDAxiR_c0yUNdRYaTc8zqElRpWRoHUr7M2Xdgq1HMCoVMGCm5zI...
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=Hiz9vocZQgqJ3TnisdsjHQ==&no_redirect=1&google_push=ATf1kGMHAlUO66K8-newAWaPnLDAxiR_c0yUNdRYaTc8zqElRpWRoH...

170 B
188 B

43ms
42ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=Hiz9vocZQgqJ3TnisdsjHQ==&no_redirect=1&google_push=ATf1kGMHAlUO66K8-newAWaPnLDAxiR_c0yUNdRYaTc8zqElRpWRoHUr7M2Xdgq1HMCoVMGCm5zI94ZSDdF6ixwqLFpq0qb5yPjd

Requested by

Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=Hiz9vocZQgqJ3TnisdsjHQ==&no_redirect=1&google_push=ATf1kGMHAlUO66K8-newAWaPnLDAxiR_c0yUNdRYaTc8zqElRpWRoHUr7M2Xdgq1HMCoVMGCm5zI94ZSDdF6ixwqLFpq0qb5yPjd
date: Sun, 30 Apr 2023 03:39:00 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2813
Redirect Chain

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEPxXnWjpWZ2NGyImX3M_-e4&google_cver=1&google_push=ATf1kGMcTMymA0SMTRvqGk17XDlnv7FldmpT2PPXX-XH8LCybEKmbk-Yx6diXElvFZqVWiVcINY0fv_bGUvlfMCf0...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NWYyNTQ2NDUtZjZhYS00ZWE0LTlkNjEtZmU4MzJhNDYxY2Nh&google_push=ATf1kGMcTMymA0SMTRvqGk17XDlnv7FldmpT2PPXX-XH8LCybEKmbk-Yx6diXElv...

170 B
188 B

37ms
37ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NWYyNTQ2NDUtZjZhYS00ZWE0LTlkNjEtZmU4MzJhNDYxY2Nh&google_push=ATf1kGMcTMymA0SMTRvqGk17XDlnv7FldmpT2PPXX-XH8LCybEKmbk-Yx6diXElvFZqVWiVcINY0fv_bGUvlfMCf08sM9dUv8t0

Requested by

Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NWYyNTQ2NDUtZjZhYS00ZWE0LTlkNjEtZmU4MzJhNDYxY2Nh&google_push=ATf1kGMcTMymA0SMTRvqGk17XDlnv7FldmpT2PPXX-XH8LCybEKmbk-Yx6diXElvFZqVWiVcINY0fv_bGUvlfMCf08sM9dUv8t0
date: Sun, 30 Apr 2023 03:39:00 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2813
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEOo4VYjvSkVwPmw_CDCHV2A&google_cver=1&google_push=ATf1kGNnuF5Ppj_LlYbxC7L-a0GshznUakkYLPp8mZzUyVNDNzdE4j8UVX7DrymcZ66QV_mUAvIIRh8EAJpZ-ek...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=TkQZlCZYTUi0wxXDXsZT7Q&google_push=ATf1kGNnuF5Ppj_LlYbxC7L-a0GshznUakkYLPp8mZzUyVNDNzdE4j8UVX7DrymcZ66QV_mUAvIIRh8EAJpZ-ekP8EIuiibe8HCY

170 B
188 B

39ms
38ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=TkQZlCZYTUi0wxXDXsZT7Q&google_push=ATf1kGNnuF5Ppj_LlYbxC7L-a0GshznUakkYLPp8mZzUyVNDNzdE4j8UVX7DrymcZ66QV_mUAvIIRh8EAJpZ-ekP8EIuiibe8HCY

Requested by

Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=TkQZlCZYTUi0wxXDXsZT7Q&google_push=ATf1kGNnuF5Ppj_LlYbxC7L-a0GshznUakkYLPp8mZzUyVNDNzdE4j8UVX7DrymcZ66QV_mUAvIIRh8EAJpZ-ekP8EIuiibe8HCY
Date: Sun, 30 Apr 2023 03:39:00 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2813
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEK8FRWip6crItE3uZz3Cbiw&google_cver=1&google_push=ATf1kGPiF9MQRK_p4c5qWnEaTdp0Yi9fj_1pfZlJ-oPzzay39W_Ls87ECiVMikwnDaSblfd9X5zKs...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEK8FRWip6crItE3uZz3Cbiw&google_push=ATf1kGPiF9MQRK_p4c5qWnEaTdp0Yi9fj_1pfZlJ-oPzzay39W_Ls87ECiVMikwnDaSblfd9X5zKs...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGPiF9MQRK_p4c5qWnEaTdp0Yi9fj_1pfZlJ-oPzzay39W_Ls87ECiVMikwnDaSblfd9X5zKsJGReCn2K5CLn8ollX8oiZs7&google_hm=bEp2SVN1Q0t2cFA0...

170 B
188 B

38ms
36ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGPiF9MQRK_p4c5qWnEaTdp0Yi9fj_1pfZlJ-oPzzay39W_Ls87ECiVMikwnDaSblfd9X5zKsJGReCn2K5CLn8ollX8oiZs7&google_hm=bEp2SVN1Q0t2cFA0Qi01dlI5WjY=

Protocol

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 03:39:00 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGPiF9MQRK_p4c5qWnEaTdp0Yi9fj_1pfZlJ-oPzzay39W_Ls87ECiVMikwnDaSblfd9X5zKsJGReCn2K5CLn8ollX8oiZs7&google_hm=bEp2SVN1Q0t2cFA0Qi01dlI5WjY=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 240
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2813 0
12 B 36ms
33ms Image
text/html 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSxUJV0E4XK02LjC74Gp3B1lUCQkPZgAyLa7QvkMAsGDwkZ4AdELYKrj-KnH5CDVg5cevTgU7wng

Requested by

Host: 7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
URL: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:39:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 206 CasinoDays_Digital_1080x1080_MALE02.mp4
cdn-rhino.b-cdn.net/videos/ Frame 9A4D 888 KB
0 33ms
30ms Media
video/mp4 2400:52e0:1a00::845:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-rhino.b-cdn.net/videos/CasinoDays_Digital_1080x1080_MALE02.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-845 /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range: bytes=393216-

Response headers

date: Sun, 30 Apr 2023 03:39:00 GMT
cdn-edgestorageid: 1029
cdn-storageserver: DE-168
Content-Range: bytes 393216-1302125/1302126
cdn-cachedat: 03/15/2023 22:30:17
cdn-pullzone: 432439
Content-Length: 908910
last-modified: Tue, 03 Jan 2023 10:41:23 GMT
server: BunnyCDN-IL1-845
cdn-fileserver: 90
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp4
cdn-cache: HIT
cdn-uid: 632776cd-0e27-4f2f-9e50-6a233f7e45c4
cache-control: public, max-age=31919000
cdn-requestid: a5742087ae80c99b72111ab59a7dfeaa
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A4F8 14 KB
11 KB 97ms
50ms XHR
application/json 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

172ee8eda2f465c268fe1b54cd88d6c1757caddfc670b323caf3df09079c2be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:39:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11073
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A4F8 17 KB
6 KB 47ms
47ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074188

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Apr 2023 03:39:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EE47 13 KB
5 KB 23ms
20ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 27595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 19:59:05 GMT
expires: Sun, 28 Apr 2024 19:59:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9596 783 B
1003 B 41ms
38ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1da211dc49f49d4e0126bbea157ef404bc124af590453d62e2137d91be3a2058

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iZLZZFQ_rWMlvHcQ8v6XpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-iZLZZFQ_rWMlvHcQ8v6XpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 03:39:00 GMT
expires: Sun, 30 Apr 2023 03:39:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js Show response
pagead2.googlesyndication.com/bg/ Frame EE47 36 KB
14 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 11:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14195
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Apr 2024 11:44:41 GMT

GET
H2 204 ic
trace.mediago.io/ju/ Frame C7A1 0
121 B 41ms
40ms Image
text/html 35.208.249.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=1b6d0fcca96ab509363ce1917bb9841a&acid=348&data=BYlhkgPzEsDoP6fTPH7XoPX61hE__gBSxXMVsGTQzgJLDGtMcb6wQRBgZnyTJg0a73mt8DIOW-zR2O9wYY2wMnXtuTD6SRM0X1X_OSRlAkXF8RIyPbx1E3RtGInrYej3amOoPji4Wn7Opy7w-RfkkFzukYom-MZqrfuqQAcxmfk3MrcClfBSvgHHfyMEdHSln9w73XJVcJw4tfCjUcasVai1X3HVF3PXLg9q0DRx-TaZiUDLP1qvjRes_6HjbKSZzlVvmDsnhrPkSfV_fuW5ArlMp-8XBto7s3oST4ZqaEbSr093ucke_1yGDLVcBe88huIzC3_hivB_CXJ-IG1iZ2DAETOH_vqp3PqW2XNfaLvmccr1XhFScOiML0Y3icSUtcQCmohsF4rAXGjkvYYFBBsokLw-xAp1M5MZuBMbNZ0tf-3_GyrF9Y1txy8JN7xszl5oW31QaCkQkYxPN9ADwAN_IBY95Nze8ot7kRjjyMnYDM9QIIpLPSGpF1_YX4AASsjtjSYHAvmfUPGqPabFfNwxG52gs6SSBI-qQ_2nyf8B2OCKlEY346FWAQWT5MnjOtRMKHxFqxLsJ-MeRW9ZU8lUiFsSetWXGw7FTSIUbqzLAmyx__KWFu7lvMc1V3S1HerRTqKSNClle5JtCdTmK4mnKzutDMx7BkwniKB6snhwQV_6IT4uol8W7DwnixHhUTKwO0Em-9-3IBLV7-Lw9qXLrl8jprCm1wPMwVsDyyz6-XVKSZ3ggkKF9ZKpB23hYTpwhi6UiUIqt24xBdwxJYtdz9oBz_5GyMyfiMI0ofqmK-KPHWL2-1jciRW1FNw7LAcUyXAUncb-b4TkuuUpEbKorWwWlOO7irnFbCoTuFt5_1fOgP37iJW0y60nQ9coMRmUHdQVt9yDwjwJdbQx9CkNyya9zEiUNbytrFzTkrm_baKdccIAhgoYsSkyFwq2tGFy3oWk8BTwtiCtLb11Ye2RkfgBfe8c9TPBw1Pyt3B6t4cN8ifiY21WhKXMYckY&uid=CAESENfGhO17O0y_HT33gotB02Q&mguid=&ap={AUCTION_PRICE}&wprice=ZE3i1AACUngKteAxAAmAF1OxwMK9DP3pQRDiLg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:39:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EE47 0
10 B 19ms
19ms Image
text/plain 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SQgFOw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:39:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 p
geo.yahoo.com/ 43 B
96 B 25ms
25ms Image
image/gif 2001:4998:58:207::6000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:01 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A4F8 0
0 40ms
40ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250101&jk=4214816832776671&bg=!bG-lbzvNAAb9Sbh13Uk7ADkAdvg8Wi-pDAKjJaxf8HuIxqPYCoTTamR7hS3n2aofD2qKt5VB56YkhGQBsbfBs7QJIzRBODgiNRACAAAA0lIAAAACaAEHmQMNJ2O2ql8cCg1maQTVF4QaPzt00hOAANM4_HrHe0yFTYpogt4ui7RGR-_czPdU--rYDEwfMspdnJLEPmPw1rR9FanMMIChSAEo54yQfVcX2VgcZI0ehck48YeZkUZwR4lnHQgaGn_Ig_xeBb9QfT8vUBBP7hR92V9q1Fg3i6Ajzv4QNE2Wb8prbJVwn6N8sutBbuUAX_sZ6RcS5d5BC0gJOIIvEdbTfGOJNdQ5QI7TV06OpXMKsQrnW5n_L7YYaETMELsMqEwlJ4gIJYTf6QRpS6flGUKVTRITXTK3iSMTknFKPyBAdaV4Fgvz6FclOAnWSkCHZBGBLhyD0_mc-ylKORVzPcnunaXjqZB-OkQCuEZtknXBTj0HcenAsVZtkq0wxHjEyVfW2cWRJsqIgYmgWe-F9nXmKHF3EY1le2s5v2SWNCI7EqpZQF_czkmKxmboHSbOd-8FhvD5d9s_td9qiqvJ1BjqTcwFEXqnYUTFSc-kIYMznH3g0svjdRfsPcbOxFdzWHFXIrZqMtnHE4w9UfGYYI45HgA9WBXScK7-EWWhgk_1SOIBoXauGwvsf0YV1Jh-N_yAMMB0m94Tb2VXldaxX0ED6pbvUUELQxPIhEwJ5oEbDuCfTBdDiYs8xDXTIlxJFTYfVMrtow4dJqdmh0GthR1oVIfjn3scXi9LejNqJCKfVEt0B0gKcXr9xL1c5xY7f-jiaTzrOr2ezHv6VlSYCevS2AB81We1TlkBLSG31WumjKxQVNuC1HrLnqDGcttDboCTgX01_ofx-smqzbagA5jMi0JK5kA066_w5sPb_hx5F4AS2A-_8jZlOuA6eeGwCK8U5Udk42Q5aTv5xW5ZNeRDNlXlvFwKDSja89Cbw81pLVlm02oKK0I_jhb0_64cgBW6y0f5ITnwpdAtyq2AN9c0wHZrRLdgsStqQpdxAp6Qd6CHRzrMC2LkhDfa7rhpIBi5UV3GpxuHQjNVNPf4-QXjnXiQBhqbMVNybt6CKqNXN6k39uhE9s-sF49YHE_vhe5icRj5c9AN6w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s.yimg.com/rq/darla/4-11-1/html/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H2 200 p
geo.yahoo.com/ 43 B
96 B 23ms
23ms Ping
image/gif 2001:4998:58:207::6000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=1197618800&t=O9YrZJzHFQMQshUH,0.8240531556374122&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_a1s%03d%3DAQABBM_iTWQCEMHY-YpvW9Z_BAt2sE2gk38FEgEBAQE0T2RXZAAAAAAA_eMAAA%26S%3DAQAAAt47xNq-yC0w6D5gZjH_J3w%26j%3DWORLD%04_guc%03AQEBAQFkTzRkV0IdXwR8%04_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03usnd-a20-seamless-int3%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04A_sid%03GG7kiyUtagps51uv%04_w%03news.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html%04_rid%0374hs03li4romf%04abk%03%04colo%03bf1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03news%04uh_vw%030%04navtype%03server%04p_cpos%031%04p_hosted%03hosted%04pcp%03Sophia%20Ankel%04pct%03story%04pd%03non_modal%04pl2%03seamless-article%04pstaid%03986b3626-7fe5-3ac6-943d-163ec6b9dd49%04pstaid_p%03986b3626-7fe5-3ac6-943d-163ec6b9dd49%04pstcat%03politics%04pt%03content%04ver%03article%04A_cmi%03%7B%22AFT%22%3A1948%2C%22AFT1%22%3A1948%2C%22AFTNOAD%22%3A1100%2C%22STR%22%3A1073%2C%22VIC%22%3A0%2C%22PLT%22%3A4264%2C%22DOMC%22%3A865%2C%22HTTPC%22%3A103%2C%22CP%22%3A85%2C%22NCP%22%3A100%7D%04A_utm%03%7B%22DARLA_RSTART%22%3A1457%2C%22ADSTART_LDRB%22%3A1474%2C%22DARLA_REND%22%3A1490%2C%22ADEND_LDRB%22%3A2581%2C%22ADSTART_LDRB2%22%3A4495%2C%22ADEND_LDRB2%22%3A5643%2C%22CONNECTION_TYPE%22%3A%224g%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031682825943%04_ms%03409%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:03 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 p
geo.yahoo.com/ 43 B
73 B 24ms
24ms Image
image/gif 2001:4998:58:207::6000
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/p?_E=adperf&outcm=performance&etrg=backgroundPost&usergenf=0&etag=performance%2Cdarla&s=1197618800&pvid=EPDodjEwLjJ_k6BNZE3izxGJMjYwNwAAAAByHFU3&D_bv=1.0.0&D_ts=0&D_v=sdarla_4-11-1&D_l=269%2C234%2C1234%2C1284%2C0%2C0%2C184%2C270%2C15&D_m=0%2C%2C4g%2C1%2C&test=&D_e=&D_p=7%2C11115385%2CLDRB%2C728x90%2C999999%2C999999%2C999999%2C0%2C0%2C1092%2C2%2C100%2C26888915%2C-1%2C2%2CEPDodjEwLjJ_k6BNZE3izxGJMjYwNwAAAAByHFU3%3A-1%3ALDRB%2C1%2C2%2C4%2C2%2C0%2C2%2C0%2C0%2C6%2C1%2C6%2C2%2C0%2C0%2C0%2C0%2C100%2C4%2C3%2Chttps%253A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html%2C%2C2%2Ctrue%2C3%2C0%2C0%2C-1%2C0%2C0%2C-1%2C-1%2C-1%2C-1%3B&D_res=%7B%22LDRB%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatch%3Fs%3D175407%26gdpr%3D0%26gdpr_consent%3D%26cb%3Dhttps%253A%252F%252Fups.analytics.yahoo.com%252Fups%252F55940%252Fsync%253F_origin%253D0%2526redir2%253Dtrue%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%22%2C%22dur%22%3A639%2C%22st%22%3A449%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fcreativecdn.com%2Fcm-notify%3Fpi%3Daol%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%22%2C%22dur%22%3A421%2C%22st%22%3A453%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fc.bannerflow.net%2Fscripts%2Fiframe%3Fdid%3D5e37e77b7fc80a0001423cff%26deeplink%3Don%26a%3D6411e6dbc0f1dce23d450aaa%26redirecturl%3Dhttps%253A%252F%252Finsight.adsrvr.org%252Ftrack%252Fclk%253Fimp%253D2610ccd1-bedc-4d05-b66c-c372cf9540e9%2526ag%253Dzcnuy12%2526sfe%253D168562cf%2526sig%253DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%2526crid%253D5dcnkl2a%2526cf%253D4874720%2526fq%253D0%2526t%253D1%2526td_s%253Dnews.yahoo.com%2526rcats%253Dy29%2526mste%253Dnews.yahoo.com%2526mfld%253D2%2526mssi%253D%2526mfsi%253D%2526sv%253Drightmedia%2526uhow%253D167%2526agsa%253D%2526wp%253D0.05%2526rgz%253DM6A%2526dt%253DPC%2526osf%253DWindows%2526os%253DWindows10%2526br%253DChrome%2526svpid%253D52469%2526rlangs%253D01%2526mlang%253D%2526did%253D%2526rcxt%253DOther%2526tmpc%253D8.100000000000023%2526vrtd%253D%2526osi%253D%2526osv%253D%2526daid%253D%2526dnr%253D0%2526vpb%253D%2526c%253DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%2526dur%253DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%2526durs%253DAuzKvO%2526crrelr%253D%2526npt%253D%2526mk%253DGoogle%2526fpa%253D332%2526pcm%253D3%2526ict%253DUnknown%2526said%253D51fe8c9bed294e2b9ad426d0cd6d1d39%2526auct%253D1%2526tail%253D1%2526r%253D%26cb%3D906650%22%2C%22dur%22%3A402%2C%22st%22%3A300%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2F5.ras.yahoo.com%2Fadcount%257C2.0%257C5113.1%257C4830384%257C0%257C225%257CAdId%3D-41%3BBnId%3D2%3Bct%3D1914487186%3Bst%3D9043%3Badcid%3D1%3Bitime%3D825935747%3Breqtype%3D5%3Bguid%3D7v4t09li4romf%3B%3Bimpref%3D16828259352261735796%3Bimprefseq%3D135957967194302598%3Bimprefts%3D1682825935%3Badclntid%3D1004%3Bspaceid%3D1197618800%3Badposition%3DLDRB%3Blmsid%3Da0770000003N6b9AAC%3Brevshare%3Dlmsid%25253Aa0770000003N6b9AAC%25253Brevsp%25253Abusiness%25255Finsider%25255Farticles%25255F888%25253Blpstaid%25253A986b3626%25252D7fe5%25252D3ac6%25252D943d%25252D163ec6b9dd49%25253Bpt%25253Acontent%25253Bpd%25253Anon%25255Fmodal%25253Bver%25253Aarticle%25253Blu%25253A0%25253Bpct%25253Astory%25253Bsite%25253Anews%3Bpvid%3DEPDodjEwLjJ_k6BNZE3izxGJMjYwNwAAAAByHFU3%3Bsectionid%3D149676551%3Bkvpgcolo%3Dbf1%3Bkvhashtag%3D1996000%3Bkvrs%3Dlmsid%3Aa0770000003n6b9aac%3Abusiness_insider_articles_888%3Acontent%3Apd%3A0%3Apct%3Astory%3Apt%3Asite%3Alu%3Anews%3Aver%3Aarticle%3A986b3626-7fe5-3ac6-943d-163ec6b9dd49%3Arevsp%3Alpstaid%3Anon_modal%3Bkvssp%3Dssp%3Bkvctopid%3D1996000%3Bkvsecure%3Dtrue%3Bkvmn%3Dy403551%3Bkvy-bucket%3Dusnd-a20-seamless-int3%3Bkvwiki_topics%3Dmike_pompeo%3Acomputer_security%3Aunited_states_department_of_state%3Amalware%3Arussia%3Afireeye%3Abusiness_insider%3Athe_pentagon%3Adonald_trump%3Aunited_states_secretary_of_state%3Ajoe_biden%3Asolarwinds%3Acyberattack%3Afederal_government_of_the_united_states%3Bkvsecure-darla%3D4-11-1%257Cysd%257C1%3Bkvadtc_dvmktname%3Dunknown%3Bkvadtc_dvosplt%3Dwindows_10%3Bkvadtc_dvbrand%3Dgoogle%3Bkvadtc_dvtype%3Ddesktop%3Bkvadtc_dvmodel%3Dchrome_-_windows%3Bkvrepo_dvosplt%3Dwindows_10%3Bkvadtc_dvosversion%3DNT%252010.0%3Bkvadtc_crmcc%3DUNKNOWN%3Bkvadtc_crmnc%3DUNKNOWN%3Bgdpr%3D0%3B%22%2C%22dur%22%3A365%2C%22st%22%3A104%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fp%3D156078%26gdpr%3D0%26gdpr_consent%3D%26gpp_sid%3D%26gpp%3D%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253FpartnerID%253D156078%2526xid%253Dy-mecNXXVE2uWJvpBtOZ4TRTFNBGpEgUY-~A%2526gdpr%253d0%2526gdpr_consent%253d%2526gpp_sid%253D%2526gpp%253D%2526pmc%253DPM_PMC%2526pr%253Dhttps%25253A%25252F%25252Fups.analytics.yahoo.com%25252Fups%25252F58292%25252Fsync%25253F_origin%25253D0%252526gdpr%25253D0%252526gdpr_consent%25253D%252526gpp_sid%25253D%252526gpp%25253D%252526uid%25253D%252523PMUID%252526redir2%25253Dtrue%22%2C%22dur%22%3A350%2C%22st%22%3A451%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%5D%7D&t=1682825943449

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:03 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 pixel.gif
px.moatads.com/ Frame 98EE 43 B
328 B 21ms
21ms Image
image/gif 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=LOBLAW_DISPLAY1&ol=4243053063&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-b34pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-sXZ5VnlY3Ncxlw%3D%3D&sc=1&os=1-vw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&id=1&ii=3&f=1&j=https%3A%2F%2Fnews.yahoo.com&lp=https%3A%2F%2Fnews.yahoo.com&t=1682825938179&de=158958691464&cu=1682825938179&m=5743&ar=81c6b5a9873-clean&iw=fee3009&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=268&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A1088%3A315&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5114&cd=148&ah=5114&am=148&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=PC%20Masterbrand%3A2023_02605_LM_14_Q4_PCMB-Q2-CONSID-THINK-PC%20Coffee_AW_CA_EN-FR_DISPLAY-OLV_1PD%3A14_PCMB-Q1-CONSID-PC%20Coffee_DISP_MediaAisle_OPN_HTML5_CPM_000700_ROC_EN_Mass_OE%3A&bo=Display&bd=300x250&gw=loblawdspdisplay883108631098&zMoatOrigSlicer1=Display&zMoatOrigSlicer2=300x250&zMoatDomain=yahoo.com&zMoatSubdomain=news.yahoo.com&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=203238&na=1304512128&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:03 GMT
x-check-cacheable: YES
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-pragma-client-ip: 10.33.41.138, 12.90.221.210
x-serial: 1
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:39:03 GMT

GET
H2 200 pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ Frame 80E3 43 B
260 B 19ms
19ms Image
image/gif 23.34.249.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5081&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=news.yahoo.com&L1id=14146&L2id=Index%20Exchange&L3id=3593822&L4id=19512475&S1id=217738&S2id=783368&ord=1682825938420&r=685618450416&t=page5&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fnews.yahoo.com%252Fmike-pompeo-says-russia-pretty-102330062.html&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.249.16 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-34-249-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:39:03 GMT

POST
H2 200 5f7472ffab198f201c14e16d
c.bannerflow.net/tr/v2/pixel/ Frame 22C4 0
114 B 44ms
43ms Ping
text/plain 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/5f7472ffab198f201c14e16d
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6411e6dbc0f1dce23d450aaa?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.bannerflow.net/scripts/iframe?did=5e37e77b7fc80a0001423cff&deeplink=on&a=6411e6dbc0f1dce23d450aaa&redirecturl=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D2610ccd1-bedc-4d05-b66c-c372cf9540e9%26ag%3Dzcnuy12%26sfe%3D168562cf%26sig%3DZQ7wWJQ8v6lA67WY4sFvw82EtOZXHlGN1JZozzvkN84.%26crid%3D5dcnkl2a%26cf%3D4874720%26fq%3D0%26t%3D1%26td_s%3Dnews.yahoo.com%26rcats%3Dy29%26mste%3Dnews.yahoo.com%26mfld%3D2%26mssi%3D%26mfsi%3D%26sv%3Drightmedia%26uhow%3D167%26agsa%3D%26wp%3D0.05%26rgz%3DM6A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D52469%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.100000000000023%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESB09udGFyaW8aACIHVG9yb250bzgBUAuAAQCIAQGQAQGwAQC6AQQIBRgEkgIHeTQwMzU1MQ..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26fpa%3D332%26pcm%3D3%26ict%3DUnknown%26said%3D51fe8c9bed294e2b9ad426d0cd6d1d39%26auct%3D1%26tail%3D1%26r%3D&cb=906650
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 30 Apr 2023 03:39:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bfcc165aa8d713f-YUL
content-length: 0
request-context: appId=cid-v1:1fcf03fc-fba3-4651-852f-a11a7fdec64e

GET
H2 200 pixel.gif
px.moatads.com/ Frame 79AD 43 B
328 B 20ms
20ms Image
image/gif 23.54.69.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=LOBLAW_DISPLAY1&ol=4243053063&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-yWMJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-CyV0nPQ2oUtvHw%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fnews.yahoo.com%2Fmike-pompeo-says-russia-pretty-102330062.html&id=1&ii=3&f=1&j=https%3A%2F%2Fnews.yahoo.com&lp=https%3A%2F%2Fnews.yahoo.com&t=1682825938257&de=793131429498&cu=1682825938257&m=5757&ar=81c6b5a9873-clean&iw=fee3009&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=618&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1048%3A273&aa=1&ad=5146&cn=1093&gn=1&gk=5146&gl=1093&ik=5146&ic=5146&ez=1&co=1093&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5075&cd=1020&ah=5075&am=1020&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=PC%20Masterbrand%3A2023_02605_LM_14_Q4_PCMB-Q2-CONSID-THINK-PC%20Coffee_AW_CA_EN-FR_DISPLAY-OLV_1PD%3A14_PCMB-Q1-CONSID-PC%20Coffee_DISP_MediaAisle_OPN_HTML5_CPM_000700_ROC_EN_Mass_OE%3A&bo=Display&bd=300x600&gw=loblawdspdisplay883108631098&zMoatOrigSlicer1=Display&zMoatOrigSlicer2=300x600&zMoatDomain=yahoo.com&zMoatSubdomain=news.yahoo.com&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=203238&na=2071354035&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://jac.yahoosandbox.com/1.5.0/safeframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 03:39:04 GMT
x-check-cacheable: YES
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-pragma-client-ip: 10.33.41.138, 12.90.221.210
x-serial: 1
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 03:39:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-zqY4j_hE2uHYzKEOM7vD.S7gpB_4gg--~A&gdpr=0

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

124 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 13:36:41	Name: sync Value: CgoIoQEQ0oL4gf0wCgkIOhCjgviB_TA=
.yahoo.com/	1970-01-20 20:13:03	Name: A1 Value: d=AQABBM_iTWQCEMHY-YpvW9Z_BAt2sE2gk38FEgEBAQE0T2RXZAAAAAAA_eMAAA&S=AQAAAt47xNq-yC0w6D5gZjH_J3w
.yahoo.com/	1970-01-20 20:13:03	Name: A3 Value: d=AQABBM_iTWQCEMHY-YpvW9Z_BAt2sE2gk38FEgEBAQE0T2RXZAAAAAAA_eMAAA&S=AQAAAt47xNq-yC0w6D5gZjH_J3w
.yahoo.com/	1969-12-31 23:59:59	Name: A1S Value: d=AQABBM_iTWQCEMHY-YpvW9Z_BAt2sE2gk38FEgEBAQE0T2RXZAAAAAAA_eMAAA&S=AQAAAt47xNq-yC0w6D5gZjH_J3w&j=WORLD
.yahoo.com/	1970-01-20 20:12:41	Name: cmp Value: t=1682825936&j=0&u=1---
.scorecardresearch.com/	1970-01-20 21:03:05	Name: UID Value: 1107897559dc0818119d66a1682825936
.taboola.com/	1970-01-20 20:12:41	Name: t_gid Value: 8f909e39-ecee-4bcc-bbe1-67319d074b04-tuctb476850
.yahoo.com/	1970-01-20 20:12:41	Name: tbla_id Value: 8f909e39-ecee-4bcc-bbe1-67319d074b04-tuctb476850
.yahoo.com/	1970-01-20 20:13:03	Name: B Value: 7v4t09li4romf&b=3&s=8u
.yahoo.com/	1970-01-20 20:13:03	Name: GUC Value: AQEBAQFkTzRkV0IdXwR8
.agkn.com/	1970-01-20 20:12:41	Name: ab Value: 0001%3AqAl9XuWD1argmD2mwz45fHaDk2OZF9wz
.3lift.com/	1970-01-20 13:36:41	Name: tluid Value: 2721268965583522060162
.semasio.net/	1970-01-20 20:12:41	Name: SEUNCY Value: A78DF506F0FF8A51
.bluekai.com/	1970-01-20 15:50:37	Name: bku Value: 1Dy99BciEVHKAw6x
.bluekai.com/	1970-01-20 15:50:37	Name: bkpa Value: KJy9Bye/d02pSUHknpW8BE9NwtkAwUA+KcorRVATSWD0zWo0KsaGDN5nR7OwxDaazMAtq08EjZ+4KDW+4AWe9w4BWMA=
.bing.com/	1970-01-20 20:48:41	Name: MUID Value: 28A9667348D76D8A104E757049EC6CB8
.c.bing.com/	1970-01-20 11:37:10	Name: MR Value: 0
.pubmatic.com/	1970-01-20 11:28:32	Name: KTPCACOOKIE Value: YES
.openx.net/	1970-01-20 20:12:41	Name: i Value: 5bdce796-5677-4d46-a7c3-0fb306a92bd9\|1682825937
.contextweb.com/	1970-01-20 20:05:29	Name: V Value: wJzWN8AA4XC9
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 6b9da7bdd37b2779
.pubmatic.com/	1970-01-20 13:36:41	Name: SyncRTB3 Value: 1684022400%3A220
.pubmatic.com/	1970-01-20 20:12:41	Name: KADUSERCOOKIE Value: 8E56FC87-C7CD-409D-ACAD-C6740AF7784E
.everesttech.net/	1970-01-20 20:12:41	Name: everest_g_v2 Value: g_surferid~ZE3i0QAGellArAA9
.casalemedia.com/	1970-01-20 20:12:41	Name: CMID Value: ZE3i0bSC4Us4CNLOagYBPAAA
.casalemedia.com/	1970-01-20 13:36:41	Name: CMPS Value: 1392
.casalemedia.com/	1970-01-20 13:36:41	Name: CMPRO Value: 1392
.media.net/	1970-01-20 20:12:41	Name: visitor-id Value: 3258275371455332000V10
.media.net/	1970-01-20 20:12:41	Name: data-v Value: y-ox5tDsJE2uFM8q3t.7fbI3mwVrVg4Dpl~A~~3
.adsrvr.org/	1970-01-20 20:14:08	Name: TDID Value: 40022b3b-2005-4517-8542-406606e8d366
.simpli.fi/	1970-01-20 20:14:08	Name: suid Value: B7F28402B343451C968533164C290EDF
.doubleclick.net/	1970-01-20 20:48:41	Name: IDE Value: AHWqTUn3krT8POyj1KrLnuGJCXVyjZwSuzWP9-e75uC5QMIRzgiAqLo8qFaqxkpdjmo
.demdex.net/	1970-01-20 15:46:17	Name: demdex Value: 23042885847472739801374324358157020411
.contextweb.com/	1970-01-20 20:12:41	Name: pb_rtb_ev Value: 3-1kba\|7aw.0.1\|4is.0.CAESEJDBfq9MCLkiiWlYfX6htVM
.adnxs.com/	1970-01-20 13:36:41	Name: uuid2 Value: 3661470049074716140
.pubmatic.com/	1970-01-20 11:28:32	Name: pi Value: 156078:3
.pubmatic.com/	1970-01-20 13:36:41	Name: chkChromeAb67Sec Value: 2
.yieldmo.com/	1970-01-20 20:12:41	Name: yieldmo_id Value: gc50329cd6ebcc4d7e1b%7C1682825937281%7C0%7C
.uplynk.com/	1970-01-20 20:48:41	Name: COMBOID Value: "comboid=y-nLPVcYRE2uEEAhzZ60OiBkcsrvkverlm~A\|expires_at=1690601937"
.dpm.demdex.net/	1970-01-20 15:46:17	Name: dpm Value: 23042885847472739801374324358157020411
.bidswitch.net/	1970-01-20 20:12:41	Name: tuuid Value: 6c83439e-d517-4612-9960-cbdcac3931d0
.bidswitch.net/	1970-01-20 20:12:41	Name: c Value: 1682825937
.bidswitch.net/	1970-01-20 20:12:41	Name: tuuid_lu Value: 1682825937
.pubmatic.com/	1970-01-20 12:10:17	Name: SPugT Value: 1682825937
.creativecdn.com/	1970-01-20 20:12:41	Name: u Value: p05yXL96p4Ssu0UCcsXY
.creativecdn.com/	1970-01-20 20:12:41	Name: ts Value: 1682825937
.amazon-adsystem.com/	1970-01-20 17:21:20	Name: ad-id Value: A3l6UvkLgkb4olrgszpx380
.amazon-adsystem.com/	1970-01-20 21:03:05	Name: ad-privacy Value: 0
.csync.loopme.me/	1970-01-20 13:38:08	Name: viewer_token Value: 80a98190-5401-4876-982d-f0dcdd7b8480
.creative-serving.com/	1970-01-20 20:48:41	Name: tuuid Value: 989ecf95-abe1-4a9c-a74c-f0f07c202d98
.creative-serving.com/	1970-01-20 20:48:41	Name: c Value: 1682825937
.creative-serving.com/	1970-01-20 20:48:41	Name: tuuid_lu Value: 1682825937
.ecdrsvc.com/	1970-01-20 21:03:05	Name: erTok Value: "AwAAAAA="
.ecdrsvc.com/	1970-01-20 21:03:05	Name: erBeh Value: "AwAXeAADAA=="
.ecdrsvc.com/	1970-01-20 21:03:05	Name: er_guid Value: c58c8a8a-751b-46d4-a025-83179f7f0a02
.dotomi.com/	1970-01-20 11:27:05	Name: DotomiTest Value: 37ead98f0f4821dd
.ctnsnet.com/	1970-01-20 20:12:41	Name: cid_e187070e04414816855c52da65d17ed6 Value: 1
.ctnsnet.com/	1970-01-20 20:12:41	Name: cid_c5b32b93e8304d9996df6b1e078c1dad Value: 1
.lijit.com/	1970-01-20 20:12:41	Name: ljt_reader Value: GkK6aLZH85z68LNzQ26IXm57
.sharethrough.com/	1970-01-20 12:10:17	Name: stx_user_id Value: 5f254645-f6aa-4ea4-9d61-fe832a461cca
.gumgum.com/	1970-01-20 20:12:41	Name: vst Value: u_6c549a63-ad12-4960-84bc-cfbd63514eee
.brand-display.com/	1970-01-20 21:03:05	Name: _knxq_ Value: a2f1bff0-5582-38c9-9ca97d26.1682825938.0.1682825938.1682825938
.mediago.io/	1970-01-20 20:12:41	Name: __mguid_ Value: 6a3fb85d6e857497dff66a15f28c90df
.company-target.com/	1970-01-20 21:03:05	Name: tuuid Value: ef8beab1-4cab-46bd-bb9d-d1c3ec1e139e
.company-target.com/	1970-01-20 21:03:05	Name: tuuid_lu Value: 1682825938\|ix:0
.bttrack.com/	1970-01-20 13:36:41	Name: GLOBALID Value: 2uKlc8-sIBd987FnJ3zHn2D6fHADJyqCC3Y45Qw1IEMOOD9tcPHDKvqxmmbX5oopJWr2VbokNZQC4TM1
sync.srv.stackadapt.com/	1970-01-20 20:12:41	Name: sa-user-id Value: s%3A0-6e2f6c46-28b0-583d-4aef-12173050d3ad.lN%2FmJ6m7E8OxVFpdFXFSPdRE60zlviULh3kgKyNDU60
sync.srv.stackadapt.com/	1970-01-20 20:12:41	Name: sa-user-id-v2 Value: s%3Abi9sRiiwWD1K7xIXMFDTrZU4mbk.JmK7gCoIztUKTPxZ2ycX8GUXe5O1g9cCvOxb7i16ns8
.srv.stackadapt.com/	1970-01-20 20:12:41	Name: sa-user-id-v2 Value: s%3Abi9sRiiwWD1K7xIXMFDTrZU4mbk.JmK7gCoIztUKTPxZ2ycX8GUXe5O1g9cCvOxb7i16ns8
.smartadserver.com/	1970-01-20 20:57:20	Name: pid Value: 4233628459017124396
.turn.com/	1970-01-20 15:46:17	Name: uid Value: 3526114908186870879
.rubiconproject.com/	1970-01-20 20:12:41	Name: khaos Value: LH2V44A7-21-H0JI
.rubiconproject.com/	1970-01-20 20:12:41	Name: audit Value: 1\|GkXnJI2FXDqu2OD64FbEUG927siMySAEnJOAbxn+C0oeECEUBMheivCY0yYvI0KZZpTqsb3t9okkEa5N2k7U1SEEFoCDRlfYgsGSPFouQ53b70SqqeJtg9ES+wzatrvcxGZLyAazrKXMayPfYpUGPWRM4Hfc9hXhFUeqAVE/0YfQD5U7tEfUTQ==
.lkqd.net/	1970-01-20 20:12:41	Name: lkqdidts Value: 1682825938
.lkqd.net/	1970-01-20 20:12:41	Name: sr59 Value: 1\|CAESEFKM5nbQz-EB9m2eBPa4vMc\|1682825938
.lkqd.net/	1970-01-20 20:12:41	Name: lkqdid Value: 3plongf_T90
.adsrvr.org/	1970-01-20 20:14:08	Name: TDCPM Value: CAESGQoKcmlnaHRtZWRpYRILCMLjquDOzeQ7EAUSFQoGY2FzYWxlEgsIqo698c7N5DsQBRgBIAIoAjILCPzW65XlzeQ7EAU4AVoGY2FzYWxlYAI.
.rfihub.com/	1970-01-20 20:48:41	Name: rud Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0MTc0NTY2MTUwNRHiM9RNcivyDfY3CSpNL04EALuOSXYlAAAA
.rfihub.com/	1970-01-20 20:48:41	Name: eud Value: H4sIAAAAAAAA_zslwmtoZmFkYWRqaWxhaWoKANofMksQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0MTc0NTY2MTUwNRHiM9RNcivyDfY3CSpNL04EALuOSXYlAAAA
.mxptint.net/	1970-01-20 21:03:05	Name: mxpim Value: R35CA9_101EB2196_9A8B9AC0.1.00000000644DE2D2
.go.sonobi.com/	1970-01-20 12:10:17	Name: __uis Value: d8916908-fecc-4207-b68f-82b7928c26ed
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s85104\|ZE3i1
.w55c.net/	1970-01-20 20:57:20	Name: wfivefivec Value: EtW0CgHS1PSXTQ5
.deepintent.com/	1970-01-20 21:03:05	Name: CDIUSER Value: di_72af97713ac5423482b4c
.33across.com/	1970-01-20 20:12:41	Name: 33x_ps Value: u%3D212120393663280%3As1%3D1682825938997%3Ats%3D1682825938997
.tribalfusion.com/	1970-01-20 13:36:41	Name: ANON_ID Value: agnu7qSkTseAutomjp9h96porCJ3SAkZdH1gaWhKROAFsJ24wRPPKuImfhixsxJuu3ZdETFlPsDvhOZcDQf4RChlmDZar04gq43sMclghOYv
.mathtag.com/	1970-01-20 20:53:01	Name: uuid Value: 75bc644d-e2d3-4700-8bfe-e5289ba777c1
.w55c.net/	1970-01-20 12:10:17	Name: matchonemobile Value: 5
beacon.lynx.cognitivlabs.com/	1970-01-20 20:14:08	Name: UID Value: 9419444e-5826-484d-b4c3-15c35ec653ed
.sportradarserving.com/	1970-01-20 20:12:41	Name: zuuid Value: 64bec325-e584-4d6f-a910-b7ed225d480a
.sportradarserving.com/	1970-01-20 20:12:41	Name: c Value: 1682825939
.sportradarserving.com/	1970-01-20 20:12:41	Name: zuuid_lu Value: 1682825939
.1rx.io/	1970-01-20 20:12:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-bcb915d6-5729-476f-8e2e-174a247c5d47-005%22%2C%22nxtrdr%22%3Afalse%7D
.sportradarserving.com/	1970-01-20 20:12:41	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 20:12:41	Name: zuuid_k_lu Value: 1682825939
.targeting.unrulymedia.com/	1970-01-20 20:12:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-bcb915d6-5729-476f-8e2e-174a247c5d47-005%22%7D
.analytics.yahoo.com/	1970-01-20 20:12:41	Name: IDSYNC Value: "175w~2bdf:1769~2bdf:176k~2bdf:176s~2bdf:1776~2bdf:17n1~2bdf:17ol~2bdf:18gs~2bdf:18p2~2bdf:18qt~2bdf:18vj~2bdf:18xa~2bdf:18xn~2bdf:18yl~2bdf:18yx~2bdf:18z8~2bdf:18za~2bdf:190j~2bdf:191q~2bdf:195t~2bdf:18zp~2bdf:193s~2bdf:1956~2bdf:18yw~2bdf:175s~2bdf:18zh~2bdf:173h~2bdf:197t~2bdf:196l~2bdf:18vk~2bdf:19a3~2bdf:1760~2bdf:18y7~2bdf:18zz~2bdf:17mv~2bdf:173n~2bdf:18yj~2bdf:175v~2bdf:18yp~2bdf:17my~2bdf:17mu~2bdf:18w7~2bdf:175u~2bdf:196p~2bdf:18gu~2bdf:191h~2bdf:190f~2bdf:18gx~2bdf:18yr~2bdf:19az~2bdf:18vw~2bdf:192d~2bdf:18z3~2bdf:1763~2bdf:18xu~2bdf:18xx~2bdf"
.acuityplatform.com/	1970-01-20 20:12:41	Name: auid Value: 773720596559
.acuityplatform.com/	1970-01-20 20:12:41	Name: aum Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjT6jXVzZXJNYXRjaGluZ0lkJLCRbGFzdERyb3BUaW1lTWlsbGlzJQFDdAdgXoaYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBQ3QHYF6Gj3RoaXJkUGFydHlVc2VySWQh+/uGdmVyc2lvbsL7
exchange.mediavine.com/	1970-01-20 11:47:15	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%228b2e10c0-e708-11ed-9e2e-c1ec4820dd2a%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 11:47:15	Name: mv_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%228b2e10c0-e708-11ed-9e2e-c1ec4820dd2a%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 11:47:15	Name: am_tokens Value: %7B%22mv_uuid%22%3A%228b2e10c0-e708-11ed-9e2e-c1ec4820dd2a%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 11:47:15	Name: am_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%228b2e10c0-e708-11ed-9e2e-c1ec4820dd2a%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 11:47:15	Name: verizon Value: %7B%22id%22%3A%22y-ADS8aJxE2uFkfHxYEoLITdEmvkftobgF~A%22%2C%22version%22%3A%22verizon%22%7D
.aralego.com/	1970-01-20 20:12:41	Name: gdpr Value: 0
.aralego.com/	1970-01-20 20:12:41	Name: sspid Value: a1772a10-494b-3d37-a75f-04a78e71d2e7
.mfadsrvr.com/	1970-01-20 21:03:05	Name: tuuid Value: 1e2cfdbe-8719-420a-89dd-39e2b1db231d
.mfadsrvr.com/	1970-01-20 21:03:05	Name: c Value: 1682825939
.mfadsrvr.com/	1970-01-20 21:03:05	Name: tuuid_lu Value: 1682825939
.kargo.com/	1970-01-20 20:12:41	Name: ktcid Value: 076b342e-337f-01e4-5445-1fb7ac921faa
.bidr.io/	1970-01-20 20:55:39	Name: bito Value: AABtu07Im8YAACD-F-b_4Q
.bidr.io/	1970-01-20 20:55:39	Name: bitoIsSecure Value: ok
.media6degrees.com/	1970-01-20 15:46:17	Name: clid Value: 2rtwssz011711o2521gdghwr000000013b010h01401
.media6degrees.com/	1970-01-20 15:46:17	Name: acs Value: 012020k1rtwsszxzt10
.media.net/	1970-01-20 20:12:41	Name: data-mf Value: 1e2cfdbe-8719-420a-89dd-39e2b1db231d~~3
.c.appier.net/	1970-01-20 20:12:41	Name: _auid Value: FX3EiqH4CEaxQwKq1OJNZA
beacon.lynx.cognitivlabs.com/	1970-01-20 20:14:08	Name: ss Value: mRJzhQ2YRTsrhpJV6GpDG2PcjJK0EB1%2F0Npi13VGj9rdjgogBx8GmQ893VWPEWUfDCiaDFELabkm4Lf6upCVnQ%3D%3D
match.sharethrough.com/	1970-01-20 11:37:10	Name: AWSALBCORS Value: zGMk0WczoJWa5EWG2qjjRLpAm5PQnxEkGjjBIjMhITCEx/U9E4zkHA5rW37PukzLv7ZpemWjJvce83qjbegETU9C8WaNBSJBjNhc/KQHamRD0LWhiv3hxYOafV/Z
.mfadsrvr.com/	1970-01-20 21:03:05	Name: ssh Value: !google,1682825940!medianet,1682825940!vmx,1682825939
.quantserve.com/	1970-01-20 13:36:41	Name: d Value: EEABCQHwKIEA
.quantserve.com/	1970-01-20 20:57:20	Name: mc Value: 644de2d4-baf77-0b17c-ccabd
.media.net/	1970-01-20 11:47:15	Name: data-g Value: CAESELr9S2L34saTGqA00pFVIeY~~3
.zemanta.com/	1970-01-20 20:12:41	Name: zuid Value: lJvISuCKvpP4B-5vR9Z6

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html(Line 10) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://news.yahoo.com/mike-pompeo-says-russia-pretty-102330062.html(Line 10) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
other	warning	URL: https://s.yimg.com/rq/darla/4-11-1/js/g-r-min.js Message: Unrecognized feature: 'vr'.
security	error	URL: about:blank Message: Refused to load the image 'https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-zqY4j_hE2uHYzKEOM7vD.S7gpB_4gg--~A&gdpr=0' because it violates the following Content Security Policy directive: "img-src https://pixel.advertising.com https://sync.adap.tv https://sync.adaptv.advertising.com https://ups.analytics.yahoo.com https://.uplynk.com https://.doubleclick.net https://.yahoo.com https://.bing.com https://.pubmatic.com https://.adsrvr.org https://.yahoo.com https://.doubleclick.net https://.yahoo.com https://.3lift.com".
other	warning	URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js Message: Allow attribute will take precedence over 'allowfullscreen'.
security	warning	URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://openweb.jac.yahoosandbox.com/1.5.0/jac.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
javascript	warning	URL: https://z.moatads.com/loblawdspdisplay883108631098/moatad.js(Line 136) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://z.moatads.com/loblawdspdisplay883108631098/moatad.js(Line 136) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://z.moatads.com/millennialnexageinapp768429046591/moatad.js(Line 137) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://gu.dyntrk.com/adx/adptv/us.php?dynk=176a0l&gdpr=0&adexuid=y-W1EoY0BE2uj7san21FDIfnQsSS4NUpA-~A Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://gu.dyntrk.com/adx/adptv/us.php?dynk=176a0l&gdpr=0&adexuid=y-0LxA4QNE2uHym.AjTVNi3annxqAiGVzS~A Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://match.prod.bidr.io/cookie-sync/at&gdpr=0&gdpr_consent=&gpp=&gpp_sid=?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://.builtbygirls.com https://.rivals.com https://.engadget.com https://.intheknow.com https://.autoblog.com https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.pnr.ouryahoo.com https://pnr.ouryahoo.com https://.search.aol.com https://.search.huffpost.com https://.onesearch.com https://.verizonmedia.com https://.publishing.oath.com https://.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=74hs03li4romf&partner=;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5.ras.yahoo.com
6.ras.yahoo.com
7a050029c420075ebcd6199459a2f5a0.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
a1310.casalemedia.com
a3648.casalemedia.com
a491.casalemedia.com
aa.agkn.com
ad.turn.com
ads.creative-serving.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
adsvr.ecdrsvc.com
aol-match.dotomi.com
ap.lijit.com
api.taboola.com
aud.ecdrsvc.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bttrack.com
c.bannerflow.net
c.bing.com
c1.adform.net
casale-match.dotomi.com
cdn-rhino.b-cdn.net
cdn.js7k.com
cdn.mediago.io
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
contextual.media.net
crb.kargo.com
creativecdn.com
cs.lkqd.net
cs.media.net
csync.loopme.me
d2cli4kgl5uxre.cloudfront.net
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
edge-mcdn.secure.yahoo.com
exchange.mediavine.com
geo.moatads.com
geo.yahoo.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
guce.yahoo.com
gw.geoedge.be
i.ctnsnet.com
ib.adnxs.com
idpix.media6degrees.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
jac.yahoosandbox.com
jill.fc.yahoo.com
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
mcs.ecdrsvc.com
millennialnexageinapp768429046591.s.moatpixel.com
news.yahoo.com
onevideosync.uplynk.com
openweb.jac.yahoosandbox.com
opus.analytics.yahoo.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-ny.casalemedia.com
prod-m-node-1111.ssp.advertising.com
px.moatads.com
r.turn.com
resource.ecdrsvc.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rumcdn.geoedge.be
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s.yimg.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
service.idsync.analytics.yahoo.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.connectad.io
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tag.idsync.analytics.yahoo.com
tags.bluekai.com
tpc.googlesyndication.com
trace.mediago.io
tsdtocl.com
udc.yahoo.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-east-1-web-oao.ssp.yahoo.com
us-u.openx.net
usw-ca2.adsrvr.org
www.google.com
www.googletagservices.com
www.yahoo.com
x.bidswitch.net
yhp.mxptint.net
z.moatads.com
ib.adnxs.com
104.18.11.47
135.148.35.198
142.250.81.226
142.251.35.162
146.20.128.158
151.101.1.44
151.101.194.49
152.195.14.41
152.199.24.48
162.210.196.208
162.248.18.32
162.248.18.34
162.248.18.37
172.105.235.90
18.117.20.224
18.160.200.115
18.160.225.129
18.160.225.89
18.172.134.90
18.211.69.177
185.167.164.39
185.184.8.90
192.132.33.46
192.40.39.223
192.40.39.248
198.148.27.139
199.127.204.142
199.187.193.197
199.250.160.129
199.38.167.130
2001:4998:124:1507::a000
2001:4998:124:1507::f000
2001:4998:14:800::1000
2001:4998:14:800::1001
2001:4998:58:207::6000
209.204.232.43
209.204.233.220
216.200.232.249
23.213.157.58
23.34.248.177
23.34.249.16
23.54.69.151
23.92.190.68
2400:52e0:1a00::845:1
2600:1f18:1c96:4103:85f9:b152:a5d7:cc08
2600:1f18:4e9:5a07:c5bd:680d:2822:1831
2600:9000:233d:5800:11:9be7:da80:93a1
2600:9000:24d1:9e00:4:b37b:9440:93a1
2600:9000:2507:a200:10:43f:4352:ad61
2606:4700:10::6816:37ce
2606:4700::6812:16ea
2606:4700::6812:19ad
2606:4700::6812:ad65
2606:ae80:1451:22::760
2607:f8b0:4006:809::2006
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::2004
2607:f8b0:4006:817::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:821::2001
2607:f8b0:4006:823::2001
2620:100:a001::1d
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:c11::200
3.209.252.165
3.213.207.74
3.221.202.206
3.230.217.116
3.231.231.174
34.111.151.213
34.117.84.249
34.133.71.175
34.200.65.202
34.235.90.200
34.96.71.22
35.186.193.173
35.207.24.140
35.208.249.213
35.211.178.172
35.211.233.246
35.214.153.92
35.244.159.8
35.71.131.137
38.68.201.140
50.57.31.206
52.2.156.62
52.223.22.214
52.3.180.182
52.46.130.91
52.5.155.111
52.85.61.120
54.162.158.9
54.164.208.134
54.205.21.165
54.210.120.215
54.213.70.181
54.226.241.213
64.74.236.63
67.202.105.21
68.67.160.117
68.67.160.26
69.166.1.10
69.90.254.78
74.119.119.150
75.119.185.242
76.13.32.147
8.18.47.7
8.39.36.142
96.17.64.29
96.6.30.77
0127c0cc309f80de600b02352dab75b89747edce2aec9ee3fc35d776dc3d4363
03cf14763c6b398047e3494a9643bbcb987167525cb1bbb3d03e007510fa63c0
0598e13041b04bd01dc5e5849abebac0e253bbac3ec6bdc71ca62b84100717f4
06c8bc9e8dea04f8b385f7ef33e22282d71f6ae1bb3ee5803bf7dc53ccc34856
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0aa20c178349c13ec0e7ce2ea3fedfc562a14cc1e46d50d5704ef865f1270fb6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cde95dc0628f2b879653d1c73581af763eee29cf68dfcc2a49c01c5d3f30adf
0d864745a7e6b476fe45e22dae4dc98a34caab86f06a416326b7e331ffa6583d
1236e3d07c5be99605a2ce51cf62277390130d7e1666e31757c7182173c31f1c
1259cc86f806051e9f350b161fd4fe61e3fabf0faed7088af6c0f3bf0bd9a9e7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127da417ab9263afaf1ee5d6c0c065aad7e3ddf772fa284bcab7bd8cc8c3954d
13d5821b3492cc1569f199d89954f49fe2c2bfdbf6247f61dd0b4d4a0821314e
172ee8eda2f465c268fe1b54cd88d6c1757caddfc670b323caf3df09079c2be4
17493f715ba449d34fffe225f07e22c6a4f3ab8d4735152c61cc57a91fa6b395
1a166ebd6c8872d71efcefb4765db513014b732e1886525c5f2d5ded87071451
1c1238d8bec78dcb5ebd1d726f69fe77a385722323e6f3ea09bc942519a643d5
1da211dc49f49d4e0126bbea157ef404bc124af590453d62e2137d91be3a2058
2192310576ec8cccec85c93dfdc3671a18d9a62efea1bea3c94869519ef9ada1
23b4fba1d486527be1369daa2d9350d67d132c30768534592aaca65b62671056
2476458327ad4820e7b315f1cc86f7b92b48c7cc5f59c81b1901719ba3adf643
2a0e5dd526ac88d271ba82edffa5e3466ff353b5cb41a8e7f859253be858c69f
2af789c015870b13cb4ab4ca55d75bfca349ad5a163be8c5135518b9b7ef51d6
2b3d1be68f8b27a5cd0c0f5926bbb9b88362d4e3c07e1471256ffb769e4ae35b
2c72ed315af753049b1bc9c5db3bd11fac613fc4e8f4f038de3feaa3c02cf3cf
2d9af526331f106b807db1f24562e9f11360cb98588e10efbf45f1d65e8849dd
2da5e0a4637e412b237d8a941f6800b3748cbdc969402c1cac8d3174e43d597e
2db24362a9418e50935d3562c86c71edbdea73206cf031d73fca2d96198a429c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3016ee9e02f913a7cac4c4fdc28c5552afea273ee310d94f7520eb47d50669f9
30797f2f9f4f25064a692331c35f0216ef5225c11627cd1393847db1e8cff8ff
312ba629e189cfcb503f6ab65cbf3dd465477ecc8848adc6a2b6e74a61742a45
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34e201d305ce199006e712b04b7e8d7257dd6dbb63bc53b6e82a5a9d1f1a6cc8
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
380f5092d76981a9d6c240ee9be0b2b2fcc7cf30886ee49d7ecdc19d734230f5
396df7309db0c2a64a5b6265888178c0100c2005cff106d6e8e51a79195c240b
39cea4ad44e6e42a2d0d0eafc6d07b2b77608874e16166918498468916206a5c
3a6fc54777e4afee5614ed7da2ced8696a1077cb7eda487df558e55c0fa2f9cd
3c30f0f816ada3a1410045d740a98e4d2faf07fc74ffc0430678b21abbd05138
3defef2ac915daeddee049dc59f895a103f0af03fc1e677189c5b42b2dc7a2a2
426b046038143ad054687058dab793d909fa3dd666079ebcb36489ec5b8e0f40
4614d2b1db3af5d06cf4030a79fe0b23b65a1d2b5c77ab7faaec372fbe9611df
466dbcd8728f7fef0f4b8753bc487aad4dca87cc05913e15e94cc6811d8dcb45
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
483b45c4f53740c3a006036313f9bf6b23978fc136812498992b0b50270918f7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f06d94cb6038f42f5c8d59d369ab21c3c54643a544b0824582cb00ebb61dfb8
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5063f8d87bce8da6151e0d297e0c3e3c62cfa8226894a6bd8e9f28c2639f837a
50c83747e36fd50f036d6ad93affed0a48eb7dabeb0b17122096b28e9f4822a4
54c4bc2715c83cb5f7e1fead63b1024880440d894a4287efa914315eef974929
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5632460146e8c5fafe259fd29c043ac487ee600b75c92ca38d11758bc7830d72
5a67791963b378c89c0abf29e732790c09768576c6b9295ade1a366bfdeadc9d
5adc4a431b3f005e06a46026ded9a65c6254efb1280ea436aadc7ea722e58f2c
5cb2b348029a5c8cad5342d73f5f78ac09ad0cf6ebde80b5a1ed069f08332ddc
5e63dbb7de1d012d854144df23e01178d5851a2d55ed3ecff0a657134bb7dca5
5e80a40ac5afe43e17b803c553ffa8176082f0c065a1b59abace47177a1d5e76
5f42ffe9c87982d3ab64a7ca26d307fd3368f3badc0e2c15f21197c4fa1e9801
60c3a5babd0a75ece28db3fb5de437637ebeccdd2e8f3f99c760b6fb1910d3d5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63678162cb830afba8013a29be9148c72c3dd90561f1b0e7a3cdfbfd883912d6
67abefd44cdbe95de18cacac973e61226611e6c1bf7c76ca9cd2f7289afc8332
68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1
6a192445b0d5c49f5701652275e6defe86690c9be284657d872daa2622d899a2
6b7dab6ddc60aab5337a476cfeaacb8014fa40c25338aea30eafc4aebd2aec2d
6bb6f83a657b837f82dd8a9f1e6717d4cd964fd1d86060da7ca5f0a31b2bbc71
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6ef1dec25a77aa82cab7f648bf3b512c93b126f677b0a405d64d4c44f2800edd
70fb8185879b0160270914f5c8568362fddbef1cedb214629ea234bc741de22a
72984bb925c9991bc10312db0be50b2f62310af60405ba531df1dd05f13e718d
72cba96ed171282ee756c3e6a6d87fb8bf9013fe9a4ea693a01ff5acaea8ec0f
743a1a86660207959451fe6ebf18f57b3b813b82d9e6d6072fcb4f89c2220048
74cb9edcb17909f63599d4000c08471dcd682f0ece00a1abea267cac04dfe455
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
75799b61c8d93b46365ae3a603ef508acee921adbf2abf4ada583fc4e0e4bb82
75d745f41a06d85a275f10ecb306256515e35e2bcc7150de0cbefd3fcfa71edf
77727e8106e018227cbc90cbe2761b38ac3a09079ccd1a1015ecbfd253a2a155
7900f06ebc33d9f9c64f1cc1f92cb19e54bc2bfe2dbd3ec8cc3a0cbb8420014f
7993d5719f1cf03b51f4924edd2d51e31f87978ea62fb9e646c857f2c388e7f7
7b22071189de718241cd8721bc2bf8c44404413cfde11e7f2f2e37cc37bde29b
7bfea4251883be5e3b3c6cb36c568583224c6d5d6ea04fbb9fa13817eaba83ce
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
80caff7ea1a351042f53cfc50dae5f1b5ef8dc8f0f9fb48b9f553da33d9a2c6f
81cb71467cf796d3b014e5fa7de13ce3441c930e58716a8121bede8a56519a3e
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a43263c72c61189ef01e70ef6c26bb86fbe532e552ce5f9fa6830995012bb6
844e6e097f70d5938b028d64f70b2f94befce948a56a1a9ac4e30f9147b36136
856189d481ed2d854451c028fac29309629eed3301211fe4fe582058f13a3f92
85e57464cd3567585dbecf459f23e2127f18fd758ec5083ebe41abf37315f0a2
86145e56e9b4bd3a42e3ddf6b7cb6bc8e9372891aa5bae35ea0f3facda3c99aa
881a2159b7873d75bf4d0f7dde8301e24d735daf9eb6a4594fff2ecd14797fe2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fe202abf53bad9d94579af8970df45a80825ce2f107db690c1d71278826d157
8ff624c0f46a8b526b363680c8d530da7fb8012fa47a8c68a540cd9d86a43e3f
9148eaad1bea373431b8d687de3ba70ab1d29eeb5e343588b4caa6989fd6eb86
91503fa3b29a29bb5390b21c9af1dcc7a2cc2c74977e3f628baf1193987f707d
927171ed702f41bc4e96437ea16eeac8dede0dc72e06b62a4aff240c2905561d
947ddb329f5109c8d916629d85865a456b2c1bd513514e2d13a353ed6995ce5d
950b4034fdf5809c051dbe6e3ea5615f07cab70d8bbbc0fa7946d9c49211b93d
95d4bf8170d74d5467a1dc97e3649dcd3f5292f568236cc6441f9e105e9e4190
95fb5a5390afda7b7734b303c9f724039fda305313ce9517aa5f7a544a208af0
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bf0227d6ccfe79af5db9b3a44b9a60e3e0c2d4f47d60ce59f38407ed92d63e7
9c12a0f5e43b5549f5875720d6d71f2f38ea6827f913352435c0baabd2dc2043
a00285e0840262f6a65eef9f1b4106b5cc72c6ef5f2003db34ed05d1e4bb89da
a03f9a37e34771c42cf7930b2f466ea2077d149f6dba0e81982e7715a87dd8ef
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0ebc8daa8fb15b4b1810052b40a37cd9fc66bf89874894d8126c4dea48ee818
a20c6fca1545a35f9ecd601cc41f9df7b24f55cfced32d55abe50b46b5842a95
a21c54c2b9d3b80729036a4defe8e2a0148651ac73730232dfb421194edb607d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6ca552062553bbf86c063204857125c5b27f09b62b6f54e98846ccef427e795
a6eb0282649e7709b1e773f403c0a6cf97602395d26f1eaed9c8364e2fcc503c
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
a9e26e54848b684fa831d06e995e18a830ea8adfa82641e476c46a5368a56c69
acf529f550f2fdaad913c10e6972344e43e07eae8d5aa57b96fa30ed7c07acc1
ad24df8561b589323813953f7fd01e7aac1253b8570e78c9c2d07ac6488ea0e4
ad8bdd9c577fc10c8ca958a5bcd4ef26cd0f907b4b76034c1f1842aed528accb
ae1f17d729b3eb39dff453df880f5b525173fdc21d1d9ed0113fd974fdfc874c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b168be397ac36dbca02b07547dad2a928427e765df9b49a931f05db057f3a83c
b20a15b71ee8f82a7cfd01ea23a13b26637043f4237f223a5861ce8e2a522480
b2c77f588fc4ade464464e36c06ae9172cff75fddffbdf79ea5d6e3612345cfe
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
b51a3ca56424f87be3ccb2f4fc69426ff86edb91faca6a9d2e9bb603c21fe838
b5c67bf2e5937e76b23fcb546924e24f303de9e988ca95d7553b57f58fbfadfc
b66d3d56d9d85db50d3c847c176a8f1101a39e94cab2347514d33f004dc1f11d
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b93a89a0bba1ed1a4e1d2529f3b81afc5a2f8c28dedbdb5a544db8cd63e79084
baa52e8ac769d702e14fd1fa5a4363a1fc7e6462115ab6bcdbb317ce0e99da8b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbdd94a6ea64870f5e0df75ef2162348aa80dbb1ad9396ec90f2c7548eb04c4f
bcb36fc2f073140303c0e921a77468187d42ae1dce94254c8b15b282ba210df7
be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142
bf5ec11b118ec2b2687b7070fec24eb96110f5c8a5144985a5201fc5cb9fa0d2
bf9332c85ec85bf162ddf66c789323041d7a3855e04ed72c42e526dedcdf8d64
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4785a51adadef034b8274f06cd3ba259f313f67269f1c8f06bb9ce88ae9137a
c77ac0aa1aa3c9715cacb1fc76feaf226e30927a9636e5c75c4dfeb75c0f8f98
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
c86bdd69872c684458ad8cdb44f3cdde1eab76d6c0122302a864a4535288c456
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc2cc463fbafa5eea3cc38d983027a2c2574c1ab23c22ed317e33225d6fec1b4
ccbc7dfef689bdf1699866b475312f85ff8c72fa5d3b245a1d46ce5905074dac
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03240e9a7629acac1af9d46705a92e74f06e0bbf1cdca1562078e2df4413373
d232d0933c08ae3db31bcd206c5a05ccdb76b98437f223098a4b907da1a11e8b
d38970cf787848e7132a1b89b12aa630ace01f56f72f51f687dab954e0aac201
d4e305677c8bf9811e9d43f06825b8d255e9a0cf2c02a78e3f08ecd4e93f5bd4
d544fd58439ce92300e42630638d2244775ea8e341ba995f074db6ead97a702c
d636b7c6e03c525b4bb0030d0a9d2908fb6e1e51bfbfc0ea0b25fb7b8da50321
d74d96afbd3b57db7982c92cb7d8e32a16206fae78536e86765d04a77a6bd4a5
d77e659299c397037513aff88093b64f6ce29994b94d99256ad84a7910c0ceb3
db0c2cb5ec6c78105f4a5abc470c9a3455e2fa162e6455c666261cbe4cfb6a29
db643845996600e7c9f288e918e6521721aa2ee46a6307bcd16dce6287db85db
dc1d6b8335aee792ba07bf35586a7e51d1663e119195d483d9b58b05d46ff87b
de83547b365a3952ac3a3ac8c81add0b93b255044f92d5163299117134b5e56d
dec7fbc40686507059898081c8548c6129ac91bb97aa607f930112107f56a07d
dfdfd45ff45df936750142130afa1fd5781410a300088470c0b54849e96cac44
dffbef41df2c457469eaeafc355c043a0afbac1acae8528abf084429a3d6d2ae
e008a6f0412cc524bceae5a0669d6008caf51e49096efe5db5acb3e0e70d2ca9
e0ceb2e4e42a000a3b3043f738a1d7f18849a5b75303fda5c69894ada12072e6
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e223bf9c3698a5a981448a1f76015dd99b792333574a5c82ac5637eab64b7755
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e9b936cd8f711343db93990af75d47113234dc4c6b304671bf5bc35e0b7b71c8
ebb1795588933b545317322099c39981c69f2d25736f11b3bf5f7c50a5b71af1
ed22526f9adcdd172c698e0dfc9fa3ee064a96a27bed3335931c4b2bddf4eee9
ee3277c67fcd77e87883217cb34429c950d3680a555847a54b04fa9987796abe
eecb0b90bcee2cac869bedd4bb571b03804f297f60da86ed231fbb4a10d24d3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef70829b2e58afc016c35ce9a83e2bb60ad24d6341491686ee168ee71c40123f
efb208541e1c24936a12459cbab20dfa0aa80ba28e8d6e650e193e00e13c93b4
efd0e6c92ed6b19cf78d24bc1ef1ca5232b7fd487fc14e861a9e47b2a7964f32
f204ab420a5067e50cf449c161ca633301e47849248e691863bae78110990e60
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f2cfbd195dff011843f93e2d32979f6f07926211cbf3edddc3b708b0bb04c8a2
f786f45222cb81815708434be558757639ce56411529bbde6e761906a1f43bac
f79c34b8f417cf7280dd25b165606e23a07afec7b95e42ad48376a5e698906c0
f7d9618fb6dc449b8955c8645f74528311ff1e4b78dd1f927db8e920b2ddae3e
fc186ecd3bff41b61f8d27585c0957072220c25f5e1670e84bf2cead1cae1570
fcf9b547d62f3d81ca6c3f77e373058f87753e9ddf15b2bf751693bb88fc19eb

news.yahoo.com Open in urlscan Pro 2001:4998:124:1507::a000 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

417 Requests

75 %HTTPS

26 %IPv6

88 Domains

134 Subdomains

69 IPs

7 Countries

3626 kBTransfer

10392 kBSize

124 Cookies

30 Outgoing links

Redirected requests

417 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

news.yahoo.com Open in urlscan Pro
2001:4998:124:1507::a000 Public Scan

Screenshot
Live screenshot

Full Image

417
Requests

75 %
HTTPS

26 %
IPv6

88
Domains

134
Subdomains

69
IPs

7
Countries

3626 kB
Transfer

10392 kB
Size

124
Cookies

417 HTTP transactions
2 data transactions