urlscan.io logo urlscan.io
SecurityTrails logo

www.courant.com Open in urlscan Pro
192.0.66.166  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Submission: On January 10 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 164 IPs in 9 countries across 128 domains to perform 651 HTTP transactions. The main IP is 192.0.66.166, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.courant.com. The Cisco Umbrella rank of the primary domain is 412084.
TLS certificate: Issued by R3 on January 5th 2024. Valid for: 3 months.
This is the only time www.courant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 192.0.66.166 2635 (AUTOMATTIC)
2 18.160.200.129 16509 (AMAZON-02)
2 2a04:4e42:400... 54113 (FASTLY)
5 2607:f8b0:400... 15169 (GOOGLE)
3 2600:9000:250... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:261... 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
14 3.162.174.56 16509 (AMAZON-02)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 52.85.247.29 16509 (AMAZON-02)
1 99.84.168.45 16509 (AMAZON-02)
2 23.7.17.42 16625 (AKAMAI-AS)
1 6 13.226.22.119 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
2 13.249.85.53 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
1 54.218.144.235 16509 (AMAZON-02)
2 18.205.77.188 14618 (AMAZON-AES)
2 35 172.64.146.152 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 54.144.144.142 14618 (AMAZON-AES)
2 2606:2800:11f... 15133 (EDGECAST)
8 2606:2800:11f... 15133 (EDGECAST)
4 35.190.38.143 15169 (GOOGLE)
1 2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
11 2607:f8b0:400... 15169 (GOOGLE)
4 2600:9000:24d... 16509 (AMAZON-02)
1 13.226.23.87 16509 (AMAZON-02)
2 4 18.160.200.115 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
13 18.172.122.101 16509 (AMAZON-02)
6 13.32.166.127 16509 (AMAZON-02)
3 3.219.85.253 14618 (AMAZON-AES)
1 2 107.178.250.234 396982 (GOOGLE-CL...)
1 2600:9000:221... 16509 (AMAZON-02)
1 2600:9000:203... 16509 (AMAZON-02)
1 104.26.5.15 13335 (CLOUDFLAR...)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 44.210.34.0 14618 (AMAZON-AES)
3 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 52.217.34.60 16509 (AMAZON-02)
1 34.236.89.98 14618 (AMAZON-AES)
1 3.162.174.127 16509 (AMAZON-02)
1 104.18.13.242 13335 (CLOUDFLAR...)
2 3.162.174.66 16509 (AMAZON-02)
2 54.208.84.171 14618 (AMAZON-AES)
2 23.7.29.146 16625 (AKAMAI-AS)
3 104.18.35.167 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
7 18.207.71.126 14618 (AMAZON-AES)
1 23.212.249.146 20940 (AKAMAI-ASN1)
1 104.18.8.110 13335 (CLOUDFLAR...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
4 74.119.119.150 19750 (AS-CRITEO)
4 2600:1f18:ed:... 14618 (AMAZON-AES)
1 151.101.66.137 54113 (FASTLY)
4 20.42.73.138 8075 (MICROSOFT...)
1 10 2606:4700:10:... 13335 (CLOUDFLAR...)
10 12 68.67.178.10 29990 (ASN-APPNEX)
15 17 15.197.193.217 16509 (AMAZON-02)
4 7 8.28.7.83 62713 (AS-PUBMATIC)
15 25 69.173.151.100 26667 (RUBICONPR...)
7 9 34.111.113.62 396982 (GOOGLE-CL...)
10 16 172.253.115.155 15169 (GOOGLE)
10 10 52.7.200.174 14618 (AMAZON-AES)
4 5 52.204.246.173 14618 (AMAZON-AES)
7 15 35.244.159.8 396982 (GOOGLE-CL...)
2 162.247.243.29 54113 (FASTLY)
25 151.101.129.44 54113 (FASTLY)
15 2607:f8b0:400... 15169 (GOOGLE)
13 108.156.91.30 16509 (AMAZON-02)
1 54.230.18.13 16509 (AMAZON-02)
1 172.64.149.180 13335 (CLOUDFLAR...)
25 2607:f8b0:400... 15169 (GOOGLE)
5 11 35.244.193.51 396982 (GOOGLE-CL...)
2 3.162.174.107 16509 (AMAZON-02)
1 34.120.155.137 396982 (GOOGLE-CL...)
1 34.206.99.162 14618 (AMAZON-AES)
1 108.156.120.77 16509 (AMAZON-02)
5 44.217.105.65 14618 (AMAZON-AES)
3 3.162.174.8 16509 (AMAZON-02)
1 2600:9000:24b... 16509 (AMAZON-02)
2 4 104.18.36.155 13335 (CLOUDFLAR...)
4 2602:803:c002... 26667 (RUBICONPR...)
2 44.212.108.213 14618 (AMAZON-AES)
2 6 3.218.14.70 14618 (AMAZON-AES)
2 2620:100:a001... 19750 (AS-CRITEO)
2 199.250.161.129 26459 (TTD-ASN-01)
1 107.23.224.83 14618 (AMAZON-AES)
2 3.220.199.186 14618 (AMAZON-AES)
2 18.172.128.118 16509 (AMAZON-02)
2 108.156.91.83 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 2620:100:a001::4 19750 (AS-CRITEO)
1 3.239.232.53 14618 (AMAZON-AES)
2 5 2620:100:a001::c 19750 (AS-CRITEO)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.120.135.53 396982 (GOOGLE-CL...)
2 151.101.65.44 54113 (FASTLY)
1 3 3.215.169.119 14618 (AMAZON-AES)
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
2 26 52.46.151.131 16509 (AMAZON-02)
1 13.249.85.71 16509 (AMAZON-02)
1 35.190.39.111 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
16 2607:f8b0:400... 15169 (GOOGLE)
4 13.85.16.224 8075 (MICROSOFT...)
5 5 35.211.178.172 15169 (GOOGLE)
1 1 23.56.220.66 16625 (AKAMAI-AS)
2 2 2600:9000:203... 16509 (AMAZON-02)
3 51.222.39.185 16276 (OVH)
1 3 34.226.253.159 14618 (AMAZON-AES)
1 1 216.22.16.69 30633 (LEASEWEB-...)
1 2600:9000:204... 16509 (AMAZON-02)
2 8 52.6.62.160 14618 (AMAZON-AES)
4 23.220.109.13 16625 (AKAMAI-AS)
1 52.202.66.82 14618 (AMAZON-AES)
8 23.55.205.215 16625 (AKAMAI-AS)
5 6 3.225.218.10 14618 (AMAZON-AES)
2 54.90.34.250 14618 (AMAZON-AES)
3 10 63.251.86.51 10913 (INTERNAP-BLK)
16 34.203.113.223 14618 (AMAZON-AES)
2 3 52.223.22.214 16509 (AMAZON-02)
14 141.226.124.48 200478 (TABOOLA-AS)
2 3 35.244.154.8 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
4 4 2620:112:f002... 6336 (TURN-US-ASN)
2 3 151.101.130.49 54113 (FASTLY)
1 18.172.134.74 16509 (AMAZON-02)
13 52.207.45.55 14618 (AMAZON-AES)
2 2 52.6.225.135 14618 (AMAZON-AES)
1 1 54.196.247.2 14618 (AMAZON-AES)
5 5 52.86.45.239 14618 (AMAZON-AES)
1 2 169.197.150.7 398989 (DEEPINTENT)
2 2 50.31.142.223 23352 (SERVERCEN...)
5 5 198.148.27.131 19189 (PULSEPOINT)
3 3 23.83.76.84 395954 (LEASEWEB-...)
5 5 8.28.7.82 62713 (AS-PUBMATIC)
2 4 8.28.7.84 62713 (AS-PUBMATIC)
12 13 69.194.240.13 26120 (RHYTHMONE)
3 3 2607:f350:3:2... 27630 (AS-XFERNET)
2 2 63.251.28.133 26558 (FREEWHEEL)
2 2 67.202.105.22 32748 (STEADFAST)
1 23.55.204.22 16625 (AKAMAI-AS)
2 2 35.214.196.22 15169 (GOOGLE)
2 2 35.236.220.17 396982 (GOOGLE-CL...)
1 141.95.98.65 16276 (OVH)
3 3 23.205.2.235 16625 (AKAMAI-AS)
1 9 34.206.237.173 14618 (AMAZON-AES)
3 3 207.198.113.88 13768 (COGECO-PEER1)
2 2 185.167.164.49 198622 (ADFORM)
1 1 211.120.53.205 4694 (IDCF IDC ...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
10 34.98.72.95 396982 (GOOGLE-CL...)
6 2607:f8b0:400... 15169 (GOOGLE)
2 74.119.119.139 19750 (AS-CRITEO)
1 3 104.36.115.113 62713 (AS-PUBMATIC)
8 10 162.19.138.118 16276 (OVH)
1 172.64.151.101 13335 (CLOUDFLAR...)
1 34.120.253.250 396982 (GOOGLE-CL...)
2 2 8.43.72.98 26667 (RUBICONPR...)
2 2 173.231.184.20 32475 (SINGLEHOP...)
5 162.248.18.37 62713 (AS-PUBMATIC)
1 40.76.134.238 8075 (MICROSOFT...)
1 54.239.33.158 16509 (AMAZON-02)
1 1 2600:9000:261... 16509 (AMAZON-02)
1 2 2600:9000:234... 16509 (AMAZON-02)
1 13.249.85.33 16509 (AMAZON-02)
1 147.75.195.77 54825 (PACKET)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 141.226.224.32 200478 (TABOOLA-AS)
1 34.102.148.158 396982 (GOOGLE-CL...)
1 34.98.126.122 396982 (GOOGLE-CL...)
1 34.117.20.67 396982 (GOOGLE-CL...)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 1 135.148.2.56 16276 (OVH)
1 2 34.234.194.189 14618 (AMAZON-AES)
1 52.23.7.200 14618 (AMAZON-AES)
2 2 2606:ae80:145... 25751 (VALUECLICK)
2 52.206.9.43 14618 (AMAZON-AES)
3 104.18.41.104 13335 (CLOUDFLAR...)
1 1 216.200.232.253 30419 (MEDIAMATH...)
1 1 67.202.105.31 32748 (STEADFAST)
1 67.202.105.32 32748 (STEADFAST)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
2 2 34.230.147.211 14618 (AMAZON-AES)
1 1 159.203.147.11 14061 (DIGITALOC...)
1 142.234.204.77 396362 (LEASEWEB-...)
1 3.5.19.11 14618 (AMAZON-AES)
1 2600:1901:0:5... 396982 (GOOGLE-CL...)
2 34.149.130.207 396982 (GOOGLE-CL...)
1 2 34.149.254.212 15169 (GOOGLE)
1 34.111.8.32 396982 (GOOGLE-CL...)
2 3.229.110.102 ()
651 164
28    192.0.66.166 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
www.courant.com
2    18.160.200.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-200-129.ord56.r.cloudfront.net
htlbid.com
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    2607:f8b0:4004:c0b::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2600:9000:2509:e200:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
3    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
imasdk.googleapis.com
1    2600:9000:2616:800:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
2    2607:f8b0:4004:c17::54 (Washington, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
14    3.162.174.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-174-56.ord56.r.cloudfront.net
p030.courant.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    52.85.247.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-247-29.ord51.r.cloudfront.net
tags.remixd.com
1    99.84.168.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-168-45.ord52.r.cloudfront.net
cdn.parsely.com
2    23.7.17.42 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-17-42.deploy.static.akamaitechnologies.com
s.ntv.io
6    13.226.22.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-22-119.ord51.r.cloudfront.net
embed.sendtonews.com
embedcdn.sendtonews.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    13.249.85.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-85-53.ord52.r.cloudfront.net
cdn.p-n.io
1    2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    54.218.144.235 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-144-235.us-west-2.compute.amazonaws.com
session.courant.com
2    18.205.77.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-77-188.compute-1.amazonaws.com
tribune.blueconic.net
35    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
cks.connatix.com
3    2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
2    2606:2800:11f:17a5:191a:18d5:537:22f9 (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
8    2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
loader-cdn.azureedge.net
cdn.mircheigeshoa.com
cdn.o1ych4jb.com
cdn.pranmcpkx.com
4    35.190.38.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.38.190.35.bc.googleusercontent.com
pubcast-files.remixd.com
player-files.remixd.com
2    2607:f8b0:4004:c07::93 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
11    2607:f8b0:4004:c09::8a (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2600:9000:24d4:d000:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
1    13.226.23.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-23-87.ord51.r.cloudfront.net
d1y4ng3lozj2yp.cloudfront.net
4    18.160.200.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-200-115.ord56.r.cloudfront.net
sb.scorecardresearch.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
13    18.172.122.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-122-101.ord56.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
6    13.32.166.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-166-127.ord58.r.cloudfront.net
c.amazon-adsystem.com
3    3.219.85.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-85-253.compute-1.amazonaws.com
s2l.sendtonews.com
2    107.178.250.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    2600:9000:2211:1a00:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
1    2600:9000:203a:7600:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
1    104.26.5.15 (None, )

ASN13335 (CLOUDFLARENET, US)
api-mg2.db-ip.com
1    2600:1f18:730:b130:27a3:c3ef:6b7a:ff25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    44.210.34.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-34-0.compute-1.amazonaws.com
rp4.liadm.com
3    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c0b::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    52.217.34.60 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
ams-pageview-public.s3.amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
1    34.236.89.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-89-98.compute-1.amazonaws.com
playlist.stnvideo.com
1    3.162.174.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-174-127.ord56.r.cloudfront.net
player.sendtonews.com
1    104.18.13.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
2    3.162.174.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-174-66.ord56.r.cloudfront.net
config.aps.amazon-adsystem.com
2    54.208.84.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-84-171.compute-1.amazonaws.com
www.i.matheranalytics.com
2    23.7.29.146 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-29-146.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
3    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
2    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
7    18.207.71.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-71-126.compute-1.amazonaws.com
i.liadm.com
1    23.212.249.146 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-249-146.deploy.static.akamaitechnologies.com
sli.courant.com
1    104.18.8.110 (None, )

ASN13335 (CLOUDFLARENET, US)
ds.reson8.com
5    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
pixels.ad.gt
4    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
4    2600:1f18:ed:550e:f339:4051:d8d6:6b16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
4    20.42.73.138 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
10    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
p.ad.gt
ids.ad.gt
12    68.67.178.10 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
17    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
7    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
25    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
9    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
16    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
cm.g.doubleclick.net
10    52.7.200.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-200-174.compute-1.amazonaws.com
match.prod.bidr.io
5    52.204.246.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-246-173.compute-1.amazonaws.com
dpm.demdex.net
15    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
google-bidout-d.openx.net
us-u.openx.net
2    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
25    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
pm-widget.taboola.com
images.taboola.com
15    2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
13    108.156.91.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-91-30.ord56.r.cloudfront.net
tagan.adlightning.com
1    54.230.18.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-18-13.ord51.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
25    2607:f8b0:4004:c0b::94 (Ashburn, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
11    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    3.162.174.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-174-107.ord56.r.cloudfront.net
consent.api.osano.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
1    34.206.99.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-99-162.compute-1.amazonaws.com
id.sv.rkdms.com
1    108.156.120.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-120-77.ord56.r.cloudfront.net
launchpad.privacymanager.io
5    44.217.105.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-105-65.compute-1.amazonaws.com
jadserve.postrelease.com
3    3.162.174.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-174-8.ord56.r.cloudfront.net
geo.privacymanager.io
1    2600:9000:24bd:ca00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)
dyv1bugovvq1g.cloudfront.net
4    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
4    2602:803:c002:300::98 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    44.212.108.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-108-213.compute-1.amazonaws.com
hb.yellowblue.io
6    3.218.14.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-14-70.compute-1.amazonaws.com
ads.yieldmo.com
2    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
2    199.250.161.129 (United States)

ASN26459 (TTD-ASN-01, US)
direct.adsrvr.org
1    107.23.224.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-224-83.compute-1.amazonaws.com
krk2.kargo.com
2    3.220.199.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-199-186.compute-1.amazonaws.com
tlx.3lift.com
2    18.172.128.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-128-118.ord56.r.cloudfront.net
aax.amazon-adsystem.com
2    108.156.91.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-91-83.ord56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    3.239.232.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-53.compute-1.amazonaws.com
sqs.us-east-1.amazonaws.com
5    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
pips.taboola.com
3    3.215.169.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-169-119.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
4    2600:1f18:4e9:5a07:8d75:79f2:fdf1:69ff (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
26    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    13.249.85.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-85-71.ord52.r.cloudfront.net
ats-wrapper.privacymanager.io
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
7    2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
16    2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)
83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
tpc.googlesyndication.com
4    13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-dfm-proxy-connext.azurewebsites.net
5    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    23.56.220.66 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-220-66.deploy.static.akamaitechnologies.com
cs.media.net
2    2600:9000:203a:ac00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
3    34.226.253.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-253-159.compute-1.amazonaws.com
rtb.gumgum.com
1    216.22.16.69 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
1    2600:9000:204d:d200:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
8    52.6.62.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-62-160.compute-1.amazonaws.com
match.sharethrough.com
4    23.220.109.13 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-109-13.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    52.202.66.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-66-82.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
8    23.55.205.215 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-205-215.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
2    54.90.34.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-34-250.compute-1.amazonaws.com
crb.kargo.com
10    63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
ce.lijit.com
16    34.203.113.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-113-223.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
3    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
14    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
3    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.172.134.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-134-74.ord56.r.cloudfront.net
d24zb9qreavi2u.cloudfront.net
13    52.207.45.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-45-55.compute-1.amazonaws.com
usersync.gumgum.com
2    52.6.225.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-225-135.compute-1.amazonaws.com
t.pswec.com
1    54.196.247.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-247-2.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    52.86.45.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-45-239.compute-1.amazonaws.com
sync.ipredictive.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    50.31.142.223 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
5    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    23.83.76.84 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync.smartadserver.com
5    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
13    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2607:f350:3:2569:0:10:0:200c (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    63.251.28.133 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    67.202.105.22 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    23.55.204.22 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-204-22.deploy.static.akamaitechnologies.com
contextual.media.net
2    35.214.196.22 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 22.196.214.35.bc.googleusercontent.com
csync.loopme.me
2    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
3    23.205.2.235 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-2-235.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
9    34.206.237.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-237-173.compute-1.amazonaws.com
usr.undertone.com
3    207.198.113.88 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    211.120.53.205 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
10    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
6    2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
3    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
10    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
2    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    173.231.184.20 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-cassandra-1.sys.adgear.com
cm.adgrx.com
5    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
1    54.239.33.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2600:9000:2617:600:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
2    2600:9000:234f:600:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    13.249.85.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-85-33.ord52.r.cloudfront.net
sync1.intentiq.com
1    147.75.195.77 (Parsippany, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    34.102.148.158 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 158.148.102.34.bc.googleusercontent.com
data.cdnbasket.net
1    34.98.126.122 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 122.126.98.34.bc.googleusercontent.com
page.cdnbasket.net
1    34.117.20.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.20.117.34.bc.googleusercontent.com
view.cdnbasket.net
1    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    135.148.2.56 (United States)

ASN16276 (OVH, FR)
PTR: ip56.ip-135-148-2.us
rtb-csync.smartadserver.com
2    34.234.194.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-194-189.compute-1.amazonaws.com
thrtle.com
1    52.23.7.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-7-200.compute-1.amazonaws.com
sync.bfmio.com
2    2606:ae80:1450:15::1720 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
2    52.206.9.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-9-43.compute-1.amazonaws.com
k.p-n.io
3    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
ins.connatix.com
lit.connatix.com
1    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    67.202.105.31 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
1    67.202.105.32 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
hde.tynt.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
i.ctnsnet.com
1    2600:1f18:612b:4200:a2e1:966e:301b:d0c0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
connatix-supply-partners.tremorhub.com
2    34.230.147.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-147-211.compute-1.amazonaws.com
vop.sundaysky.com
1    159.203.147.11 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.resetdigital.co
1    142.234.204.77 (Edison, United States)

ASN396362 (LEASEWEB-USA-NYC, US)
xsync.iqzone.com
1    3.5.19.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
ams-depr-public.s3.amazonaws.com
1    2600:1901:0:56e0:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
ids.cdnwidget.com
2    34.149.130.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.130.149.34.bc.googleusercontent.com
pd.cdnwidget.com
idr.cdnwidget.com
2    34.149.254.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.254.149.34.bc.googleusercontent.com
pix.cdnwidget.com
1    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
events.bouncex.net
2    3.229.110.102 (None, )

ASN- ()
tattle.api.osano.com
Apex Domain
Subdomains		 Transfer
44 courant.com
www.courant.com — Cisco Umbrella Rank: 412084
p030.courant.com — Cisco Umbrella Rank: 882605
session.courant.com
sli.courant.com — Cisco Umbrella Rank: 735175
701 KB
42 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1255
trc.taboola.com — Cisco Umbrella Rank: 960
pm-widget.taboola.com — Cisco Umbrella Rank: 3998
ch-trc-events.taboola.com — Cisco Umbrella Rank: 4943
images.taboola.com — Cisco Umbrella Rank: 1897
pips.taboola.com — Cisco Umbrella Rank: 1936
cds.taboola.com — Cisco Umbrella Rank: 2300
437 KB
42 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 744
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
eus.rubiconproject.com — Cisco Umbrella Rank: 951
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1520
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 2017
72 KB
38 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 5110
cds.connatix.com — Cisco Umbrella Rank: 5665
capi.connatix.com — Cisco Umbrella Rank: 1732
ins.connatix.com — Cisco Umbrella Rank: 7313
lit.connatix.com — Cisco Umbrella Rank: 9070
cks.connatix.com — Cisco Umbrella Rank: 9729
vid.connatix.com Failed
709 KB
37 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923
172 KB
35 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
224 KB
28 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1555
ads.pubmatic.com — Cisco Umbrella Rank: 811
image8.pubmatic.com — Cisco Umbrella Rank: 1098
image4.pubmatic.com — Cisco Umbrella Rank: 2201
image6.pubmatic.com — Cisco Umbrella Rank: 1215
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
simage4.pubmatic.com — Cisco Umbrella Rank: 1864
38 KB
25 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
552 KB
21 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
128 KB
19 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
direct.adsrvr.org — Cisco Umbrella Rank: 3904
data.adsrvr.org — Cisco Umbrella Rank: 6961
9 KB
18 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 3550
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3407
cs.yellowblue.io — Cisco Umbrella Rank: 2654
8 KB
17 cloudfront.net
d1y4ng3lozj2yp.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d15kdpgjg3unno.cloudfront.net
dyv1bugovvq1g.cloudfront.net
d24zb9qreavi2u.cloudfront.net
687 KB
17 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 4454
rp.liadm.com — Cisco Umbrella Rank: 2334
rp4.liadm.com — Cisco Umbrella Rank: 5208
i.liadm.com — Cisco Umbrella Rank: 979
i6.liadm.com — Cisco Umbrella Rank: 4366
68 KB
16 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 2293
usersync.gumgum.com — Cisco Umbrella Rank: 3044
5 KB
16 openx.net
u.openx.net — Cisco Umbrella Rank: 1108
oajs.openx.net — Cisco Umbrella Rank: 2214
google-bidout-d.openx.net — Cisco Umbrella Rank: 2217
us-u.openx.net — Cisco Umbrella Rank: 930
3 KB
16 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1919
lexicon.33across.com — Cisco Umbrella Rank: 2501
ssc-cms.33across.com — Cisco Umbrella Rank: 1511
17 KB
15 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2163
a.ad.gt — Cisco Umbrella Rank: 2414
p.ad.gt — Cisco Umbrella Rank: 2978
ids.ad.gt — Cisco Umbrella Rank: 2233
pixels.ad.gt — Cisco Umbrella Rank: 2669
19 KB
14 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 943
bidder.criteo.com — Cisco Umbrella Rank: 878
gum.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 1867
dis.eu.criteo.com — Cisco Umbrella Rank: 16038
18 KB
13 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 3891
373 KB
12 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 793
ib.adnxs.com — Cisco Umbrella Rank: 356
11 KB
11 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 3848
tag.bounceexchange.com — Cisco Umbrella Rank: 5592
322 KB
11 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1218
id5-sync.com — Cisco Umbrella Rank: 658
45 KB
11 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
65 KB
10 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
ce.lijit.com — Cisco Umbrella Rank: 1432
12 KB
10 undertone.com
cdn.undertone.com — Cisco Umbrella Rank: 4968
usr.undertone.com — Cisco Umbrella Rank: 3347
5 KB
10 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 972
5 KB
10 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 19273
embedcdn.sendtonews.com — Cisco Umbrella Rank: 22328
s2l.sendtonews.com — Cisco Umbrella Rank: 19393
player.sendtonews.com — Cisco Umbrella Rank: 24073
387 KB
9 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 857
5 KB
9 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
4 KB
9 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 845
2 KB
8 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
3 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
ajax.googleapis.com — Cisco Umbrella Rank: 708
imasdk.googleapis.com — Cisco Umbrella Rank: 639
402 KB
7 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 1057
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 11303
4 KB
7 gstatic.com
fonts.gstatic.com
266 KB
7 google.com
accounts.google.com — Cisco Umbrella Rank: 65
www.google.com — Cisco Umbrella Rank: 6
analytics.google.com — Cisco Umbrella Rank: 266
161 KB
7 osano.com
cmp.osano.com — Cisco Umbrella Rank: 8259
consent.api.osano.com — Cisco Umbrella Rank: 14535
tattle.api.osano.com
113 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
389 KB
6 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3854
launchpad.privacymanager.io — Cisco Umbrella Rank: 3300
geo.privacymanager.io — Cisco Umbrella Rank: 2674
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3237
84 KB
6 remixd.com
tags.remixd.com — Cisco Umbrella Rank: 37790
pubcast-files.remixd.com — Cisco Umbrella Rank: 40658
player-files.remixd.com — Cisco Umbrella Rank: 37167
66 KB
5 cdnwidget.com
ids.cdnwidget.com — Cisco Umbrella Rank: 5618
pd.cdnwidget.com — Cisco Umbrella Rank: 5233
pix.cdnwidget.com — Cisco Umbrella Rank: 8146
idr.cdnwidget.com — Cisco Umbrella Rank: 9935
2 KB
5 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 881
4 KB
5 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1536
3 KB
5 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 13277
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004
1 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
2 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1411
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
25 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 991
eb2.3lift.com — Cisco Umbrella Rank: 731
3 KB
5 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 757
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
ssum.casalemedia.com — Cisco Umbrella Rank: 2058
3 KB
5 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1607
4 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
3 KB
5 amazonaws.com
ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 15861
paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 67155
sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5930
ams-depr-public.s3.amazonaws.com — Cisco Umbrella Rank: 67506
4 KB
5 pranmcpkx.com
cdn.pranmcpkx.com — Cisco Umbrella Rank: 45184
489 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1449
2 KB
4 azurewebsites.net
prod-dfm-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 75006
2 KB
4 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1474
id.rlcdn.com — Cisco Umbrella Rank: 1360
1 KB
4 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 992
1 KB
4 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 19579
www.i.matheranalytics.com — Cisco Umbrella Rank: 19286
45 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 274
1 KB
4 p-n.io
cdn.p-n.io — Cisco Umbrella Rank: 5955
k.p-n.io — Cisco Umbrella Rank: 4299
114 KB
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 6828
page.cdnbasket.net — Cisco Umbrella Rank: 6830
view.cdnbasket.net — Cisco Umbrella Rank: 6834
1014 B
3 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1479
sync1.intentiq.com — Cisco Umbrella Rank: 2959
3 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1321
2 KB
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1696
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
878 B
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
1 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
csm.va.us.criteo.net Failed
75 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 3020
creativecdn.com — Cisco Umbrella Rank: 809
2 KB
3 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 3323
crb.kargo.com — Cisco Umbrella Rank: 1708
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
312 KB
2 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 5077
1 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 2424
hde.tynt.com — Cisco Umbrella Rank: 4884
756 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5770
743 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 2386
683 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2472
1011 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1467
528 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 994
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1629
732 B
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 7923
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1480
826 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1035
905 B
2 media.net
cs.media.net — Cisco Umbrella Rank: 1972
contextual.media.net — Cisco Umbrella Rank: 1093
1 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 604
745 B
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2313
19 KB
2 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623
34 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
25 KB
2 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 4869
45 KB
2 blueconic.net
tribune.blueconic.net — Cisco Umbrella Rank: 122736
2 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3634
pixel.wp.com — Cisco Umbrella Rank: 3321
3 KB
2 ntv.io
s.ntv.io — Cisco Umbrella Rank: 5818
328 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 4472
p1.parsely.com — Cisco Umbrella Rank: 3579
21 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
98 KB
2 htlbid.com
htlbid.com — Cisco Umbrella Rank: 13794
126 KB
1 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 3526
270 B
1 iqzone.com
xsync.iqzone.com — Cisco Umbrella Rank: 11888
748 B
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 4209
418 B
1 tremorhub.com
connatix-supply-partners.tremorhub.com — Cisco Umbrella Rank: 24267
424 B
1 ctnsnet.com
i.ctnsnet.com — Cisco Umbrella Rank: 11080
451 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2123
675 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 3080
425 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 3411
4 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1119
451 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2303
558 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 9298
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2129
832 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 2818
272 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338
275 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
1 KB
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4842
514 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2532
8 KB
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 8684
272 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1067
12 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 1593
16 KB
1 reson8.com
ds.reson8.com — Cisco Umbrella Rank: 6308
352 B
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 21734
47 KB
1 stnvideo.com
playlist.stnvideo.com — Cisco Umbrella Rank: 32666
33 KB
1 db-ip.com
api-mg2.db-ip.com — Cisco Umbrella Rank: 41345
791 B
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 3192
41 KB
1 o1ych4jb.com
cdn.o1ych4jb.com — Cisco Umbrella Rank: 55493
48 KB
1 mircheigeshoa.com
cdn.mircheigeshoa.com — Cisco Umbrella Rank: 54186
23 KB
1 azureedge.net
loader-cdn.azureedge.net — Cisco Umbrella Rank: 50899
2 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 2111
625 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 3313
2 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 11995
38 KB
0 colossusssp.com Failed
sync.colossusssp.com Failed
651 128
Domain Requested by
28 www.courant.com www.courant.com
cmp.osano.com
26 s.amazon-adsystem.com 2 redirects google-bidout-d.openx.net
cmp.osano.com
s.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
match.sharethrough.com
sync-amz.ads.yieldmo.com
cs-server-s2s.yellowblue.io
crb.kargo.com
ce.lijit.com
cdn.undertone.com
ads.pubmatic.com
25 s0.2mdn.net cmp.osano.com
tagan.adlightning.com
s0.2mdn.net
83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
17 cks.connatix.com www.courant.com
17 securepubads.g.doubleclick.net cmp.osano.com
securepubads.g.doubleclick.net
tagan.adlightning.com
83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
16 pixel.rubiconproject.com 11 redirects s.amazon-adsystem.com
16 cm.g.doubleclick.net 10 redirects www.courant.com
google-bidout-d.openx.net
sync-amz.ads.yieldmo.com
rtb.gumgum.com
s.amazon-adsystem.com
16 match.adsrvr.org 14 redirects az416426.vo.msecnd.net
htlbid.com
14 ch-trc-events.taboola.com az416426.vo.msecnd.net
14 cdn.taboola.com cmp.osano.com
14 p030.courant.com www.courant.com
p030.courant.com
cmp.osano.com
az416426.vo.msecnd.net
13 usersync.gumgum.com rtb.gumgum.com
s.amazon-adsystem.com
13 tagan.adlightning.com cmp.osano.com
tagan.adlightning.com
83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
13 d29xw9s9x32j3w.cloudfront.net www.courant.com
embed.sendtonews.com
11 cs-server-s2s.yellowblue.io s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
cmp.osano.com
11 tpc.googlesyndication.com cmp.osano.com
83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
11 us-u.openx.net 5 redirects google-bidout-d.openx.net
u.openx.net
11 lexicon.33across.com 5 redirects www.courant.com
az416426.vo.msecnd.net
11 www.google-analytics.com cmp.osano.com
www.google-analytics.com
p.ad.gt
10 id5-sync.com 8 redirects az416426.vo.msecnd.net
www.courant.com
10 assets.bounceexchange.com tagan.adlightning.com
cmp.osano.com
assets.bounceexchange.com
10 match.prod.bidr.io 10 redirects
9 capi.connatix.com 1 redirects www.courant.com
s.amazon-adsystem.com
cds.connatix.com
cs-server-s2s.yellowblue.io
9 usr.undertone.com 1 redirects cdn.undertone.com
s.amazon-adsystem.com
9 sync.1rx.io 9 redirects
9 ce.lijit.com 2 redirects s.amazon-adsystem.com
ce.lijit.com
9 pixel.tapad.com 7 redirects sync-amz.ads.yieldmo.com
s.amazon-adsystem.com
9 token.rubiconproject.com 4 redirects www.courant.com
eus.rubiconproject.com
9 ids.ad.gt 1 redirects www.courant.com
8 images.taboola.com
8 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
cdn.undertone.com
rtb.gumgum.com
cs-server-s2s.yellowblue.io
8 match.sharethrough.com 2 redirects s.amazon-adsystem.com
match.sharethrough.com
7 ib.adnxs.com 5 redirects htlbid.com
7 image2.pubmatic.com 4 redirects s.amazon-adsystem.com
ads.pubmatic.com
7 i.liadm.com cmp.osano.com
7 fonts.gstatic.com fonts.googleapis.com
7 cds.connatix.com www.courant.com
tagan.adlightning.com
cmp.osano.com
6 www.googletagservices.com tagan.adlightning.com
83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
6 ads.yieldmo.com 2 redirects htlbid.com
sync-amz.ads.yieldmo.com
6 c.amazon-adsystem.com embed.sendtonews.com
c.amazon-adsystem.com
cmp.osano.com
az416426.vo.msecnd.net
5 simage2.pubmatic.com ads.pubmatic.com
s.amazon-adsystem.com
5 cs.yellowblue.io sync-amz.ads.yieldmo.com
cs-server-s2s.yellowblue.io
s.amazon-adsystem.com
5 image8.pubmatic.com 5 redirects
5 bh.contextweb.com 5 redirects
5 sync.ipredictive.com 5 redirects
5 ups.analytics.yahoo.com 4 redirects u.openx.net
5 x.bidswitch.net 5 redirects
5 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com cmp.osano.com
cdn.taboola.com
5 gum.criteo.com 2 redirects cmp.osano.com
5 jadserve.postrelease.com cmp.osano.com
5 pagead2.googlesyndication.com cmp.osano.com
az416426.vo.msecnd.net
tpc.googlesyndication.com
tagan.adlightning.com
www.courant.com
5 dpm.demdex.net 4 redirects
5 secure.adnxs.com 5 redirects
5 cdn.pranmcpkx.com cmp.osano.com
cdn.pranmcpkx.com
5 embed.sendtonews.com 1 redirects www.courant.com
embed.sendtonews.com
5 fonts.googleapis.com www.courant.com
embed.sendtonews.com
cmp.osano.com
4 sync.targeting.unrulymedia.com 3 redirects cs-server-s2s.yellowblue.io
4 ad.turn.com 4 redirects
4 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
cmp.osano.com
4 prod-dfm-proxy-connext.azurewebsites.net cdn.pranmcpkx.com
4 pr-bh.ybp.yahoo.com 2 redirects google-bidout-d.openx.net
s.amazon-adsystem.com
4 fastlane.rubiconproject.com htlbid.com
4 dc.services.visualstudio.com az416426.vo.msecnd.net
4 i6.liadm.com i.liadm.com
4 dis.criteo.com i.liadm.com
4 sb.scorecardresearch.com 2 redirects www.courant.com
4 b-code.liadm.com cmp.osano.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 pixel-sync.sitescout.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 sync.go.sonobi.com 3 redirects
3 image4.pubmatic.com 2 redirects s.amazon-adsystem.com
3 ssbsync.smartadserver.com 3 redirects
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 px.ads.linkedin.com 1 redirects u.openx.net
s.amazon-adsystem.com
3 id.rlcdn.com 2 redirects
3 eb2.3lift.com 2 redirects s.amazon-adsystem.com
3 rtb.gumgum.com 1 redirects s.amazon-adsystem.com
rtb.gumgum.com
3 onetag-sys.com s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
3 static.criteo.net cmp.osano.com
az416426.vo.msecnd.net
3 geo.privacymanager.io launchpad.privacymanager.io
ats-wrapper.privacymanager.io
3 u.openx.net 2 redirects s.amazon-adsystem.com
3 cdn-ima.33across.com www.courant.com
cmp.osano.com
3 player-files.remixd.com www.courant.com
3 analytics.google.com www.googletagmanager.com
3 s2l.sendtonews.com embed.sendtonews.com
3 www.googletagmanager.com cmp.osano.com
3 cmp.osano.com www.courant.com
cmp.osano.com
2 tattle.api.osano.com az416426.vo.msecnd.net
2 pix.cdnwidget.com 1 redirects www.courant.com
2 vop.sundaysky.com 2 redirects
2 ins.connatix.com cds.connatix.com
2 k.p-n.io cdn.p-n.io
2 pubmatic-match.dotomi.com 2 redirects
2 thrtle.com 1 redirects
2 sync.intentiq.com 1 redirects
2 cm.adgrx.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 mug.criteo.com
2 creativecdn.com 2 redirects
2 c1.adform.net 2 redirects
2 ssum-sec.casalemedia.com 1 redirects cdn.undertone.com
2 um.simpli.fi 2 redirects
2 csync.loopme.me 2 redirects
2 ssc-cms.33across.com 2 redirects
2 ads.stickyadstv.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 match.deepintent.com 1 redirects rtb.gumgum.com
2 t.pswec.com 2 redirects
2 pippio.com 2 redirects
2 crb.kargo.com s.amazon-adsystem.com
2 s.ad.smaato.net 2 redirects
2 bcp.crwdcntrl.net az416426.vo.msecnd.net
2 pm-widget.taboola.com cmp.osano.com
2 trc.taboola.com az416426.vo.msecnd.net
2 tags.crwdcntrl.net cmp.osano.com
2 aax.amazon-adsystem.com az416426.vo.msecnd.net
2 tlx.3lift.com htlbid.com
2 direct.adsrvr.org htlbid.com
2 bidder.criteo.com htlbid.com
2 hb.yellowblue.io htlbid.com
2 htlb.casalemedia.com htlbid.com
2 consent.api.osano.com az416426.vo.msecnd.net
2 bam.nr-data.net az416426.vo.msecnd.net
2 a.ad.gt cdn.hadronid.net
p.ad.gt
2 paywall-ad-bucket.s3.amazonaws.com www.courant.com
2 id.hadron.ad.gt cdn.hadronid.net
2 cdn.hadronid.net www.courant.com
a.ad.gt
2 secure.cdn.fastclick.net www.courant.com
cmp.osano.com
2 www.i.matheranalytics.com www.courant.com
2 config.aps.amazon-adsystem.com c.amazon-adsystem.com
cmp.osano.com
2 js.matheranalytics.com 1 redirects www.courant.com
2 imasdk.googleapis.com cmp.osano.com
tagan.adlightning.com
2 cdnjs.cloudflare.com cmp.osano.com
embed.sendtonews.com
2 www.google.com 1 redirects cmp.osano.com
2 az416426.vo.msecnd.net cmp.osano.com
2 cd.connatix.com 1 redirects tagan.adlightning.com
2 tribune.blueconic.net cmp.osano.com
2 cdn.p-n.io www.courant.com
cmp.osano.com
2 s.ntv.io www.courant.com
cmp.osano.com
2 tags.remixd.com www.courant.com
tags.remixd.com
2 accounts.google.com www.courant.com
cmp.osano.com
2 cdn.jsdelivr.net www.courant.com
cdn.jsdelivr.net
2 htlbid.com www.courant.com
1 events.bouncex.net www.courant.com
1 idr.cdnwidget.com www.courant.com
1 pd.cdnwidget.com az416426.vo.msecnd.net
1 ids.cdnwidget.com az416426.vo.msecnd.net
1 ams-depr-public.s3.amazonaws.com htlbid.com
1 xsync.iqzone.com cmp.osano.com
1 sync.resetdigital.co 1 redirects
1 connatix-supply-partners.tremorhub.com 1 redirects
1 i.ctnsnet.com 1 redirects
1 hde.tynt.com cmp.osano.com
1 de.tynt.com 1 redirects
1 sync.mathtag.com 1 redirects
1 ssum.casalemedia.com 1 redirects
1 lit.connatix.com cds.connatix.com
1 simage4.pubmatic.com ads.pubmatic.com
1 sync.bfmio.com
1 rtb-csync.smartadserver.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 view.cdnbasket.net az416426.vo.msecnd.net
1 page.cdnbasket.net az416426.vo.msecnd.net
1 data.cdnbasket.net az416426.vo.msecnd.net
1 cds.taboola.com az416426.vo.msecnd.net
1 pips.taboola.com az416426.vo.msecnd.net
1 dis.eu.criteo.com 1 redirects
1 prebid.a-mo.net s.amazon-adsystem.com
1 sync1.intentiq.com s.amazon-adsystem.com
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 us01.z.antigena.com s.amazon-adsystem.com
1 tag.bounceexchange.com cmp.osano.com
1 tg.socdm.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 pixel.advertising.com 1 redirects
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 data.adsrvr.org 1 redirects
1 contextual.media.net cs-server-s2s.yellowblue.io
1 sync.srv.stackadapt.com 1 redirects
1 d24zb9qreavi2u.cloudfront.net
1 ap.lijit.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 cdn.undertone.com s.amazon-adsystem.com
1 ssbsync-us.smartadserver.com 1 redirects
1 cs.media.net 1 redirects
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 ats-wrapper.privacymanager.io cmp.osano.com
1 google-bidout-d.openx.net cmp.osano.com
1 oajs.openx.net oa.openxcdn.net
1 cdn.id5-sync.com cmp.osano.com
1 sqs.us-east-1.amazonaws.com az416426.vo.msecnd.net
1 oa.openxcdn.net cmp.osano.com
1 invstatic101.creativecdn.com cmp.osano.com
1 krk2.kargo.com htlbid.com
1 dyv1bugovvq1g.cloudfront.net htlbid.com
1 launchpad.privacymanager.io cmp.osano.com
1 id.sv.rkdms.com az416426.vo.msecnd.net
1 api.rlcdn.com az416426.vo.msecnd.net
1 pixels.ad.gt p.ad.gt
1 js-sec.indexww.com cmp.osano.com
1 launchpad-wrapper.privacymanager.io cmp.osano.com
1 p.ad.gt a.ad.gt
1 js-agent.newrelic.com cmp.osano.com
1 ds.reson8.com cdn.resonate.com
1 sli.courant.com www.courant.com
1 cdn.resonate.com embed.sendtonews.com
1 player.sendtonews.com embed.sendtonews.com
1 playlist.stnvideo.com embed.sendtonews.com
1 ams-pageview-public.s3.amazonaws.com www.courant.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 rp4.liadm.com www.courant.com
1 rp.liadm.com 1 redirects
1 api-mg2.db-ip.com cdn.mircheigeshoa.com
1 cdn.jwplayer.com tags.remixd.com
1 d15kdpgjg3unno.cloudfront.net cmp.osano.com
1 cdn.o1ych4jb.com cmp.osano.com
1 cdn.mircheigeshoa.com cmp.osano.com
1 d1y4ng3lozj2yp.cloudfront.net cmp.osano.com
1 googleads.g.doubleclick.net www.courant.com
1 pixel.wp.com www.courant.com
1 pubcast-files.remixd.com tags.remixd.com
1 loader-cdn.azureedge.net www.courant.com
1 p1.parsely.com www.courant.com
1 session.courant.com www.courant.com
1 polyfill.io cmp.osano.com
1 stats.wp.com www.courant.com
1 embedcdn.sendtonews.com www.courant.com
1 cdn.parsely.com www.courant.com
1 secure.gravatar.com www.courant.com
1 cdn.auth0.com www.courant.com
1 ajax.googleapis.com www.courant.com
0 csm.va.us.criteo.net Failed gum.criteo.com
0 vid.connatix.com Failed cds.connatix.com
0 sync.colossusssp.com Failed
651 236

This site contains no links.

Subject Issuer Validity Valid
tls.automattic.com
R3		 2024-01-05 -
2024-04-04		 3 months crt.sh
htlbid.com
Amazon RSA 2048 M01		 2023-09-21 -
2024-10-18		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.osano.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
*.auth0.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-03-24		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
r610.chicagotribune.com
Amazon RSA 2048 M03		 2023-12-26 -
2025-01-24		 a year crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
*.remixd.com
Amazon RSA 2048 M03		 2024-01-10 -
2025-02-07		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-28 -
2024-08-28		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
pushlycdn.com
Amazon RSA 2048 M03		 2023-12-16 -
2025-01-12		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2023-12-22 -
2024-01-21		 a month crt.sh
*.courant.com
Amazon RSA 2048 M03		 2024-01-02 -
2025-01-31		 a year crt.sh
*.blueconic.net
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
pubcast-files.remixd.com
GTS CA 1D4		 2023-11-15 -
2024-02-13		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M03		 2023-12-02 -
2024-12-29		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
sendtonews.com
Amazon RSA 2048 M02		 2023-10-22 -
2024-11-19		 a year crt.sh
sni2bf2fgl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-03 -
2024-10-03		 a year crt.sh
sni2d7c7gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-18 -
2025-01-17		 a year crt.sh
sni2bf2agl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-03 -
2024-10-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.sendtonews.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
*.stnvideo.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-03-29		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M03		 2023-11-15 -
2024-12-14		 a year crt.sh
player-files.remixd.com
GTS CA 1D4		 2023-11-22 -
2024-02-20		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
sli.chicagotribune.com
R3		 2023-12-25 -
2024-03-24		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
a.ad.gt
E1		 2023-12-12 -
2024-03-11		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 03		 2023-11-18 -
2024-11-12		 a year crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.api.osano.com
Amazon RSA 2048 M03		 2023-09-27 -
2024-10-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
rkdms.com
Amazon RSA 2048 M03		 2023-10-04 -
2024-11-01		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-08-14 -
2024-09-12		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M03		 2023-12-20 -
2025-01-16		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
queue.amazonaws.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2024-01-05 -
2024-04-04		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 01		 2023-10-31 -
2024-06-27		 8 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M01		 2023-09-11 -
2024-10-08		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-09		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2023-11-20 -
2024-02-18		 3 months crt.sh
connatix.com
GTS CA 1P5		 2024-01-02 -
2024-04-01		 3 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
tag.bounceexchange.com
R3		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
data.cdnbasket.net
GTS CA 1D4		 2024-01-10 -
2024-04-09		 3 months crt.sh
page.cdnbasket.net
GTS CA 1D4		 2023-11-15 -
2024-02-13		 3 months crt.sh
view.cdnbasket.net
GTS CA 1D4		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.p-n.io
Amazon RSA 2048 M03		 2023-12-08 -
2025-01-03		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
*.iqzone.com
Go Daddy Secure Certificate Authority - G2		 2023-04-05 -
2024-05-06		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
ids.cdnwidget.com
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
pd.cdnwidget.com
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
idr.cdnwidget.com
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.wunderkind.co
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh

This page contains 71 frames:

Primary Page: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Frame ID: EE30664BA2725C071DD661BE85FA48BC
Requests: 325 HTTP requests in this frame

Frame: https://cds.connatix.com/p/407046/connatix.player.js
Frame ID: 111EDCC6556ADCF12F3E4891109BC9B8
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 6C1150A22025CE84EBEEE754C4608502
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 65FB98846593B200E3A0D0ACA7E5DBAB
Requests: 35 HTTP requests in this frame

Frame: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Frame ID: DCDFC16AF431DC8A7D6F312B1A027AA2
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: 9881C488FE571396C107320691C45B78
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Frame ID: 375F2DC24840D5EB147F12318D0D7825
Requests: 3 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.6&cd=.www.courant.com&
Frame ID: 134E77AE4B841A5B105C51961A9955B2
Requests: 3 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Frame ID: 3196EABF1225BFE18FD861987647DCDC
Requests: 3 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Frame ID: 297D89832D2773E688B60E008400F1B7
Requests: 3 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=ChMKBgjdARD4FgoJCP____8HEIIX&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Frame ID: 4DD91865DB78FEF7611F8356920F063B
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: F24AC0A7159AC2F4C8041811AEA48602
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A22D0184727B5DF11B2CDC5999AC0180
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=ChMKBgjdARD4FgoJCP____8HEIIX&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Frame ID: FAD176BBB468232D1CBDA62C8F2B4986
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A169C4054DF37C677446FC01204FD64B
Requests: 6 HTTP requests in this frame

Frame: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5495ACEE2E9AB049004DD6B44AFA8A31
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift
Frame ID: 6F508EE7A27673386D73AC1B78031196
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 139E958E16CF20F018D4DDEF3D14E7D3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0BB70F25407FB4F8D7A35C0223200659
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE8F1766519E9A8BB16EEA55F7D9BCBA
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: BDDA698899FA858C4869166D8F36D067
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: 9088DFD3F2C372368AA23FA1528E86DD
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6633317921081862514&gdpr=0&gdpr_consent=
Frame ID: B3E93835FA3E17710E56875C6F86D305
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Frame ID: F979672C40EDDFBAF382522F0489CB96
Requests: 9 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: A17FF29FA38EF39AF18360EFBF5AEEAC
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: C5802D5A9D769BDFCA3C4EDF2F0CD73A
Requests: 18 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: 04FC45978ADC8CB525A12620B5F03B66
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: 41B36A37EA36E50D896E10A90196E5F7
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wb0dtcWtCRTJ1THVmVjVmalFGQl9IRmJpejdIOHRtOH5B&gdpr=0
Frame ID: A9E04C131F45AB0B74A0D2B7E8D62B2C
Requests: 1 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/dinitsync?partners=A9
Frame ID: 6219CD6D1487DFECC7F8B473F7C892AD
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=2840245782802064973&ex=appnexus.com&gdpr=0
Frame ID: 50FF4B154876EB1B2E5C9A453AF0FCD2
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Frame ID: 4CD14A177520A254393338A01422F4FA
Requests: 7 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Frame ID: F4F1A9585D3F313D5909056F54C1FA75
Requests: 16 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4121083549846426384162
Frame ID: E5BF26DFD34B80A563CF8C7E457BBDD5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.courant.com&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-&gpp_sid=6
Frame ID: A5CE19F54660BEC25688CF441496D26B
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 0571F15918151464CCEAD87280D3B422
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 8B234DBC2F9CB77F2B275AB7A71E1688
Requests: 4 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=3604464877181281496&gdpr=0&gdpr_consent=
Frame ID: 5E929E7E6686ED7706CAAC8DC8C09317
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV85YTNjYTQ2Ni1jNDI5LTRmNzktYmM5MS05OTRhYTAyZDgxMTI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: F666542C00CEDB5866A3173308EC40DF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 0ADFE2E1962575D210D23209054769B7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=e59d3934-868a-4c3e-9652-c62263f9455b
Frame ID: 1126FF1F274E558FABC8F78B5AA43D33
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZZ7mvcCo5sAAAAfS.3IAAAAA
Frame ID: 76276CEE2B6F3FF18E33CC2A08C8D6F5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=GJMLBpYQZAvIR6klJc2UYhA_6HBuZcCWjxnuciECe08&pi=gumgum&tc=1
Frame ID: 6DF4E1A85B2CAD77253A51C73A4B0564
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: A9C3D45122B9C4154C8EB8511BDB659D
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 3D13F41BEA097B0BF509389DF5645376
Requests: 1 HTTP requests in this frame

Frame: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BB72ECE59EE5FEF4FA4C132CA323AC3F
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Frame ID: A0E412FC7D5F8D98FDAA085E4173748A
Requests: 7 HTTP requests in this frame

Frame: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 26EF19E540A169AC43C4BB4D9B601772
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Frame ID: 758EE07E95B322028D984BAD84BA9476
Requests: 7 HTTP requests in this frame

Frame: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5FC7D1971C1799FD2F099AB35FEE54EC
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: 0661C0CB645E9BBD0FAB7A70D62CCFD8
Requests: 4 HTTP requests in this frame

Frame: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9FE5DC204D88C117623AEA41A0CE7F78
Requests: 10 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js?cid=38d5daa3-18ac-4ee1-a905-373c67622f25
Frame ID: D0FEFF7AA055346A30D0EFDAD3DE21EA
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BC1540B7-931D-4457-8971-3EF62F259356&redir=true&gdpr=0&gdpr_consent=
Frame ID: 2DB21E8CCCFA7797A27502343AB74A07
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=001896fe-afe9-11ee-8ce6-6e5169de39ab
Frame ID: 3971CF7F6F14F76CD6A323B92494A6B3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDBC1540B7-931D-4457-8971-3EF62F259356
Frame ID: DDD9B209EFE177E65EEDDEB8BA789C7F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.courant.com&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: EB8355A1A6E9A58D684EB17781DBC6E7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
Frame ID: C3A3608A1CA5F24E496B4F32B2517AD9
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/placeAnAd_tribpub_728x90.html
Frame ID: EF407B30F7075DBBD8FCD9159269FFDE
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/placeAnAd_tribpub_300x250.html
Frame ID: AAF7CD89EFD046805BE9D742D5805E9F
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
Frame ID: 7CC4F7214DB093F674B70E4EC29622D5
Requests: 5 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABA9U7LPc0AABNRgylERA&gdpr=0&gdpr_consent=
Frame ID: DEC17593AEF8275919DB4D1A2299783F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2840245782802064973&gdpr=0&gdpr_consent=
Frame ID: 2C37D25538B9DC6408BAEA5EFD29B288
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 09B8F8C8254438B0552DD28B74EEAF34
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_43f4896b9c164b82b4130
Frame ID: 90BA84093F01B35C8F5DE20CC1052EA3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDBC1540B7-931D-4457-8971-3EF62F259356
Frame ID: DE6F0639772A3C9964D84F2A86506247
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 677BB00EEB99BBD041457E26A5351E10
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D0ff19b8c3ec9405985ece597fc17608a%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Frame ID: 231EAF5BDB5A4912BD09D43310FC112B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D0ff19b8c3ec9405985ece597fc17608a%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Frame ID: 81CBFECB0CB2D0EAE5B9EC96EAABBA12
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d0ff19b8c3ec9405985ece597fc17608a%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Frame ID: 5E08002C2E14CBE2397A7104189BADE9
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 58D9E6BD2EF471042B1D7627E021F2D9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

651
Requests

76 %
HTTPS

24 %
IPv6

128
Domains

236
Subdomains

164
IPs

9
Countries

8604 kB
Transfer

28353 kB
Size

265
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://embed.sendtonews.com/player3/embedcode.js?fk=iLgdKCFX&cid=4650&offsetx=0&offsety=112&floatwidth=400&floatposition=bottom-right&ver=1.0.0 HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/7.29.5/embed.js
Request Chain 40
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/407046/connatix.player.js
Request Chain 61
  • https://www.google.com/pagead/landing?gcs=G1--&gcd=11l1l1l1l5&rnd=1344068758.1704912567&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&dma=0&tcfd=10000&gtm=45He4180n71TLFP4Rv71194413 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&gcd=11l1l1l1l5&rnd=1344068758.1704912567&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&dma=0&tcfd=10000&gtm=45He4180n71TLFP4Rv71194413
Request Chain 66
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1704912567285&ns_c=UTF-8&c8=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&c7=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1704912567285&ns_c=UTF-8&c8=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&c7=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&c9=
Request Chain 97
  • https://js.matheranalytics.com/s/ma89701/197837617/wp/ml.js?cb=1644 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma89701/wp/7/ml.br.js
Request Chain 111
  • https://rp.liadm.com/j?dtstmp=1704912568380&aid=a-05ac&se=e30&duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&tna=v2.11.4&pu=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&us_privacy=1---&wpn=lc-bundle&gdpr=0&c=PHRpdGxlPkNUIG1hbiBzZW50ZW5jZWQgZm9yIGRvd25sb2FkaW5nIGNoaWxkIGFidXNlIHZpZGVvcyBmcm9tIGRhcmsgd2ViPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBOb3J0aCBCcmFuZm9yZCBtYW4gaGFzIGJlZW4gc2VudGVuY2VkIHRvIHNldmVuIHllYXJzIGluIGZlZGVyYWwgcHJpc29uIGZvciBkb3dubG9hZGluZyB0aG91c2FuZHMgb2YgdmlkZW9zIGFuZCBwaG90b3Mgb2YgY2hpbGRyZW4gYW5kIGJhYmllcyBiZWluZyBzZXh1YWxseSBhYnVzZWQuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cuY291cmFudC5jb20vMjAyNC8wMS8xMC9jdC1tYW4tc2VudGVuY2VkLWZvci1kb3dubG9hZGluZy10aG91c2FuZHMtb2YtY2hpbGQtYWJ1c2UtdmlkZW9zLWZyb20tZGFyay13ZWIvIj48aDEgY2xhc3M9ImVudHJ5LXRpdGxlIj4KCjxkaXYgY2xhc3M9ImVudHJ5LXNlY3Rpb24iPjxhIGhyZWY9Imh0dHBzOi8vd3d3LmNvdXJhbnQuY29tL25ld3MvY29ubmVjdGljdXQtbmV3cy8iPkNvbm5lY3RpY3V0IE5ld3MgfCA8L2E-PC9kaXY-CQoJCQkJPHNwYW4gY2xhc3M9ImRmbS10aXRsZSBtZXRlcmVkIj4KCQkJQ1QgbWFuIHNlbnRlbmNlZCBmb3IgZG93bmxvYWRpbmcgdGhvdXNhbmRzIG9mIGNoaWxkIGFidXNlIHZpZGVvcyBmcm9tIGRhcmsgd2ViCQk8L3NwYW4-CgoJCgk8L2gxPg&cd=.www.courant.com HTTP 302
  • https://rp4.liadm.com/j?se=e30&aid=a-05ac&tna=v2.11.4&cd=.www.courant.com&dtstmp=1704912568380&n3pc=true&wpn=lc-bundle&duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&gdpr=0&pu=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&c=PHRpdGxlPkNUIG1hbiBzZW50ZW5jZWQgZm9yIGRvd25sb2FkaW5nIGNoaWxkIGFidXNlIHZpZGVvcyBmcm9tIGRhcmsgd2ViPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBOb3J0aCBCcmFuZm9yZCBtYW4gaGFzIGJlZW4gc2VudGVuY2VkIHRvIHNldmVuIHllYXJzIGluIGZlZGVyYWwgcHJpc29uIGZvciBkb3dubG9hZGluZyB0aG91c2FuZHMgb2YgdmlkZW9zIGFuZCBwaG90b3Mgb2YgY2hpbGRyZW4gYW5kIGJhYmllcyBiZWluZyBzZXh1YWxseSBhYnVzZWQuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cuY291cmFudC5jb20vMjAyNC8wMS8xMC9jdC1tYW4tc2VudGVuY2VkLWZvci1kb3dubG9hZGluZy10aG91c2FuZHMtb2YtY2hpbGQtYWJ1c2UtdmlkZW9zLWZyb20tZGFyay13ZWIvIj48aDEgY2xhc3M9ImVudHJ5LXRpdGxlIj4KCjxkaXYgY2xhc3M9ImVudHJ5LXNlY3Rpb24iPjxhIGhyZWY9Imh0dHBzOi8vd3d3LmNvdXJhbnQuY29tL25ld3MvY29ubmVjdGljdXQtbmV3cy8iPkNvbm5lY3RpY3V0IE5ld3MgfCA8L2E-PC9kaXY-CQoJCQkJPHNwYW4gY2xhc3M9ImRmbS10aXRsZSBtZXRlcmVkIj4KCQkJQ1QgbWFuIHNlbnRlbmNlZCBmb3IgZG93bmxvYWRpbmcgdGhvdXNhbmRzIG9mIGNoaWxkIGFidXNlIHZpZGVvcyBmcm9tIGRhcmsgd2ViCQk8L3NwYW4-CgoJCgk8L2gxPg&i6=MjYwMjpmZmM4OjI6MTA0OjoxMQ%3D%3D&us_privacy=1---
Request Chain 178
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704912571-IUWK4PT3-C13G&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001704912571-IUWK4PT3-C13G%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704912571-IUWK4PT3-C13G&adnxs_id=2840245782802064973&gdpr=0
Request Chain 179
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704912571-IUWK4PT3-C13G&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704912571-IUWK4PT3-C13G&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=e59d3934-868a-4c3e-9652-c62263f9455b&id=AU1D-0100-001704912571-IUWK4PT3-C13G
Request Chain 180
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704912571-IUWK4PT3-C13G HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704912571-IUWK4PT3-C13G HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=BC1540B7-931D-4457-8971-3EF62F259356&id=AU1D-0100-001704912571-IUWK4PT3-C13G
Request Chain 182
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001704912571-IUWK4PT3-C13G&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704912571-IUWK4PT3-C13G%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001704912571-IUWK4PT3-C13G&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704912571-IUWK4PT3-C13G%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9f598662-327e-406c-a623-1639fcaad77f%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001704912571-IUWK4PT3-C13G%252526tapad_id%25253D9f598662-327e-406c-a623-1639fcaad77f%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e59d3934-868a-4c3e-9652-c62263f9455b&ttd_puid=9f598662-327e-406c-a623-1639fcaad77f%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001704912571-IUWK4PT3-C13G%2526tapad_id%253D9f598662-327e-406c-a623-1639fcaad77f%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704912571-IUWK4PT3-C13G&tapad_id=9f598662-327e-406c-a623-1639fcaad77f
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001704912571-IUWK4PT3-C13G HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704912571-IUWK4PT3-C13G&google_gid=CAESEH65F6_746F6PjNZr0Rv_UI&google_cver=1&google_ula=450542624,0
Request Chain 184
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001704912571-IUWK4PT3-C13G HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDkxMjU3MS1JVVdLNFBUMy1DMTNH
Request Chain 185
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001704912571-IUWK4PT3-C13G HTTP 303
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001704912571-IUWK4PT3-C13G&_bee_ppp=1 HTTP 303
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AABA9U7LPc0AABNRgylERA&id=AU1D-0100-001704912571-IUWK4PT3-C13G
Request Chain 186
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001704912571-IUWK4PT3-C13G&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001704912571-IUWK4PT3-C13G HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001704912571-IUWK4PT3-C13G&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001704912571-IUWK4PT3-C13G HTTP 302
  • https://ids.ad.gt/api/v1/adb_match?adb=86184965195569105544419199670438777659&id=AU1D-0100-001704912571-IUWK4PT3-C13G
Request Chain 187
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001704912571-IUWK4PT3-C13G%26auid%3DAU1D-0100-001704912571-IUWK4PT3-C13G HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001704912571-IUWK4PT3-C13G%26auid%3DAU1D-0100-001704912571-IUWK4PT3-C13G HTTP 302
  • https://ids.ad.gt/api/v1/openx?openx_id=a7d142f4-d16d-4d4d-9f9f-806d13273478&id=AU1D-0100-001704912571-IUWK4PT3-C13G&auid=AU1D-0100-001704912571-IUWK4PT3-C13G
Request Chain 191
  • https://sb.scorecardresearch.com/c2/6035443/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 204
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7E%7E1YN-&gpp_sid=6 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7E%7E1YN-&gpp_sid=6&b=1&g=bg5Ai4JOZ%2FbrBBc11wwsxZAbHZlcDbcyp5mMZqVbDN8%3D
Request Chain 205
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6&b=1&g=iE8C%2FoJ%2BUK5cryVZVujg7MGj2vXkv18N9Rd17Xj5iqw%3D
Request Chain 206
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6&b=1&g=zuziJVucrIKF7ViKv9kFnHSCSxGrgljAWeys032TdMI%3D
Request Chain 207
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7E%7E1YN-&gpp_sid=6 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7E%7E1YN-&gpp_sid=6&b=1&g=MjiCReyjJMxlhKE3Uf1g6axzhardIENBXrP2ww6HZlY%3D
Request Chain 213
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&gpp=DBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6 HTTP 307
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&gpp=DBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6&b=1&g=L5WLWPJzrpf1gtXm1ZUg5mWvM9S9nyaOEYHj%2B3T4d%2Bk%3D&fp=aYGH4SBeSHNjr40%2Bqf8oSGjVcG%2FCIcT%2BiBMwRdt0RUZ%2BY%2B6ERGnJTf%2FCQnaH64S1xBhvq7PFlcPc4H%2FzpoD9Tg%3D%3D
Request Chain 267
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=d64727ec-444b-c94b-0c6a-16aa6c6b309c HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=d64727ec-444b-c94b-0c6a-16aa6c6b309c&dcc=t
Request Chain 268
  • https://match.adsrvr.org/track/cmf/openx?oxid=8e915b91-58e1-72b1-cc64-943d0458fb7c&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e59d3934-868a-4c3e-9652-c62263f9455b&ttd_puid=8e915b91-58e1-72b1-cc64-943d0458fb7c&gdpr=0&gdpr_consent=
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJRzzP7lD7cZJm9bU-N-yZA&google_cver=1
Request Chain 285
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=d7b6ceef-32a6-4550-85eb-960683662294
Request Chain 286
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3479141726634070000V10
Request Chain 287
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=580acb6756
Request Chain 291
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6633317921081862514&gdpr=0&gdpr_consent=
Request Chain 297
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wb0dtcWtCRTJ1THVmVjVmalFGQl9IRmJpejdIOHRtOH5B&gdpr=0
Request Chain 299
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=2840245782802064973&ex=appnexus.com&gdpr=0
Request Chain 300
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Request Chain 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4121083549846426384162
Request Chain 315
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=db5724f7-95a6-44d1-931d-14ce3dc39aa4 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokZGI1NzI0ZjctOTVhNi00NGQxLTkzMWQtMTRjZTNkYzM5YWE0EAAaDQi9zfusBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=2d84aca1b9f4bb015ccd20e3725850f762b4eb2e25ce5581a96077e8a3567ced791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=2d84aca1b9f4bb015ccd20e3725850f762b4eb2e25ce5581a96077e8a3567ced791426b5417dce21&rand=09483535 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=2d84aca1b9f4bb015ccd20e3725850f762b4eb2e25ce5581a96077e8a3567ced791426b5417dce21&rand=09483535&expected_cookie=338573fe-9dae-45a8-b59e-faffa86a83d8
Request Chain 316
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=2840245782802064973
Request Chain 317
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8061612558496674094&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 318
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZZ7mvQANhnk-tQBU HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZ7mvQANhnk-tQBU&_test=ZZ7mvQANhnk-tQBU
Request Chain 322
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2840245782802064973
Request Chain 323
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_9a3ca466-c429-4f79-bc91-994aa02d8112&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=gumgum2&bsw_user_id=d7b6ceef-32a6-4550-85eb-960683662294 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=gumgum2&bsw_user_id=d7b6ceef-32a6-4550-85eb-960683662294 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=5c7168c7-a845-4574-8b71-00b970ed52f5&expires=3&user_group=1&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=d7b6ceef-32a6-4550-85eb-960683662294&gdpr=&gdpr_consent=&us_privacy=
Request Chain 324
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=79acffe1-70f4-4ae7-ab1f-84d0cc08fa3a
Request Chain 325
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36
Request Chain 326
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-HnQj3YBE2pffHU0_dZdoobRG5tsAKM.8ZZI.~A
Request Chain 327
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=eb1d2174-4993-4a4f-b612-9f916f5fd710
Request Chain 329
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_9a3ca466-c429-4f79-bc91-994aa02d8112&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=u_9a3ca466-c429-4f79-bc91-994aa02d8112&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=LFwXsVv6eeBiPOgTffud&gdpr=0
Request Chain 330
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=TP3jY7tnqGRv&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 331
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6633317921081862514
Request Chain 334
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NThhZThiOGYtMGJjOC00MDg1LWJkOGYtNzA4YjVlNjM4ZjZj HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 336
  • https://s.ad.smaato.net/c/?adExInit=s&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DxTFJbLbs37tyhbKsPP9VC2cm%26source_user_id%3D%24UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=580acb6756
Request Chain 337
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkMxNTQwQjctOTMxRC00NDU3LTg5NzEtM0VGNjJGMjU5MzU2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOFZrYImsMuGPy0PAZmovUU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3DBC1540B7-931D-4457-8971-3EF62F259356&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=BC1540B7-931D-4457-8971-3EF62F259356
Request Chain 339
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=VEeM___OOM_hTP3txScq HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D9f598662-327e-406c-a623-1639fcaad77f%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2840245782802064973&pt=9f598662-327e-406c-a623-1639fcaad77f%2C%2C
Request Chain 341
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEPfdWGHbMne1TMJa8_Nhc5E&google_cver=1
Request Chain 342
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=TP3jY7tnqGRv&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Request Chain 343
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=816857504 HTTP 302
  • https://sync.1rx.io/usersync/turn/8061612558496674094?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
Request Chain 344
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=58ae8b8f-0bc8-4085-bd8f-708b5e638f6c&gdpr=0
Request Chain 345
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=6da7a73d-c934-4847-ac54-caabe4abbf80
Request Chain 346
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11600&id=6633317921081862514&gdpr=0&gdpr_consent=
Request Chain 347
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=28745898956b3019f07ebd41b5237fbb&gdpr_consent=&gdpr=0
Request Chain 348
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=2840245782802064973&gdpr=0&gdpr_consent=
Request Chain 349
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212415999423087
Request Chain 350
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=BC1540B7-931D-4457-8971-3EF62F259356
Request Chain 351
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=TP3jY7tnqGRv&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Request Chain 353
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEeM___OOM_hTP3txScq&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 354
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2581584403 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e59d3934-868a-4c3e-9652-c62263f9455b HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
Request Chain 355
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=66914707-8f0e-4ff4-8723-c8af25f12f3f
Request Chain 356
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=a8980298-017c-4b63-8990-637b41d892ee&gdpr_consent=null&gdpr=0
Request Chain 357
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=d7b6ceef-32a6-4550-85eb-960683662294
Request Chain 361
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1704912573108 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3014432731 HTTP 302
  • https://sync.1rx.io/usersync/turn/7989554964458746158?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
Request Chain 362
  • https://um.simpli.fi/lj_match?r=1704912572731&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=B67B9CB5FAEF4990AE46B66C7A6FC2E9
Request Chain 363
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=2840245782802064973&gdpr=0&gdpr_consent=
Request Chain 364
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=
Request Chain 365
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?3pid=AABA9U7LPc0AABNRgylERA&pid=85&gdpr=0
Request Chain 369
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 370
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 371
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=c5fc3cb6-584e-4ed2-a6e1-8bfaf3f4db2e
Request Chain 372
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-9BSszoBE2uGnE0fIap1vW9RzpV65zwBo~A
Request Chain 373
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=e59d3934-868a-4c3e-9652-c62263f9455b&ttl=1707504573
Request Chain 374
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR84XAX2-1U-C4IM
Request Chain 375
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DBC1540B7-931D-4457-8971-3EF62F259356 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=BC1540B7-931D-4457-8971-3EF62F259356
Request Chain 376
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253D83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553
Request Chain 377
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-B752TM1E2uFSR3odvahsE_Y754mx.GQVtIfjJcc-~A
Request Chain 378
  • https://usr.undertone.com/userPixel/syncr?gdpr=&gdprstr=&partnerId=49&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24UIDENC HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=bk9mjmk7uy6yw7754ibfxb1e8
Request Chain 379
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=3604464877181281496&gdpr=0&gdpr_consent=
Request Chain 382
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=e59d3934-868a-4c3e-9652-c62263f9455b
Request Chain 383
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZ7mvcCo5sAAAAfS.3IAAAAA
Request Chain 384
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=GJMLBpYQZAvIR6klJc2UYhA_6HBuZcCWjxnuciECe08&pi=gumgum&tc=1
Request Chain 385
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 399
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 407
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=courant.com&sn=ChromeSyncframe&so=0&topUrl=www.courant.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Q2D93nxtN29tL0gzZC9QbWVRdVhEanJkRTlORmVkMVJVR2VJN0N5MjlnM200eVR0VlRpOGFEazNLM1BmWFZvZCt0ckU4bnROdHM5RDJjS2dMSkdoTkN2OWNGbHlRVnZwRXFvdk9uSVFBRmxWTGFneEgwRDFpNXpEWlAzWWpTN0NncVlaOFlESU9ybzBYMUZEYzVZaG9jYWU0V2Qza1FsRXdhUm11TE9LVzJ6YXM2TEcxL0hGdmFDRmdYeUZreTdYVjZqQ2JYQnd5YlpSbTFiNGpoRklnN1pUY0Rsck14NTR5bWViNTl3djhaRFZ2dkdLNEE3NGk1Ym9LODJMTEl6RytKQ0c2ekh0NXhQWWUwUEZnWGJMVkhZVXI2eUdYTjVjemFyWm9hcm93c2NNcElFQT18&cppv=2
Request Chain 467
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LR84XAX2-1U-C4IM HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LR84XAX2-1U-C4IM&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 471
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=e59d3934-868a-4c3e-9652-c62263f9455b
Request Chain 478
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=001896fe-afe9-11ee-8ce6-6e5169de39ab
Request Chain 480
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vBVAt5MdRFeJcT72LyWTVg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 481
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=BC1540B7-931D-4457-8971-3EF62F259356 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=9f598662-327e-406c-a623-1639fcaad77f&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D9f598662-327e-406c-a623-1639fcaad77f%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=86184965195569105544419199670438777659&pt=9f598662-327e-406c-a623-1639fcaad77f%2C%2C
Request Chain 484
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B67B9CB5FAEF4990AE46B66C7A6FC2E9
Request Chain 485
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=
Request Chain 487
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BC1540B7-931D-4457-8971-3EF62F259356&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rWyekSdE2uUfpW4x7Cs4NjILA7rMUdw-~A&gdpr=0
Request Chain 489
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=&expires=30
Request Chain 490
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qfoFvGNHRRy1Pmt3pfTSfw&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qfoFvGNHRRy1Pmt3pfTSfw&gdpr=0
Request Chain 491
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEP-fIqv3o8KmA0oR1-cWxfU&google_cver=1
Request Chain 492
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR84XAX2-1U-C4IM&gdpr=0
Request Chain 494
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LR84XAX2-1U-C4IM&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 495
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjAzYjRjNDkyYzlkMzM3YTdhYzllOGQyNDhkZjI1NTIyZGNhNzk3OA&gdpr=0
Request Chain 496
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI4NFhBWDItMVUtQzRJTQ==&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEF1uDWqYl2mD4nJslov5ghY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4NFhBWDItMVUtQzRJTQ==&google_push=&gdpr=0
Request Chain 497
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/PWcvJ07Ecnd7dqKb5y3Ehcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HNZ_vDFE2oJTLDjbMpUcA.wbwkNd6SK7skHmpQ--~A
Request Chain 498
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABA9U7LPc0AABNRgylERA&expires=30&gdpr=0
Request Chain 499
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LR84XAX2-1U-C4IM&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR84XAX2-1U-C4IM HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR84XAX2-1U-C4IM&ckls=true&ci=PDdHuMmCCp&nc=false&trid=-116256748
Request Chain 500
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR84XAX2-1U-C4IM&gdpr=0
Request Chain 501
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LR84XAX2-1U-C4IM&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LR84XAX2-1U-C4IM&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Request Chain 502
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LR84XAX2-1U-C4IM&gdpr=0
Request Chain 503
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=eb1d2174-4993-4a4f-b612-9f916f5fd710&expires=30&gdpr=0
Request Chain 504
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LR84XAX2-1U-C4IM&gdpr=0
Request Chain 506
  • https://id5-sync.com/i/687/8.gif?id5id=ID5*H5i_3T5EH7ILVz9bT63Pcey9wY8aPlvirajTinWA2617etR7ygZjNTGOm0H1uAYoe3sReo-io88YoL5PGtHoAQ&o=api&gdpr_consent=undefined&gdpr=false&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F108%2F7%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-%3A%26gpp_sid%3D6&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/687/108/7/2.gif?puid=9f598662-327e-406c-a623-1639fcaad77f&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F796%2F6%2F3.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-%3A%26gpp_sid%3D6&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/687/796/6/3.gif?puid=eb1d2174-4993-4a4f-b612-9f916f5fd710&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=e59d3934-868a-4c3e-9652-c62263f9455b&ttl=%%TTL%% HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F441%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-%3A%26gpp_sid%3D6&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/687/441/4/5.gif?puid=u_9a3ca466-c429-4f79-bc91-994aa02d8112&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6 HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-%3A%26gpp_sid%3D6&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/687/434/3/6.gif?puid=6da7a73d-c934-4847-ac54-caabe4abbf80&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6 HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F203%2F2%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-%3A%26gpp_sid%3D6 HTTP 302
  • https://id5-sync.com/c/687/203/2/7.gif?puid=8cb235f6-5897-4ec0-8d5c-d9793ac95fbd&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-%3A%26gpp_sid%3D6&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/687/429/1/8.gif?puid=BC1540B7-931D-4457-8971-3EF62F259356&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6 HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=BC1540B7-931D-4457-8971-3EF62F259356&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F1242%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-%3A%26gpp_sid%3D6&s=id5 HTTP 302
  • https://id5-sync.com/c/687/1242/0/9.gif?puid=H-CpjPZHkAIsI4hfTom0aT2C&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6
Request Chain 510
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&khaos=LR84XAX2-1U-C4IM HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LR84XAX2-1U-C4IM&gdpr=0&gdpr_consent=undefined
Request Chain 511
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr_consent=undefined&gdpr=0&khaos=LR84XAX2-1U-C4IM HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR84XAX2-1U-C4IM&gdpr=0&gdpr_consent=undefined
Request Chain 520
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LR84XAX2-1U-C4IM HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LR84XAX2-1U-C4IM
Request Chain 530
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=courant.com&sn=ChromeSyncframe&so=3&topUrl=www.courant.com&bundle=BI9wbl9ENzllSEhnNzkwNksxcmhuUWxoTHJFc0JWT2VaemJpTDIlMkJ2SHpnYW5xMiUyRlQwM1JFSUx4TDhCZVIzcnJibVlINXVDbUwxdE1WZlN6Q1l4JTJGWWMlMkYwV3phY3dKOVJEMCUyQkpIRDQlMkZzWGJpY2U5NGh4SmRqUW96MjJvYmJZZWdtVDdLJTJCYllIN1hGTUhNOHdib2dDWkNqQnBTQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=_wRPE3xHMjRsdklLY3JYT3I4RjQ1RE1UbkJ2aXZ5NzFKSmVPcHBWUGxNQWdFWVlOb3FsK29ZVHpxWlE2VGdSNXh3OTBSV21scW1FWDJYNy96eGJicUpJZ1gvakVrNWN3RWFuRVZaamZxOG1PMWdyZmdGai9qYXpyZU53ZHpwbHM1NFZ1SVVpanMzODVSbytRWWcra0hjUEYvclBmUGFOdlVSekE0RGRMNVJBenpvVEJDVzkrRzV6dFZBT3JxMndLSkpZS2ZlWWZId3NneG5DdWFkK3NwQXloTWgyUHBwRXVGS3FBR20yQTlGRktVeGZJaG9BQWxrTU52bDJVbE9NTEt0eGpwRXhtK3YzQ0s0eUpDeFM5RjcvQlluL2lkdzQ0S0xZWTJrUXZqUjljUWJZdz18&cppv=2
Request Chain 553
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCQTlVN0xQYzBBQUJOUmd5bEVSQQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AABA9U7LPc0AABNRgylERA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABA9U7LPc0AABNRgylERA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6633317921081862514&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AABA9U7LPc0AABNRgylERA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6633317921081862514%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6633317921081862514&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AABA9U7LPc0AABNRgylERA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABA9U7LPc0AABNRgylERA&gdpr=0&gdpr_consent=
Request Chain 554
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2840245782802064973&gdpr=0&gdpr_consent=
Request Chain 556
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_43f4896b9c164b82b4130
Request Chain 558
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=BC1540B7-931D-4457-8971-3EF62F259356&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=BC1540B7-931D-4457-8971-3EF62F259356&vxii_pid=12&vxii_pid1=10067&vxii_rcid=9c589e05-8916-459e-b49f-934b4cf7a740
Request Chain 562
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=eb1d2174-4993-4a4f-b612-9f916f5fd710&gdpr=0&gdpr_consent=
Request Chain 563
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BC1540B7-931D-4457-8971-3EF62F259356&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=40ab0a63f9301006&is_secure=true&networkId=17100&version=1&nuid=BC1540B7-931D-4457-8971-3EF62F259356&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFsVly7E00ZwNopi8YAAAAAAA&expiration=1704998978&nuid=BC1540B7-931D-4457-8971-3EF62F259356&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 587
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=17&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Index&api-tier=2&uid=ZZ7mvfLvy4iNzLBqwBi9BQAA%263842
Request Chain 588
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0 HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Beeswax&api-tier=2&uid=AABA9U7LPc0AABNRgylERA&gdpr=0
Request Chain 589
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=e59d3934-868a-4c3e-9652-c62263f9455b&ttl=1707504578
Request Chain 590
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DAmobee%26api-tier%3D2%26uid%3D%23USER_ID%23&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=21&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Amobee&api-tier=2&uid=8061612558496674094
Request Chain 591
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=25&ev=0ff19b8c3ec9405985ece597fc17608a&pname=TripleLift&api-tier=2&uid=4121083549846426384162
Request Chain 592
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DAppNexus%26api-tier%3D2%26uid%3D%24UID=&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=0ff19b8c3ec9405985ece597fc17608a&pname=AppNexus&api-tier=2&uid=2840245782802064973=&gdpr=0
Request Chain 593
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&gdpr=0 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2069.89%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=4371284184 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2069.89/52cc659e-e6c2-4c00-9e2c-38b9737d5434?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpuid%3DRX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005%26pId%3D44 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005&pId=44
Request Chain 594
  • https://ssbsync.smartadserver.com/api/sync?callerId=6&gdpr=0&gdpr_consent=null HTTP 302
  • https://capi.connatix.com/us/pixel?puid=6633317921081862514&pId=40&gdpr=0&gdpr_consent=
Request Chain 595
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D0ff19b8c3ec9405985ece597fc17608a%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0 HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D0ff19b8c3ec9405985ece597fc17608a%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0 HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D0ff19b8c3ec9405985ece597fc17608a%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Request Chain 597
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DPulsePoint%26api-tier%3D2%26uid%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=13&ev=0ff19b8c3ec9405985ece597fc17608a&pname=PulsePoint&api-tier=2&uid=TP3jY7tnqGRv
Request Chain 598
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DCrimtan%26api-tier%3D2%26uid%3D%5Buser_id%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=28&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Crimtan&api-tier=2&uid=6b0a10a5b0024b0aadb08ef67422feeb
Request Chain 599
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DLoopMe%26api-tier%3D2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0 HTTP 307
  • https://cks.connatix.com/cks?pid=18&ev=0ff19b8c3ec9405985ece597fc17608a&pname=LoopMe&api-tier=2&uid=a8980298-017c-4b63-8990-637b41d892ee&pubid=11186&gdpr=0
Request Chain 600
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=9&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Centro&api-tier=2&uid=83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553&gdpr=0
Request Chain 601
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DYieldMo%26api-tier%3D2%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=39&ev=0ff19b8c3ec9405985ece597fc17608a&pname=YieldMo&api-tier=2&uid=VEeM___OOM_hTP3txScq&gdpr=0
Request Chain 602
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=0ff19b8c3ec9405985ece597fc17608a&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DTelaria%26api-tier%3D2%26uid%3D%5BTVUSER_ID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=5&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Telaria&api-tier=2&uid=008410ddebd446a4b181f6db24908d78
Request Chain 603
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=28745898956b3019f07ebd41b5237fbb&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Request Chain 606
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0&_cvt=t HTTP 302
  • https://cks.connatix.com/cks?pid=1&ev=0ff19b8c3ec9405985ece597fc17608a&pname=SundaySky&api-tier=2&uid=d6.6769bbccd8c647bd923a5a61cd52dbd2
Request Chain 607
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DResetDigital%26api-tier%3D2%26uid%3D%24USER_ID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=35&ev=0ff19b8c3ec9405985ece597fc17608a&pname=ResetDigital&api-tier=2&uid=00000127E0EC63B0
Request Chain 608
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DSonobi%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=43&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Sonobi&api-tier=2&uid=6da7a73d-c934-4847-ac54-caabe4abbf80
Request Chain 609
  • https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3d0ff19b8c3ec9405985ece597fc17608a%26pname%3dSharethrough%26api-tier%3d2%26uid%3d%7BUSER_ID%7D HTTP 302
  • https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=58ae8b8f-0bc8-4085-bd8f-708b5e638f6c&gdpr=0&gdpr_consent=null
Request Chain 611
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DAdelphic%26api-tier%3D2%26uid%3D%24%7BADELPHIC_CUID%7D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=29&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Adelphic&api-tier=2&uid=eb1d2174-4993-4a4f-b612-9f916f5fd710
Request Chain 612
  • https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d0ff19b8c3ec9405985ece597fc17608a%26DemandPartnerName%3dOpenX%26tier%3d2%26DemandPartnerUserId%3d HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=8&UserId=0ff19b8c3ec9405985ece597fc17608a&DemandPartnerName=OpenX&tier=2&DemandPartnerUserId=42ab2b36-f17d-4f5e-8275-370190d39002
Request Chain 613
  • https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D31%26UserId%3D0ff19b8c3ec9405985ece597fc17608a%26DemandPartnerName%3DMediaNet%26tier%3D2%26DemandPartnerUserId%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=31&UserId=0ff19b8c3ec9405985ece597fc17608a&DemandPartnerName=MediaNet&tier=2&DemandPartnerUserId=3479141726634070000V10
Request Chain 615
  • https://capi.connatix.com/us/google/pixel?tier=2&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=MGZmMTliOGMzZWM5NDA1OTg1ZWNlNTk3ZmMxNzYwOGE&extra1=0ff19b8c3ec9405985ece597fc17608a&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport
Request Chain 618
  • https://cks.connatix.com/cks?pid=24&ev=0ff19b8c3ec9405985ece597fc17608a&pname=IronSource&api-tier=2&uid=j4R8jLgzCj_s&direct=1 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=j4R8jLgzCj_s&UserId=&tier=2
Request Chain 642
  • https://pix.cdnwidget.com/redirect?CID=2am8pmX5hRTXg9VATqe7OWROtEh&DID=2am8pjv4xZlxG37Y4XogUBnvRGL&v=&iv=&deviceid=3217281597318133101&visitid=1704912578073970&wsid=2054&apikey=2^HIykD HTTP 302
  • https://pippio.com/api/sync?pid=5749 HTTP 307
  • https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none

651 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/ 		169 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
4ea4e8f1fafaf11db13cc93a53ee9176b88caec72c6535cf1d9f5b707d047943
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1883
cache-control
max-age=300, must-revalidate
content-encoding
br
content-length
40879
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
content-type
text/html; charset=UTF-8
date
Wed, 10 Jan 2024 18:49:25 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.courant.com/wp-json/>; rel="https://api.w.org/" <https://www.courant.com/wp-json/wp/v2/posts/6274276>; rel="alternate"; type="application/json" <https://wp.me/pe82KB-qke0>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache
grace
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
jfk2 123 242 443
measuredvibrant.css
www.courant.com/wp-content/themes/assets/static/css/ 		652 KB
137 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/themes/assets/static/css/measuredvibrant.css?ver=1704829726
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c2e3024c8a6340ec2e2b7893f2e2bfe38bdf408efdc2574777c042b515ccd1bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 242 443
last-modified
Tue, 09 Jan 2024 19:48:46 GMT
server
nginx
etag
W/"659da31e-a31d5"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
screen.min.css
www.courant.com/wp-content/plugins/site-plugins/site-tribune/static/css/ 		310 B
493 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/plugins/site-plugins/site-tribune/static/css/screen.min.css?m=1689894428g
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
78f8f8f0813254a9c234ef6d928172e3dc13b583cf8443e360f03d6d230ddf5e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
x-rq
jfk2 123 242 443
last-modified
Thu, 20 Jul 2023 23:07:08 GMT
server
nginx
etag
"64b9be1c-136"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
310
htlbid.css
htlbid.com/v3/courant.com/ 		1 KB
545 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://htlbid.com/v3/courant.com/htlbid.css?ver=6.4.2
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.200.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-200-129.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8bd6af2d953e076cb3e255e0c2328e020c672632302230f9896e07b2ba01ca65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:39:55 GMT
content-encoding
br
via
1.1 f730784cbe894bb457fd22763926fb8a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 14:44:41 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P5
age
572
x-amz-server-side-encryption
AES256
etag
W/"a1a24bc8de60aa36a1b2db034c6f5a6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=600
x-amz-cf-id
cRN8XJFKY98kh10W8hT0Ab909Jm5nuZmZNaDkYTd41P0NfcsZr2npQ==
style.css
www.courant.com/wp-content/client-mu-plugins/src/Sitemap/includes/ 		880 B
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/client-mu-plugins/src/Sitemap/includes/style.css?m=1670257970g
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 242 443
last-modified
Mon, 05 Dec 2022 16:32:50 GMT
server
nginx
etag
W/"638e1d32-370"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
mng-digisubs.styles.css
www.courant.com/wp-content/plugins/mng-digisubs/static/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/plugins/mng-digisubs/static/mng-digisubs.styles.css?ver=6.4.2
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0874eeee48290f8f793734937ac14734684ec3c2225ab35a47bcd3587543841b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 242 443
last-modified
Fri, 05 Jan 2024 21:01:46 GMT
server
nginx
etag
W/"65986e3a-3b08"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
mobile-adhesion-style.css
www.courant.com/wp-content/client-mu-plugins/src/Ads/assets/css/ 		1 KB
577 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/client-mu-plugins/src/Ads/assets/css/mobile-adhesion-style.css?m=1670257970g
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6ef1aa2d1945fd9fb1bd4eb00c603d868f89477a33e9ec2ef7c7035c5a16df31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 242 443
last-modified
Mon, 05 Dec 2022 16:32:50 GMT
server
nginx
etag
W/"638e1d32-441"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 		56 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 Jan 2024 18:49:26 GMT
x-content-type-options
nosniff
content-encoding
br
age
23713857
x-jsd-version
1.5.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8819
x-served-by
cache-fra-eddf8230021-FRA, cache-ewr18173-EWR
x-jsd-version-type
version
etag
W/"e199-MKfLdwDci4zij+cy307LMP/uJk4"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=6.4.2
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a427ed185d88f3532615503efeec9c1afc35cb984aeda357b789701d152747d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 17:26:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 18:49:26 GMT
/
www.courant.com/_static/ 		113 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/_static/??-eJyNjMEKAjEMRH/INK0KrgfxU2TJhhJtm0JSFv/e9eDB295mhjcP1w6kzbk51gG9jCzN8MneZ3pBOoYrVl1GYcNVlsxu6Nqhq23J/F04kNkBd3ge0ghNSeYCRbPaXwlV2m7Vxv2G7+deb+kSz9MpTjF9ACcdS4g=
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b78095213882a04fa62a8b756f8f51707dd05975c09efdc66f19ccd88e36acf6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 243 443
last-modified
Tue, 09 Jan 2024 20:06:41 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
osano.js
cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/ 		434 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:e200:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
d7b5d2a2631bcf87565380eba73fc1931d85a491d55399c5485c1f06bcb74d4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:23:17 GMT
content-encoding
br
via
1.1 71c1b7cb74a6a3840a4f2be73ffddc84.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P2
age
37589
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
112082
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Jan 2024 21:53:41 GMT
server
CloudFront
etag
"8c0b258702758d08965f40497fafa6d0"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
zibV7SzYCI--Hu-JpHOb8u9aupkCo2ZQ7owfjtMce7qmobqdaSe4jw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 17:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 17:29:35 GMT
htlbid.js
htlbid.com/v3/courant.com/ 		470 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.200.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-200-129.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11b81a77b7809238b43ce7755743fc499d1d5dcca1959938956bd03d59f492a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:39:58 GMT
content-encoding
br
via
1.1 f730784cbe894bb457fd22763926fb8a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 14:44:42 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P5
age
569
x-amz-server-side-encryption
AES256
etag
W/"4d2f8425dcda72d3cd29340051e9e5c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600
x-amz-cf-id
1xG7FRUFAYNNLXZP5_6dXb5qYzTCDpBEQw7Xxl5Ip4zQen_H_m2otQ==
sso-tools.min.js
www.courant.com/wp-content/client-mu-plugins/src/SSO/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1670257970g
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
feb0e7f17014201ea9124f23e3f63965411385abf0103fc682595d0674087a0c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 242 443
last-modified
Mon, 05 Dec 2022 16:32:50 GMT
server
nginx
etag
W/"638e1d32-1536"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
loader.min.js
www.courant.com/wp-content/plugins/loader-wp/static/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.6.1
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
32debe5989f645e2e9948ecd51cf6ec713893d4e9a95e4d01898c866df1b3942

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 242 443
last-modified
Thu, 07 Dec 2023 22:16:43 GMT
server
nginx
etag
W/"6572444b-a0cb"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
engageLibrary.min.js
www.courant.com/wp-content/plugins/loader-wp/static/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/plugins/loader-wp/static/engageLibrary.min.js?m=1704481379g
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c4b19f053d886a3d653df62c0f59695c9654dca1bdbe4498b2083a927c3e8ff2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 243 443
last-modified
Fri, 05 Jan 2024 19:02:59 GMT
server
nginx
etag
W/"65985263-4ae5"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
auth0-spa-js.production.js
cdn.auth0.com/js/auth0-spa-js/1.13/ 		105 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/auth0-spa-js/1.13/auth0-spa-js.production.js?ver=6.4.2
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2616:800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
6AzkYKZDwDnSxmQe5SqIWFlWTPBMtbyI
content-encoding
gzip
via
1.1 31ab6a69a955ba22ff90036cd9977e74.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 17:19:49 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
ORD56-P8
age
5378
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Thu, 07 Jan 2021 14:32:49 GMT
server
AmazonS3
etag
W/"8bea9e0d733d097381a1b5eb8c40983d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10800,public
x-robots-tag
noindex
x-amz-cf-id
6uJhbi1vV5zA14gm68f-ny29JjW5A5ZmI1OIDwReDF7F6PNuyg8RjA==
client
accounts.google.com/gsi/ 		207 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client?ver=6.4.2
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cd9e7e200e5f13fa3479e118c3c92f904c8b7b176072dffadc63a2ec8ccd9ef
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-5T5o2kmVxK0uL6zgXDOuBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-5T5o2kmVxK0uL6zgXDOuBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 10 Jan 2024 18:49:26 GMT
/
www.courant.com/_static/ 		363 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/_static/??-eJylzM0OQDAQBOAXoouIn4O4eo2iaVbaJXYbHl+dxJXTJJOZD44tnVYSQwKbCxaJwZNNZ7TIYWRg0YLTq1NeI6kx0OyMWjiBL0Y8kDnlLxPHKM74mPzXCjjoG9gfqPddXmdlU7R1US0Xv2txHg==
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
883c4686a61f14b8dfa2f869d37f3ee76d0538b6be2bf21ead92c7e2b9f8dcbb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 243 443
last-modified
Tue, 09 Jan 2024 19:48:46 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
script.js
p030.courant.com/ 		136 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p030.courant.com/script.js
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-56.ord56.r.cloudfront.net
Software
- /
Resource Hash
5686bcb387468aa4aee44c7777977fb187f48cd6c324171647e2342ebfac423b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 14e9a88a1a4a0e2e4fc6d487bbbfc7f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
ORD56-P9
age
137
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
41846
x-xss-protection
1; mode=block
last-modified
Wed, 10 Jan 2024 18:47:02 GMT
server
-
etag
2fd7d8ab5ca09052f21fa4dc48385200
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
l3we6XhB3sawcEQ1Ze8Qcq0c_kAzlAYITgZJxu6GTtOFxft2boQ22g==
expires
Wed, 10 Jan 2024 18:57:09 GMT
mng-digisubs.articleShare.bundle.js
www.courant.com/wp-content/plugins/mng-digisubs/static/ 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/plugins/mng-digisubs/static/mng-digisubs.articleShare.bundle.js?m=1704488506g
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
069e90146f2cb9ce71331f05f526c9bfe94a9a9f48a06852218745d511d2f702

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 242 443
last-modified
Fri, 05 Jan 2024 21:01:46 GMT
server
nginx
etag
W/"65986e3a-cb3a"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
hartford.png
www.courant.com/wp-content/uploads/2023/01/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.courant.com/wp-content/uploads/2023/01/hartford.png
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
03aabb73c030ff20d2305e55bf0efb077a40a20d418105df4324b44e7a4b5937

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
x-rq
jfk2 102 32 443
last-modified
Sat, 06 May 2023 03:11:04 GMT
server
nginx
etag
"6cf56975264da0f3"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
14514
bdbdd8c396fa1d09b91168a11417a715
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/bdbdd8c396fa1d09b91168a11417a715?s=85&d=mm&r=g
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
71e1a06d13bea786011fa2c23f050fd7f089132058147df71e55e24436af739e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc
HIT jfk 1
date
Wed, 10 Jan 2024 18:49:26 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="bdbdd8c396fa1d09b91168a11417a715.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/bdbdd8c396fa1d09b91168a11417a715?s=85&d=mm&r=g>; rel="canonical"
content-length
1374
alt-svc
h3=":443"; ma=86400
expires
Wed, 10 Jan 2024 18:54:26 GMT
index.js
tags.remixd.com/player/v5/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.remixd.com/player/v5/index.js?cb=%%CACHEBUSTER%%
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.247.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-247-29.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
gzip
via
1.1 b82e397c7b4730dc8bbb7499c52486a0.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD51-C4
age
1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
10041
last-modified
Tue, 31 Oct 2023 15:34:26 GMT
server
AmazonS3
etag
"57b6f8ad4125903b7e06bb427c232d10"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=1800
accept-ranges
bytes
x-amz-cf-id
TYnhizqjW0fsDF0xccgSqbQWItE8DcCEE4HAMJZkwSTFkvopf7pZDw==
/
www.courant.com/_static/ 		150 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/_static/??-eJyVj8EOgkAMRH/ItZBojAfjtyBUKO62m21Xo18vGDmQGCLHTud1pvCIrhY2ZIPoc0usoGToZoMlumRGUKuMaujn8jYQb3vdwI9bgVvXmYdKFU2hIbVJc0EaXWJjJyZ8Je/hjtxIgki15YSjtA701eup9MJZHnHtc4M6/vMp9jUPqyj+OfKDB5P9AyVscfBWJsmlzEYBV2Yt2juR21T+HE7loSiPxb7Y7fo3ETapAg==
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7d2a0320ddcdb3e97798125f918113ef7d369db6063fc57d8a366e61844376e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 242 443
last-modified
Wed, 06 Dec 2023 23:24:04 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
i18n.min.js
www.courant.com/wp-includes/js/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 242 443
last-modified
Wed, 06 Dec 2023 23:24:04 GMT
server
nginx
etag
W/"65710294-24e5"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
loader.js
www.courant.com/wp-content/mu-plugins/wp-parsely-3.12/build/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/mu-plugins/wp-parsely-3.12/build/loader.js?m=1704830801g
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
57298ae9c2168c3f86b4f4e67b9b6a222ce706ed3c8191f391c03d37760d253e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 242 443
last-modified
Mon, 08 Jan 2024 21:07:46 GMT
server
nginx
etag
W/"659c6422-bf9"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
p.js
cdn.parsely.com/keys/courant.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/courant.com/p.js?ver=3.12.0
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.168.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-168-45.ord52.r.cloudfront.net
Software
nginx /
Resource Hash
e9f03a7ff32a451ae6f519e934f9e3f5c4d0a322cbbb3730dae348a37913cb99

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
public
date
Wed, 10 Jan 2024 10:42:48 GMT
content-encoding
gzip
via
1.1 de33a243d95a626772ee38d6f5849f96.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jan 2022 19:15:41 GMT
server
nginx
x-amz-cf-pop
ORD52-C2
age
29198
etag
W/"61d5ee5d-df40"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
IA6y2b5AXla4RiD5VY2fivovchqQosiTSMLgkrq7mAZb9Poahnbdsg==
expires
Thu, 11 Jan 2024 10:42:48 GMT
ads.js
www.courant.com/wp-content/themes/wp-mason/static/js/ 		87 B
279 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
x-rq
jfk2 123 242 443
last-modified
Mon, 05 Dec 2022 16:32:51 GMT
server
nginx
etag
"638e1d33-57"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
87
/
www.courant.com/_static/ 		109 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/_static/??-eJyVy8ENgzAMBdCFaAwSBS5VZwmpEUljB/ENqNv3wgDw7o+O5RGKGquRzSwM8gAbCOYtBkqgUESKujBv+nUS1SVUdOEtJf+mmDPuJGGPbeXPHsfVq531La+mr9t2GJ51l/5o4EMd
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1e64afc7583841e3516550cef644b1788566f2f853f680b7bb682230d7981acd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 243 443
last-modified
Fri, 05 Jan 2024 21:01:46 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
load.js
s.ntv.io/serve/ 		621 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.7.17.42 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-17-42.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
573d17471db486e8c1db97968103afd30442952396917f633312ab4b0fc2bcf3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 18:49:26 GMT
Content-Encoding
gzip
x-amz-request-id
E1TXN1EQYSBH4AFG
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
/CSH71RljzM0tC7m8TZwN2L/ISQTtIJt8AHwWHnFWKfrUNquiJz+BYJ3BTOkPNmQ/AK9thyZi+8=
Last-Modified
Tue, 09 Jan 2024 16:00:28 GMT
Server
AmazonS3
ETag
"84c06ac06d449c75d911853d474891fa"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
logo-img-attr.min.js
www.courant.com/wp-content/themes/wp-mason/static/js/ 		178 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/themes/wp-mason/static/js/logo-img-attr.min.js?m=1703703349g
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a5967883c65d3ba40dad64176a4c6abbb541ae08e20b34f01190468199e1ccff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
x-rq
jfk2 123 243 443
last-modified
Wed, 27 Dec 2023 18:55:49 GMT
server
nginx
etag
"658c7335-b2"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
178
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.29.5/
Redirect Chain
  • https://embed.sendtonews.com/player3/embedcode.js?fk=iLgdKCFX&cid=4650&offsetx=0&offsety=112&floatwidth=400&floatposition=bottom-right&ver=1.0.0
  • https://embedcdn.sendtonews.com/easy-stn-player/7.29.5/embed.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/7.29.5/embed.js
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
13.226.22.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-22-119.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
918a419c970e210046edf189b9a7827b27e65013325a8ce2793624d762ba3ca3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:06 GMT
x-amz-version-id
1FaJkdIpGd5ZWIC2Iq2.YSouYLr.sjlq
content-encoding
br
last-modified
Thu, 21 Dec 2023 20:29:11 GMT
server
AmazonS3
via
1.1 2b26355dcf9bbc955d60730f6007457c.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD51-C2
etag
W/"524b5b826dc5c339fc2a5115ed0cef0b"
age
22
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
89q_qtKUOKWbpxrY_PlGr5ESN7YmrSNcIMlkoJAlA9dsgHdB7rnghA==

Redirect headers

date
Wed, 10 Jan 2024 18:49:26 GMT
via
1.1 2b26355dcf9bbc955d60730f6007457c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ORD51-C2
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/7.29.5/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
th73d4MzproYwGKaJZjKH9UjPKdniuo2H8tSFCUt1vcej9wjQno0UA==
e-202402.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202402.js
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT yyz
date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402356353.6772
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Mon, 06 Jan 2025 16:25:11 GMT
pushly-sdk.min.js
cdn.p-n.io/ 		274 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=uNLCCm8o5TTAvGr56m24wQ93i6Yy82aJgLgI&ver=6.4.2
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.85.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-85-53.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e190dd0ccce3b4292395cbd20dbfd61c30c5778080ba3b60826f159e0f596e45

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:07 GMT
content-encoding
gzip
via
1.1 b5d0d50a85cb855c8d83851f71d078e2.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jan 2024 18:25:32 GMT
server
AmazonS3
x-amz-cf-pop
ORD52-C1
age
20
x-amz-server-side-encryption
AES256
etag
W/"49b7479caab15a0d7ad8d5dc0a4fcd85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
ohqGK-ZCwYe7o9H77AW2GpGvvG587X8W-aD538GDMV9DnrZef4Speg==
sharing.min.js
www.courant.com/wp-content/mu-plugins/jetpack-12.9/_inc/build/sharedaddy/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/mu-plugins/jetpack-12.9/_inc/build/sharedaddy/sharing.min.js?ver=12.9.3
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
br
x-rq
jfk2 123 243 443
last-modified
Mon, 08 Jan 2024 21:07:45 GMT
server
nginx
etag
W/"659c6421-2259"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
f2f67a2b-d05b-4c55-80b5-73c5b2bd11c8
https://www.courant.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.courant.com/f2f67a2b-d05b-4c55-80b5-73c5b2bd11c8
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
15cd6795-7dff-4654-97a8-3a3d8b6ca822
https://www.courant.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.courant.com/15cd6795-7dff-4654-97a8-3a3d8b6ca822
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
polyfill.min.js
polyfill.io/v3/ 		104 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.courant.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 Jan 2024 18:49:26 GMT
age
1917414
detected-user-agent
Chrome Mobile WebView/120.0.6099
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/120.0.0
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
session
session.courant.com/api/ 		112 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://session.courant.com/api/session
Requested by
Host: www.courant.com
URL: https://www.courant.com/_static/??-eJylzM0OQDAQBOAXoouIn4O4eo2iaVbaJXYbHl+dxJXTJJOZD44tnVYSQwKbCxaJwZNNZ7TIYWRg0YLTq1NeI6kx0OyMWjiBL0Y8kDnlLxPHKM74mPzXCjjoG9gfqPddXmdlU7R1US0Xv2txHg==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.218.144.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-218-144-235.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3dddc9ec1713ed777eb9873d6911e812e11344360a7945ed6206ab09e1948b40

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
https://www.courant.com
date
Wed, 10 Jan 2024 18:49:26 GMT
access-control-allow-credentials
true
content-length
112
vary
Origin
content-type
application/json; charset=utf-8
cs
tribune.blueconic.net/DG/DEFAULT/ 		16 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tribune.blueconic.net/DG/DEFAULT/cs?&callback=bc_json184
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.205.77.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-77-188.compute-1.amazonaws.com
Software
- /
Resource Hash
9e4814535de0c5c17a0f79704d21e93926818ba866289f28a9396b8900bae7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
connatix.player.js
cds.connatix.com/p/407046/ Frame 111E
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/407046/connatix.player.js
1 MB
299 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/407046/connatix.player.js
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8dbf30fedf7215cc1db8ccdf95705cfc4ab1afe1951ef1d4a5aec32ac601d74

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:27 GMT
x-amz-version-id
gkO1O_HqMi66oQW1enSHcBySWHM9iORU
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 10 Jan 2024 16:03:10 GMT
server
cloudflare
etag
W/"078d8163aa6437095b2b5dfe69d4b555"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
84371997dd6a39e9-YYZ
access-control-allow-headers
range
expires
Thu, 09 Jan 2025 18:49:27 GMT

Redirect headers

date
Wed, 10 Jan 2024 18:49:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
location
https://cds.connatix.com/p/407046/connatix.player.js
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
843719968aa939e9-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		586 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08843959f236cd145955f76ad34567784505ecfbfe89a443b8f7adf47db65bfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141442
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Jan 2024 18:49:26 GMT
truncated
/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69e30805defbf34fa451a87b0d7c41026d31d627fcb0cc8a2b63a8fd87d08888

Request headers

Referer
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
font/truetype
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 15:28:27 GMT
x-content-type-options
nosniff
age
12059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 15:28:27 GMT
0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 02:44:48 GMT
x-content-type-options
nosniff
age
230678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35888
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 21:45:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 02:44:48 GMT
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 Jan 2024 18:49:26 GMT
x-content-type-options
nosniff
age
5513260
x-jsd-version
1.5.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
90528
x-served-by
cache-fra-eddf8230031-FRA, cache-nyc-kteb1890070-NYC
x-jsd-version-type
version
etag
W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 03:15:05 GMT
x-content-type-options
nosniff
age
315261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Jan 2025 03:15:05 GMT
hartford.png
www.courant.com/wp-content/uploads/2023/01/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.courant.com/wp-content/uploads/2023/01/hartford.png
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
03aabb73c030ff20d2305e55bf0efb077a40a20d418105df4324b44e7a4b5937

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
x-rq
jfk2 102 32 443
last-modified
Sat, 06 May 2023 03:11:04 GMT
server
nginx
etag
"6cf56975264da0f3"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
14514
JUEPDEFSJ5CSZH3GHJUK4WGUU4.jpg
www.courant.com/wp-content/uploads/migration/2021/05/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.courant.com/wp-content/uploads/migration/2021/05/10/JUEPDEFSJ5CSZH3GHJUK4WGUU4.jpg?w=879
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
89a0ddaa4fc2c3c3007953431933ccb96eec303ece5db61f8b87670009e0e7be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:26 GMT
x-rq
jfk2 100 143 443
last-modified
Wed, 10 Jan 2024 13:50:27 GMT
server
nginx
etag
"863dfa780eace60e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9100
/
p1.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1704912566953&plid=54613461&idsite=courant.com&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&sref=&sts=1704912566943&slts=0&title=CT+man+sentenced+for+downloading+child+abuse+videos+from+dark+web&date=Wed+Jan+10+2024+08%3A49%3A26+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=60763451&u=pid%3D0483862c2d22edf36d8f93b8a0880d66
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 18:49:27 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 10-Jan-2024 18:49:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
common.chunk.min.js
www.courant.com/wp-content/themes/assets/static/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/themes/assets/static/js/common.chunk.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
br
x-rq
jfk2 123 242 443
last-modified
Fri, 05 Jan 2024 21:01:46 GMT
server
nginx
etag
W/"65986e3a-a619"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
common-async.chunk.min.js
www.courant.com/wp-content/themes/assets/static/js/ 		64 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/themes/assets/static/js/common-async.chunk.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7c51552210cf46e54bf684795ac5ac9b03af17e73f0c96fbf03a798ecb56e49e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
br
x-rq
jfk2 123 243 443
last-modified
Fri, 05 Jan 2024 21:01:46 GMT
server
nginx
etag
W/"65986e3a-10029"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
measuredvibrant-async.chunk.min.js
www.courant.com/wp-content/themes/assets/static/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-content/themes/assets/static/js/measuredvibrant-async.chunk.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b9b255031ea3667a75c31a52b4608aae035fbb22b72e257a29a4fb1f84db1a10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
br
x-rq
jfk2 123 243 443
last-modified
Fri, 05 Jan 2024 21:01:46 GMT
server
nginx
etag
W/"65986e3a-c79"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79DC) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
355
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (nya/79DC)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
95832e74-b01e-00b5-07f4-4369c5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 10 Jan 2024 19:19:27 GMT
loader-config.json
loader-cdn.azureedge.net/prod/dfm/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/dfm/loader-config.json
Requested by
Host: www.courant.com
URL: https://www.courant.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C73) /
Resource Hash
5ce0cb7f558c1aca9c6e94c7d85d76db859218132923c039b7ef7b38a29f8dfd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
gzip
content-md5
1iDtMuqZEAqLGRPxG2wEug==
age
38996
x-cache
HIT
content-length
1300
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 07:44:01 GMT
server
ECAcc (nya/1C73)
etag
0x8DB6B18C9F2D8E6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
8da395de-401e-0052-799a-438b56000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
courant.com
pubcast-files.remixd.com/player-configs/ 		25 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubcast-files.remixd.com/player-configs/courant.com
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js?cb=%%CACHEBUSTER%%
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e4699bcee6722a3a482407adaa52c56ec8b7186b6932f16a444bde12f6e5b25e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:47:15 GMT
age
132
x-guploader-uploadid
ABPtcPrzV6m_PZricaNCAp1iEM7ZB5qWgkMlwRQdnNqJF2SrftM5PS7SJrGDNxWBfbMpggykgmKJerxf7wMnYcZWhaHJjw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25143
last-modified
Thu, 25 May 2023 17:30:02 GMT
server
UploadServer
etag
"382cfea0acfa9c36f4b51ffb7130bc18"
x-goog-generation
1685035801963752
x-goog-hash
crc32c=RmAmNA==, md5=OCz+oKz6nDb0tR/7cTC8GA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-meta-cache-control
public, no-cache, must-revalidate
x-goog-stored-content-length
25143
accept-ranges
bytes
content-type
application/json
expires
Wed, 10 Jan 2024 19:47:15 GMT
183
p030.courant.com/DG/DEFAULT/rest/rpc/ 		74 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p030.courant.com/DG/DEFAULT/rest/rpc/183?referer=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-01-10T08%3A49%3A27-10%3A00&ts=1704912567118
Requested by
Host: p030.courant.com
URL: https://p030.courant.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-56.ord56.r.cloudfront.net
Software
- /
Resource Hash
9b3b142b29f36e8a1d4872537290ec86455fa515c30d45a5baad938c1ac5e024
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 14e9a88a1a4a0e2e4fc6d487bbbfc7f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
ORD56-P9
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
15069
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
Qqa-s1I4NJW7Jex_qOFuH_bXfT-OZoUEEomeLLRYRYRuWRDwap-Fgg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
9092eaf0-c6ef-45f5-87d8-796a9395d2d7
https://www.courant.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.courant.com/9092eaf0-c6ef-45f5-87d8-796a9395d2d7
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
/
cmp.osano.com/ Frame 6C11 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:e200:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
81195
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Tue, 09 Jan 2024 20:16:14 GMT
etag
W/"287b497c992487af362d33204f87d28f"
last-modified
Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 71c1b7cb74a6a3840a4f2be73ffddc84.cloudfront.net (CloudFront)
x-amz-cf-id
LnDDyxbsuVqRTyaGkMDfNSO9y3fH3OD_PtYLX6S14RWg-mgVYcDUQw==
x-amz-cf-pop
IAD12-P2
x-amz-version-id
xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=208785905&post=6274276&tz=-5&srv=www.courant.com&hp=vip&j=1%3A12.9.3&host=www.courant.com&ref=&fcp=1079&rand=0.7234055500511654
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Jan 2024 18:49:27 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
wp-emoji-release.min.js
www.courant.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
br
x-rq
jfk2 123 242 443
last-modified
Wed, 06 Dec 2023 23:24:04 GMT
server
nginx
etag
W/"65710294-4904"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G1--&gcd=11l1l1l1l5&rnd=1344068758.1704912567&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abus...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&gcd=11l1l1l1l5&rnd=1344068758.1704912567&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-...
42 B
588 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&gcd=11l1l1l1l5&rnd=1344068758.1704912567&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&dma=0&tcfd=10000&gtm=45He4180n71TLFP4Rv71194413
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&gcd=11l1l1l1l5&rnd=1344068758.1704912567&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&dma=0&tcfd=10000&gtm=45He4180n71TLFP4Rv71194413
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 Jan 2024 17:39:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4178
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 10 Jan 2024 19:39:49 GMT
0.min.js
b-code.liadm.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/0.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24d4:d000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a223b84fa3777992db58301194a1e69b24da79ee6fea005c2e17cc6fef49452d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:05:44 GMT
content-encoding
gzip
via
1.1 43af2ec1becf07da0a09b43135838da4.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD58-P5
age
9823
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
BeJHg1z0fmOt3gJ8U8oL1_j5jEr_OG-lPZNievjAao8luvLGNqaVtA==
a-05ac.min.js
b-code.liadm.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-05ac.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24d4:d000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
455c7ef154d40349b8a46a6d56eea2b032d21e19dadf5a73a8e2094148d24073

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 19:17:11 GMT
content-encoding
gzip
via
1.1 43af2ec1becf07da0a09b43135838da4.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD58-P5
age
84736
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
mtDWbu07kmzt6ZtrMqdS3cLk8kuIxyJOArWo7ZuV0HoPzfeOrz7BUQ==
sign_me_up.js
d1y4ng3lozj2yp.cloudfront.net/automatic_signups/v1/ 		154 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1y4ng3lozj2yp.cloudfront.net/automatic_signups/v1/sign_me_up.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.23.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-23-87.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fd411901dd57257a53928db21bd5656edef5d9849dba59317af45c4344362df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:38:49 GMT
Via
1.1 6f5a63f08c741820abad2a0b2a35176c.cloudfront.net (CloudFront)
Last-Modified
Thu, 17 Dec 2020 00:27:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
ORD51-C2
Age
18644
ETag
"ebb8b5b0714d9888b59f1ca5023a8901"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
x-amz-storage-class
INTELLIGENT_TIERING
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
157532
X-Amz-Cf-Id
ujwBA9Z9GX7MHwnJIRsIPxBO0zFifH_n0RympgohkCGTc1-Bqr1dvQ==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1704912567285&ns_c=UTF-8&c8=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&c7=https%3A%2F%2Fwww.coura...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1704912567285&ns_c=UTF-8&c8=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&c7=https%3A%2F%2Fwww.cour...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1704912567285&ns_c=UTF-8&c8=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&c7=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&c9=
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
18.160.200.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-200-115.ord56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:27 GMT
via
1.1 7bb50070cb50e51e99a51b4014f75d6a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ORD56-P5
x-amz-cf-id
UhalitrsF9lwFbY2kdy0UL4oGy1xbGKgZzjSYAVQR5fh6ZOutXFxFg==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 10 Jan 2024 18:49:27 GMT
via
1.1 7bb50070cb50e51e99a51b4014f75d6a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ORD56-P5
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6035443&ns__t=1704912567285&ns_c=UTF-8&c8=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&c7=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&c9=
content-length
0
x-amz-cf-id
0SqLCEQtFTcO27nlZ06GRDeTFtV6NcK-fdg7UHwPJVCmna_nBpZjzg==
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/7.29.5/ 		684 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.22.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-22-119.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3695aa98cdae7224177c6f3a99837e5593aa3a5ea882d2ddccd6f00e51bf04ff

Request headers

Referer
https://www.courant.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:48:38 GMT
x-amz-version-id
0sPD71b8xSdHFzvSETrdoAH1E4.gQn3W
content-encoding
br
last-modified
Thu, 21 Dec 2023 20:29:12 GMT
server
AmazonS3
age
50
x-amz-cf-pop
ORD51-C2
etag
W/"c8ed0f69efac0ec4e4e923102d359528"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
via
1.1 7bae3892a4b9b7cb601b5d663d98de74.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
-Zbcee8nX2OIObWwqJ9DjzX5wMt4Fg7mvn0QTmGGLbkDyLvOC9EMXg==
51f0a6c47cee4a664a92b67e0d552d94
p030.courant.com/plugin/plugin/ 		145 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p030.courant.com/plugin/plugin/51f0a6c47cee4a664a92b67e0d552d94
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-56.ord56.r.cloudfront.net
Software
- /
Resource Hash
5757f49e783830cc9fc1f2d675544f1a315c69952d203ea1331d3a55ac46d230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 14e9a88a1a4a0e2e4fc6d487bbbfc7f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
ORD56-P9
age
2457334
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
36838
x-xss-protection
1; mode=block
last-modified
Tue, 12 Dec 2023 08:13:53 GMT
server
-
etag
51f0a6c47cee4a664a92b67e0d552d94
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
eix3zDXgjaI0ReWR_g8pmoHc-KdGH1LHE_SJPB-st2gKuDeQ3IZrGQ==
expires
Thu, 12 Dec 2024 08:13:53 GMT
a0c87691-517d-4e96-bde4-351f9b10f241
https://www.courant.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.courant.com/a0c87691-517d-4e96-bde4-351f9b10f241
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
90231f06-9153-4004-b8ba-cf24ebe197ff
https://www.courant.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.courant.com/90231f06-9153-4004-b8ba-cf24ebe197ff
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
763ca4d5-a159-4614-a43a-bc94db998b02
https://www.courant.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.courant.com/763ca4d5-a159-4614-a43a-bc94db998b02
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
fp.min.js
cdn.mircheigeshoa.com/prod/dfm/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mircheigeshoa.com/prod/dfm/fp.min.js?2024010
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C6F) /
Resource Hash
eab6233096b857ecda13c7f64b1cee3378457faa09df4db474f765029f2fe921

Request headers

Referer
https://www.courant.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
gzip
content-md5
uNbNlIeYZ9WdMaBieS7wbw==
age
6837
x-cache
HIT
content-length
23529
x-ms-lease-status
unlocked
last-modified
Mon, 04 Dec 2023 04:53:57 GMT
server
ECAcc (nya/1C6F)
etag
0x8DBF4850646CDD0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c019d796-b01e-0046-66e5-43c339000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
g2i.min.js
cdn.o1ych4jb.com/prod/dfm/ 		220 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.o1ych4jb.com/prod/dfm/g2i.min.js?2024010
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C5F) /
Resource Hash
2c680585f7539239f507f97c7fb26dbfa6587912dc02ac0a3304fd44ed0e71d7

Request headers

Referer
https://www.courant.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
gzip
content-md5
ZQaVXu7qugpZxdJSUeu8jw==
age
6915
x-cache
HIT
content-length
49063
x-ms-lease-status
unlocked
last-modified
Mon, 04 Dec 2023 04:51:50 GMT
server
ECAcc (nya/1C5F)
etag
0x8DBF484BA8D6C66
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9a1cee4d-f01e-00b3-19e5-435713000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.js
cdn.pranmcpkx.com/prod/dfm/ 		1 MB
398 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/dfm/t8y9347t.min.js?2024010
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C1A) /
Resource Hash
093143c69ab4e2445966c6f11ead651578eb5f27d41bf6b4223bdafb7e2b8ece

Request headers

Referer
https://www.courant.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
gzip
content-md5
Btx3eHF4CLnE1tcwI/UASg==
age
40052
x-cache
HIT
content-length
406855
x-ms-lease-status
unlocked
last-modified
Mon, 04 Dec 2023 05:09:31 GMT
server
ECAcc (nya/1C1A)
etag
0x8DBF48732A29F74
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
903b8ce4-701e-0092-3598-437368000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.css
cdn.pranmcpkx.com/prod/dfm/ 		396 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/dfm/t8y9347t.min.css?2024010
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C04) /
Resource Hash
2daf4f648f61913798a435e8a7de48bc507cef6d1beef4a05e314dad8db6f4bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
gzip
content-md5
KGAI+MIxF0Nl5uOt1Fi9/Q==
age
40045
x-cache
HIT
content-length
55720
x-ms-lease-status
unlocked
last-modified
Mon, 04 Dec 2023 05:09:30 GMT
server
ECAcc (nya/1C04)
etag
0x8DBF487329C5ED0
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
e4805d6e-c01e-0097-2e98-43a1b3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
standard-player.html
tags.remixd.com/player/v5/players/ 		130 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.remixd.com/player/v5/players/standard-player.html
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js?cb=%%CACHEBUSTER%%
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.247.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-247-29.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
818b515528e75d20a6c1714a3b808a2877a724d51c984a0bd9e8c244ce9ce3d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:06 GMT
content-encoding
gzip
via
1.1 a6d603f19a2e0ac32a3fa1d428f95bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD51-C4
age
22
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29827
last-modified
Tue, 31 Oct 2023 15:34:26 GMT
server
AmazonS3
etag
"1a9dd5e9554676ab1900727441a87258"
access-control-max-age
60
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
cache-control
public,max-age=1800
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
yslB1a2PF2XR0udgXxkVSgM9mHsK9T945rNYZCZ-eDPGztbCSeIXwg==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:16:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
2000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 10 Jan 2024 19:16:07 GMT
undefined
www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/undefined
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
date
Wed, 10 Jan 2024 18:49:27 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
content-encoding
br
x-rq
jfk2 123 242 443
server
nginx
age
0
x-powered-by
WordPress VIP <https://wpvip.com>
vary
Accept-Encoding
x-cache
miss
content-type
text/html; charset=UTF-8
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.courant.com/wp-json/>; rel="https://api.w.org/"
4271bd877997374149bf277d8710bacf
p030.courant.com/plugin/library/ 		408 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p030.courant.com/plugin/library/4271bd877997374149bf277d8710bacf
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-56.ord56.r.cloudfront.net
Software
- /
Resource Hash
b0cafd16bf0a7c3f7217d764a4d01f1394bc19052eb6b2cef6ff6800ef7e9459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 14e9a88a1a4a0e2e4fc6d487bbbfc7f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
ORD56-P9
age
2457333
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
133359
x-xss-protection
1; mode=block
last-modified
Tue, 12 Dec 2023 08:13:54 GMT
server
-
etag
4271bd877997374149bf277d8710bacf
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
cR0L-izZYTwcmF2pAZWcNkI5c8voxNvcD4CaoHEPWzrkUJJRrX01Zg==
expires
Thu, 12 Dec 2024 08:13:54 GMT
LB-Zone-3
p030.courant.com/DG/DEFAULT/rest/rpc/183/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p030.courant.com/DG/DEFAULT/rest/rpc/183/LB-Zone-3?referer=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-01-10T08%3A49%3A27-10%3A00&ts=1704912567733
Requested by
Host: p030.courant.com
URL: https://p030.courant.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-56.ord56.r.cloudfront.net
Software
- /
Resource Hash
5038a1e528a859eafbbfebd9619ff9450af4ab50122d33f12cbb3f311b8dd0f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 14e9a88a1a4a0e2e4fc6d487bbbfc7f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
ORD56-P9
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
799
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
9Tr1-yHnkwTZzMnwFOlyaQnM02MiWicjEksPOsZ8CHsPREHZblL3RQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pushly-sdk.min.js
cdn.p-n.io/ 		274 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=uNLCCm8o5TTAvGr56m24wQ93i6Yy82aJgLgI&ver=6.4.2
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.85.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-85-53.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e190dd0ccce3b4292395cbd20dbfd61c30c5778080ba3b60826f159e0f596e45

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:07 GMT
content-encoding
gzip
via
1.1 b5d0d50a85cb855c8d83851f71d078e2.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jan 2024 18:25:32 GMT
server
AmazonS3
x-amz-cf-pop
ORD52-C1
age
21
x-amz-server-side-encryption
AES256
etag
W/"49b7479caab15a0d7ad8d5dc0a4fcd85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
PMSHH3Z1jreDcj2X_kUr5dlLPqXxLTIheuIX_-crIYI2X6Po3TAtcA==
js
www.googletagmanager.com/gtag/ 		280 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VSKJTSMTNP&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b6731e45d4014e5708d0d0f3bb15e8897c9987e301cbaf0ce5ff1bc96f0ffc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94273
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Jan 2024 18:49:27 GMT
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85976c05de46ce57ed5573e315c75d3377b11c946683a4ee81d6092a59032f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 18:15:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 18:49:27 GMT
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 18:49:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 18:49:27 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4084875
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jD78foB9hRNA7cq1JDa9IZ1cFNMvjzTtRego6Y2GS21HGHQxnE7K4H06k%2BGYov7Qv%2BglN4ln%2FLCjBTThm2rqx4NTq0%2Fo%2BoU7SYdP2BEQhD2OUhUeVnNkf%2BoDDDL2WPel7kkSYFtMvhzwr4B7B5nBG25U"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8437199dab5c4bc1-BUF
expires
Mon, 30 Dec 2024 18:49:27 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 65FB 		53 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4100470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pkra0DDjg1B%2BpVhKxMN0fy%2FkiHqZ5L8seYO6DSsHgZqrJ6SkZsYzCsa336Do4Ogd%2Fa%2FiG0kJbCLPsNtkgWeHLtf17qUkVqRXfqmB4C%2FyAxpr2FvAcCfMxQbYMHMWKLxqyoAuPF7P8OXlXzC10qaL5h%2Fh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8437199dab614bc1-BUF
expires
Mon, 30 Dec 2024 18:49:27 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Wed, 10 Jan 2024 18:49:27 GMT
prebid.js
embed.sendtonews.com/library/prebid/8.6.0/ Frame 65FB 		443 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.22.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-22-119.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3e6adbda65d2903f09a41c14896d338479636be883f23fd9c22cfdecdadcd26

Request headers

Referer
https://www.courant.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
i3B_jjvrdw.lF4dn27SHtSate1_g8CWu
content-encoding
br
via
1.1 7bae3892a4b9b7cb601b5d663d98de74.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 08:59:17 GMT
last-modified
Wed, 29 Nov 2023 21:48:59 GMT
server
AmazonS3
age
35411
x-amz-cf-pop
ORD51-C2
etag
W/"4b9ce2a8c4f2b111ada55ff0f82ba870"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
RUPkAkSegdPOthM4WMF0iaXZPwPYgH7nmUKDSkU3ATG4NUyU_kQkJw==
comScore.gt.min.js
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame 65FB 		335 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.22.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-22-119.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer
https://www.courant.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding
gzip
via
1.1 7bae3892a4b9b7cb601b5d663d98de74.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 12:50:15 GMT
last-modified
Thu, 13 Apr 2023 16:36:13 GMT
server
AmazonS3
age
21553
x-amz-cf-pop
ORD51-C2
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
PyDd61K6CcIJ7OkNJzcsFiUk72YoIklNMIoZ5eIxL5-om6XBI7m5MA==
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-122-101.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 14:23:16 GMT
via
1.1 688da22a527fadbd83bf53fec07f5d62.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P6
age
15972
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
AD3mdynW5n46HhQ3pZrCasK7C7QAog_dGSfHA-4K4sv7piOcI1VUyQ==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-122-101.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 15:24:00 GMT
via
1.1 688da22a527fadbd83bf53fec07f5d62.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P6
age
12328
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
kraz7xOH_s6a74Nc6nKPlZXIB4lOAdRSYxIoQTAwrPHu9O4cUwjJHA==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-122-101.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:40:17 GMT
via
1.1 688da22a527fadbd83bf53fec07f5d62.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P6
age
36551
etag
"8be584e844dabfe22970a0cb943c047e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
VjEBYTWJKtEfDdxHMIBWBuqtTITW7My1wE4NdsSZ_xK4W2xbrbqPvA==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-122-101.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:42:08 GMT
via
1.1 688da22a527fadbd83bf53fec07f5d62.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P6
age
440
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
MLJgEe1SqdMn95GRE_Y28v3KcA4FCw3-ARkDs3ZmpK07AsGsgpiVrA==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 65FB 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.166.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-166-127.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:18:55 GMT
content-encoding
gzip
via
1.1 38f01abc783d44e34c757455ac9006ce.cloudfront.net (CloudFront), 1.1 0835ebd52ef8594cd8aa4dac9cfbd9a8.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5, ORD58-P1
age
1833
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
mGd0EgN0ntSaV8JfrBnu7ulRbH8i2HjQjcCskNmCvbhLpq_8Vs3vww==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=FmYvegYy0MS9biop&instance=078127&version=7.29.5&age=240110&cmd=PRE_INIT&key=iLgdKCFX&seq=1&order=1&vIndex=0&absoluteTime=2147.8&relativeTime=0.3&canonical=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/&EXTREF=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/&REF=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.85.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-85-253.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:28 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		38 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=FmYvegYy0MS9biop&instance=078127&version=7.29.5&age=240110&ESG_key=iLgdKCFX&type=FULL&EXTREF=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/&REF=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.22.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-22-119.ord51.r.cloudfront.net
Software
Apache /
Resource Hash
5a349ad08db15df266703b65ecf5066d761196f6d5591419ca8023f5c1281ae5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:27 GMT
content-encoding
gzip
via
1.1 7bae3892a4b9b7cb601b5d663d98de74.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
ORD51-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
alt-svc
h3=":443"; ma=86400
content-length
7822
x-amz-cf-id
wWarF1MFMf1sgwHm_U594_1wu0UflMUzuyQ4OlQeX5bWFDL3Z7VgHQ==
expires
Wed, 10 Jan 2024 18:49:28 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma89701/wp/7/
Redirect Chain
  • https://js.matheranalytics.com/s/ma89701/197837617/wp/ml.js?cb=1644
  • https://js.matheranalytics.com/static/ltm/ma89701/wp/7/ml.br.js
152 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma89701/wp/7/ml.br.js
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
b3a9ee5ee7afb679967d4d0a515021115927eec85cba79e8e0e8986b2224039c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:38:00 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 29 Nov 2023 18:49:41 GMT
server
nginx
age
22288
etag
"30a639203d232114d4ed38712fc6b7cd"
vary
Accept-Encoding
x-cache
HIT Wed, 29 Nov 2023 18:59:08 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45066

Redirect headers

date
Wed, 10 Jan 2024 18:49:27 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma89701/wp/7/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-served-by
3-gc-useast4-r3mf1031
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 03:15:05 GMT
x-content-type-options
nosniff
age
315263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Jan 2025 03:15:05 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f06c1d8c9b27ca63b3ad1ba28ad9aa8e4b3ab782fd1c0f19800d955a2d2bb61

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
cs
tribune.blueconic.net/DG/DEFAULT/ 		66 B
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tribune.blueconic.net/DG/DEFAULT/cs?bcsessionid=d5d42d49-ce66-4d62-b0d4-f2fa3d1bb44f&&callback=bc_json185
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.205.77.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-77-188.compute-1.amazonaws.com
Software
- /
Resource Hash
9b0bf98bed79910e14a1595b645d9a1d095fae0a6fb3e9f23f82c7bdb2150cb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		122 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=3
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2211:1a00:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36df88557f5d9520a8518f1c63c31203a81e8ca3936296cd7fedce2da7fb622c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
vJGOPXg55Eg10ePpe.oKRR8kUd73XmCz
content-encoding
gzip
via
1.1 34ccac3e353c6f55648aa60d390f3c88.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 08:28:54 GMT
last-modified
Wed, 03 Jan 2024 22:00:33 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C4
age
37235
x-amz-server-side-encryption
AES256
etag
W/"89881b677e6e0a30830bf701b3bc6cbe"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=84600
x-amz-cf-id
uJjmDmVEloHrsubOk_ydZIZ_qMEaLWPBWKYX0f6JmH2GmbJuL57IEg==
FUtg69tL.js
cdn.jwplayer.com/libraries/ Frame DCDF 		108 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/FUtg69tL.js
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js?cb=%%CACHEBUSTER%%
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:203a:7600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
402eedb543989ee3d347a3479df01579be2b60dade1d2fe5777817559d5c29c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:48:29 GMT
content-encoding
gzip
via
1.1 688e3f09a2447eda2ae46655f5644a34.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
ORD53-C2
age
59
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
41173
x-amz-cf-id
MEQWIk20v_f6xp-w7B4HvPnh8qwe6NtJc1y4qMAg5G8g8N_CUiRpQg==
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=459813501&t=pageview&_s=1&dl=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&dr=&dp=%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&ul=en-us&de=UTF-8&dt=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEAjBAAAACgFK~&jid=1328855389&gjid=1616053841&cid=221492105.1704912568&tid=UA-40841508-27&_gid=674424301.1704912568&_r=1&_slc=1&gtm=45He4180n71TLFP4Rv71194413&cd2=courant.com&cd3=courant.com&cd4=&cd5=2024-01-10T06%3A00%3A42-05%3A00&cd6=2024-01-10T06%3A00%3A42-05%3A00&cd7=2024-01-10T08%3A37%3A14-05%3A00&cd9=no&cd10=Connecticut%20News&cd11=6.4.2&cd12=&cd13=WP&cd14=Connecticut%20News&cd15=Connecticut%20News&cd16=News&cd17=&cd18=&cd19=&cd20=&cd21=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&cd22=ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web&cd23=6274276&cd24=article&cd25=&cd26=Taylor%20Hartz&cd27=CT%20man%20sentenced%20for%20downloading%20thousands%20of%20child%20abuse%20videos%20from%20dark%20web&cd28=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&cd29=CT%20man%20sentenced%20for%20downloading%20thousands%20of%20child%20abuse%20videos%20from%20dark%20web&cd30=&cd32=&cd33=&cd34=true&cd35=CT%20news%2C%20local%20news%2C%20breaking%20news%2C%20crime%2C%20court%2C%20child%20pornography%2C%20sentencing%2C%20federal%20prison%2C%20prison%2C%20Hartford%20Courant%2C%20North%20Branford%2C%20Connecticut%20news&cd36=1366&cd37=212&cd38=Taylor%20Hartz&cd42=Not%20Set&cd49=false&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&cd51=&cd54=thartz%40courant.com&cd55=Hartford%20Courant&cd61=Not%20Set&cd62=metered&cd63=Not%20Set&cd64=Connecticut%20News%2CNews&cd65=Hartford%20Courant&cd67=None&cd68=None&cd69=None&cd70=None&cd71=None&cd72=none&cd73=none&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cd53=221492105.1704912568&z=540417952
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
stats
p030.courant.com/rest/v2/recommendations/ 		57 B
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p030.courant.com/rest/v2/recommendations/stats?storeId=b186f998-24a5-48c3-8de7-ac0ec3d7191d&action=view&itemId=6274276&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&profileId=undefined&isEntrypage=true&hash=801290dc598010b00aba300b832257b3&lastmodified=1704884442000&referer=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&&callback=bc_json186
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-56.ord56.r.cloudfront.net
Software
- /
Resource Hash
16fbace4b4f556e75cbee6ae291373b9f5c644f72b1e378b6331dae389199bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 14e9a88a1a4a0e2e4fc6d487bbbfc7f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
ORD56-P9
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
77
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
text/javascript;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
x-amz-cf-id
EWiRKkMfUzk_cNK7IGZSCq8Xoyg5t39ZJMqrDfUOnNm8IHZzACBBWA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
stats
p030.courant.com/rest/v2/recommendations/ 		57 B
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p030.courant.com/rest/v2/recommendations/stats?storeId=8c98764a-e3a6-40b9-b610-211aef0f351a&action=view&itemId=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&profileId=undefined&isEntrypage=true&hash=c1e4d1ac3d33c5a5f096e07792918a72&lastmodified=1704884442000&referer=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&&callback=bc_json187
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-56.ord56.r.cloudfront.net
Software
- /
Resource Hash
4b7e9421acd34313d0eaf82df46d005784a3a69ba818fc6343e966b8d94c2411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 14e9a88a1a4a0e2e4fc6d487bbbfc7f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
ORD56-P9
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
77
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
text/javascript;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
x-amz-cf-id
R3PXMY1COalB-xY9osRwvrGSRZITVKWvTJHf8rFKgdP_OGT3_lFtOg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
183
p030.courant.com/DG/DEFAULT/rest/rpc/ 		553 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p030.courant.com/DG/DEFAULT/rest/rpc/183?referer=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-01-10T08%3A49%3A28-10%3A00&ts=1704912568281
Requested by
Host: p030.courant.com
URL: https://p030.courant.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-56.ord56.r.cloudfront.net
Software
- /
Resource Hash
58738994be2d0f281f8b26f0ade4bfb5bbcfedcaa195416f20bfc0c68fd6ea69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 14e9a88a1a4a0e2e4fc6d487bbbfc7f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
ORD56-P9
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
178
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
z4bzr9qhbZKjZqgWbTi3yhxT1LmrasmFhEoo58nODJi-mLyB-ca8rA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
183
p030.courant.com/DG/DEFAULT/rest/rpc/ 		185 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p030.courant.com/DG/DEFAULT/rest/rpc/183?referer=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-01-10T08%3A49%3A28-10%3A00&ts=1704912568282
Requested by
Host: p030.courant.com
URL: https://p030.courant.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-56.ord56.r.cloudfront.net
Software
- /
Resource Hash
fb3476d8077009f208e56a7789625e657d1f652bcfa2c3c4acd7874d9c0b4a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 14e9a88a1a4a0e2e4fc6d487bbbfc7f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
ORD56-P9
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
165
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
bdqPhOdcQZIcFrKPOGx8NzsO5w_ljsOfDz5DcFbEU336-9UXEaxNmg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
183
p030.courant.com/DG/DEFAULT/rest/rpc/ 		185 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p030.courant.com/DG/DEFAULT/rest/rpc/183?referer=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-01-10T08%3A49%3A28-10%3A00&ts=1704912568302
Requested by
Host: p030.courant.com
URL: https://p030.courant.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-56.ord56.r.cloudfront.net
Software
- /
Resource Hash
8bbbc008564b18f50877933f83ac8d8fe2349fbcc17a382d8e298e48d7d7b18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 14e9a88a1a4a0e2e4fc6d487bbbfc7f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
ORD56-P9
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
165
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
lrxb5BlqQAp0fFitp_okO4rEJlBXtqO3xrLPgw5P_-4BwSjIrNGLdg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 		617 B
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1704912568375
Requested by
Host: cdn.mircheigeshoa.com
URL: https://cdn.mircheigeshoa.com/prod/dfm/fp.min.js?2024010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94c55858cb6c9ee771f2c9551e9e76554b1121921bb8606f56872f839db47767

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Jan 2024 18:49:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZY8SGj1%2B3iKosOeor3LFlQBCh73M%2FiZ7Ufou37PurBVFemXm4zZYkXzKzbVFb67pJZRcdayX7F%2BzLc5F4hFlpneMCjtuajlBFqw9U%2BfoQsRUL9aitpT3IlILJS8bWEIOEaW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
843719a0c97936c7-YYZ
alt-svc
h3=":443"; ma=86400
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1704912568380&aid=a-05ac&se=e30&duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&tna=v2.11.4&pu=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-down...
  • https://rp4.liadm.com/j?se=e30&aid=a-05ac&tna=v2.11.4&cd=.www.courant.com&dtstmp=1704912568380&n3pc=true&wpn=lc-bundle&duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&gdpr=0&pu=https%3A%2F%2Fwww.cour...
44 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?se=e30&aid=a-05ac&tna=v2.11.4&cd=.www.courant.com&dtstmp=1704912568380&n3pc=true&wpn=lc-bundle&duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&gdpr=0&pu=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&c=PHRpdGxlPkNUIG1hbiBzZW50ZW5jZWQgZm9yIGRvd25sb2FkaW5nIGNoaWxkIGFidXNlIHZpZGVvcyBmcm9tIGRhcmsgd2ViPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBOb3J0aCBCcmFuZm9yZCBtYW4gaGFzIGJlZW4gc2VudGVuY2VkIHRvIHNldmVuIHllYXJzIGluIGZlZGVyYWwgcHJpc29uIGZvciBkb3dubG9hZGluZyB0aG91c2FuZHMgb2YgdmlkZW9zIGFuZCBwaG90b3Mgb2YgY2hpbGRyZW4gYW5kIGJhYmllcyBiZWluZyBzZXh1YWxseSBhYnVzZWQuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cuY291cmFudC5jb20vMjAyNC8wMS8xMC9jdC1tYW4tc2VudGVuY2VkLWZvci1kb3dubG9hZGluZy10aG91c2FuZHMtb2YtY2hpbGQtYWJ1c2UtdmlkZW9zLWZyb20tZGFyay13ZWIvIj48aDEgY2xhc3M9ImVudHJ5LXRpdGxlIj4KCjxkaXYgY2xhc3M9ImVudHJ5LXNlY3Rpb24iPjxhIGhyZWY9Imh0dHBzOi8vd3d3LmNvdXJhbnQuY29tL25ld3MvY29ubmVjdGljdXQtbmV3cy8iPkNvbm5lY3RpY3V0IE5ld3MgfCA8L2E-PC9kaXY-CQoJCQkJPHNwYW4gY2xhc3M9ImRmbS10aXRsZSBtZXRlcmVkIj4KCQkJQ1QgbWFuIHNlbnRlbmNlZCBmb3IgZG93bmxvYWRpbmcgdGhvdXNhbmRzIG9mIGNoaWxkIGFidXNlIHZpZGVvcyBmcm9tIGRhcmsgd2ViCQk8L3NwYW4-CgoJCgk8L2gxPg&i6=MjYwMjpmZmM4OjI6MTA0OjoxMQ%3D%3D&us_privacy=1---
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
44.210.34.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-34-0.compute-1.amazonaws.com
Software
/
Resource Hash
1d477e221f73b44db4606152b4fba5974a5452c8e53c98fa870acfd63bf42fd1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:28 GMT
x-pixel-event-id
f2cf3855-ff4c-4702-b2e8-eb57a20e0223
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
44

Redirect headers

location
https://rp4.liadm.com/j?se=e30&aid=a-05ac&tna=v2.11.4&cd=.www.courant.com&dtstmp=1704912568380&n3pc=true&wpn=lc-bundle&duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&gdpr=0&pu=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&c=PHRpdGxlPkNUIG1hbiBzZW50ZW5jZWQgZm9yIGRvd25sb2FkaW5nIGNoaWxkIGFidXNlIHZpZGVvcyBmcm9tIGRhcmsgd2ViPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBOb3J0aCBCcmFuZm9yZCBtYW4gaGFzIGJlZW4gc2VudGVuY2VkIHRvIHNldmVuIHllYXJzIGluIGZlZGVyYWwgcHJpc29uIGZvciBkb3dubG9hZGluZyB0aG91c2FuZHMgb2YgdmlkZW9zIGFuZCBwaG90b3Mgb2YgY2hpbGRyZW4gYW5kIGJhYmllcyBiZWluZyBzZXh1YWxseSBhYnVzZWQuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cuY291cmFudC5jb20vMjAyNC8wMS8xMC9jdC1tYW4tc2VudGVuY2VkLWZvci1kb3dubG9hZGluZy10aG91c2FuZHMtb2YtY2hpbGQtYWJ1c2UtdmlkZW9zLWZyb20tZGFyay13ZWIvIj48aDEgY2xhc3M9ImVudHJ5LXRpdGxlIj4KCjxkaXYgY2xhc3M9ImVudHJ5LXNlY3Rpb24iPjxhIGhyZWY9Imh0dHBzOi8vd3d3LmNvdXJhbnQuY29tL25ld3MvY29ubmVjdGljdXQtbmV3cy8iPkNvbm5lY3RpY3V0IE5ld3MgfCA8L2E-PC9kaXY-CQoJCQkJPHNwYW4gY2xhc3M9ImRmbS10aXRsZSBtZXRlcmVkIj4KCQkJQ1QgbWFuIHNlbnRlbmNlZCBmb3IgZG93bmxvYWRpbmcgdGhvdXNhbmRzIG9mIGNoaWxkIGFidXNlIHZpZGVvcyBmcm9tIGRhcmsgd2ViCQk8L3NwYW4-CgoJCgk8L2gxPg&i6=MjYwMjpmZmM4OjI6MTA0OjoxMQ%3D%3D&us_privacy=1---
access-control-allow-origin
https://www.courant.com
date
Wed, 10 Jan 2024 18:49:28 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
collect
analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VSKJTSMTNP&gtm=45je4180v9120195009z871194413&_p=1704912566728&_gaz=1&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cid=221492105.1704912568&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704912568&sct=1&seg=0&dl=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&dt=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&tfd=2700
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSKJTSMTNP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VSKJTSMTNP&cid=221492105.1704912568&gtm=45je4180v9120195009z871194413&aip=1&dma=0&gcs=G1--&gcd=11l1l1l1l5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSKJTSMTNP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 		68 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=fc94f577329c
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.34.60 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 18:49:29 GMT
Last-Modified
Mon, 26 Oct 2020 16:52:19 GMT
Server
AmazonS3
x-amz-request-id
RDGV7CBQPK4NGJV8
ETag
"91e42db1c66c0b276abf6234dc50b2eb"
Content-Type
image/png
Cache-Control
no-store
Accept-Ranges
bytes
Content-Length
68
x-amz-id-2
GZMw4X53AZNdQJZN+zlVWUIuyE2ZZQL9q2fcNrEfWSmV6900NTfmPV45/ccVJu9BHWC7bKYvL9s=
index.php
playlist.stnvideo.com/player/data/ 		33 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://playlist.stnvideo.com/player/data/index.php?cmd=loadInitial&session=FmYvegYy0MS9biop&instance=213078127&version=7.29.5&age=240110&ESG_key=iLgdKCFX&type=FULL&EXTREF=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/&REF=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.89.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-89-98.compute-1.amazonaws.com
Software
Apache /
Resource Hash
85bd54411cc6b42dbbb2a3dc5c6edf046b8a20407b25a4398a50c810ba1b66a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Jan 2024 18:49:28 GMT
server
Apache
content-type
text/html; charset=UTF-8
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=FmYvegYy0MS9biop&instance=213078127&version=7.29.5&age=240110&cmd=GET&key=iLgdKCFX&c_id=4650&seq=1&order=2&vIndex=0&absoluteTime=2749&relativeTime=601.5&canonical=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/&EXTREF=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/&REF=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/&playerCfg=FL&playerType=FLOAT&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.85.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-85-253.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:28 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
0_7.29.4.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0_7.29.4.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-127.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1496e19cbae1f57865ce25d8d72caadd2195fabb9d9f19d18a10849c370371e1

Request headers

Referer
https://embed.sendtonews.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
2miqZZojvdExFC3PxaxRBVo7Q1zv7LHP
content-encoding
gzip
via
1.1 8030cd0bcac2c3fc2192b9c81c50076c.cloudfront.net (CloudFront), 1.1 a8de9d7e2931bfc240069f36617b8e9a.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 12:40:15 GMT
x-amz-cf-pop
CMH68-P2, ORD56-P9
age
22154
x-cache
Hit from cloudfront
last-modified
Tue, 19 Dec 2023 00:53:14 GMT
server
AmazonS3
etag
W/"51b151e3905514740fdc9f430b3c6d1b"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id
USn9MuObzVeS_z1xAEEcbnc0TaesYUFS-PVn5nkr6Yi0e4LNmC-lLA==
zulmlv6k73b2p59c9cu5mdvotxztecu0.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/zulmlv6k73b2p59c9cu5mdvotxztecu0.jpg
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-122-101.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e52358452a907af9b2763e9c34115c487af6926f2db906f6e36213b761765ccd

Request headers

Referer
https://www.courant.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:17:33 GMT
via
1.1 8b65ef2814269fed146949146da561ac.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6
age
9116
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
44347
last-modified
Wed, 10 Jan 2024 16:08:10 GMT
server
AmazonS3
etag
"0a4af4c172141a36934724cc47d99f19"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
PRkkaOTHiu7-PjMWOK3fNX5kuz9Ory52DT7xdfL12gxORuinBwdfHw==
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame 65FB 		185 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9000ac6e87387641c9ef778db9586e320bf451e28815384c5e72b689876bcc90
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:28 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3494644
etag
W/"551756787971b257da9f419bdc840bdf3a84e9696"
surrogate-control
max-age=63072000
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
max-age=3600
cf-ray
843719a19f15a246-YYZ
x-application-context
services-js-tag:default,prod:8089
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 00:36:42 GMT
x-content-type-options
nosniff
age
324766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Jan 2025 00:36:42 GMT
zulmlv6k73b2p59c9cu5mdvotxztecu0.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/zulmlv6k73b2p59c9cu5mdvotxztecu0.jpg
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-122-101.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e52358452a907af9b2763e9c34115c487af6926f2db906f6e36213b761765ccd

Request headers

Referer
https://www.courant.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:17:33 GMT
via
1.1 8b65ef2814269fed146949146da561ac.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6
age
9116
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
44347
last-modified
Wed, 10 Jan 2024 16:08:10 GMT
server
AmazonS3
etag
"0a4af4c172141a36934724cc47d99f19"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
bjlaKMLaD4VN1pgmnog0MAXXJ8IuI3K_fecMjSmtp85dT6guoEylKg==
dya5fk7u2zoa7227f8dttmxim4gtohzv.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/dya5fk7u2zoa7227f8dttmxim4gtohzv.jpg
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-122-101.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5b7e1e66753e7c368a96cf158827f10f2dcd0710b951cd60902854a5ea802f2

Request headers

Referer
https://www.courant.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 11:35:37 GMT
via
1.1 8b65ef2814269fed146949146da561ac.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6
age
26032
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
20875
last-modified
Wed, 10 Jan 2024 11:27:56 GMT
server
AmazonS3
etag
"6876619093ae238c95891a1910ec5773"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
-3EBOckCRsgXrOgQN-GP-GvGfTE8BUJlBq105Wnt62Tc6fX_-US41A==
1-87rpnq391rp6pr107p177qn50163o0po.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/1-87rpnq391rp6pr107p177qn50163o0po.jpg
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-122-101.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a7da3949039bd533ce7182633a6068e2c515972511a8b1272ae8330e4f00e6b

Request headers

Referer
https://www.courant.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 07:36:54 GMT
via
1.1 8b65ef2814269fed146949146da561ac.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6
age
40355
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
20780
last-modified
Wed, 10 Jan 2024 07:26:09 GMT
server
AmazonS3
etag
"97f5ca52bf40b50e0bc3a3a92141de56"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
XxEVCH9catUMIwbQU8oMhpQqnGa4OLQjXiGe7sBeUz8nf2eyjk3kIg==
9xjmpu77sjkk0w50bhhubrgw69m7go96.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/9xjmpu77sjkk0w50bhhubrgw69m7go96.jpg
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-122-101.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
932be4013261d954ff7be48bc9d1521a4e3bb8905a7e19ef97663f26659d6144

Request headers

Referer
https://www.courant.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 01:08:23 GMT
via
1.1 8b65ef2814269fed146949146da561ac.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6
age
63666
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
38590
last-modified
Wed, 10 Jan 2024 01:01:22 GMT
server
AmazonS3
etag
"052bd5ad6131ea6132b30b9c5029a64b"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
q3wSNT57_BJtjFmocaPdocRtc6yGg04lymStGjZhS_G8vVKQvNxd-A==
32363801895483147659ec120464a10.85151416playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		307 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/32363801895483147659ec120464a10.85151416playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-122-101.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1e2592db562f5578780b2ce32990214fd69f443d0b823267ead98cf799d7da7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:19:53 GMT
via
1.1 8b65ef2814269fed146949146da561ac.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6
age
8976
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
307
last-modified
Wed, 10 Jan 2024 16:10:30 GMT
server
AmazonS3
etag
"158521ae1b77bd19b06168224df823d6"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
b_7L1rTqBJc7DQ-1h9w3wXV6_NOHzYYNO3wJpEv7eB2RjgZbkOImIw==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=FmYvegYy0MS9biop&instance=213078127&version=7.29.5&age=240110&cmd=IMA&key=iLgdKCFX&c_id=4650&seq=1&order=3&vIndex=0&absoluteTime=2896.9&relativeTime=749.4&EXTREF=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/&REF=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/&playerCfg=FL&recoveryMethod=NONE&imaVersion=3.609.1&blocked=false&recovered=false&hasAdParams=true&imaAttempt=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.85.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-85-253.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:28 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame 9881 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
82697
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 19:51:11 GMT
expires
Wed, 08 Jan 2025 19:51:11 GMT
last-modified
Mon, 18 Dec 2023 19:42:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 65FB 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.166.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-166-127.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 87441111f0e4d414e651812e90f76e78.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 13:07:36 GMT
x-amz-cf-pop
ORD58-P1
age
20513
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
moY4xsRnqq6GyTCYahgixe3K-Npo_6z-KF1L9FMtdLN1E9VhmgLNeg==
6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
config.aps.amazon-adsystem.com/configs/ Frame 65FB 		564 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-66.ord56.r.cloudfront.net
Software
CloudFront /
Resource Hash
fca1b23045b6c777d30be22aea1e625ed8240bbc298886c7f3c1fce209ebbac2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:11:33 GMT
via
1.1 f919f2fc60dfd64e98d071f7bb195aee.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ORD56-P9
age
2275
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
wm1l3Yxpau5lMYAY2-keqPDdYFY6Wp62sh1y9cts27x7r-2MOJD4PQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame 65FB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.courant.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.166.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-166-127.ord58.r.cloudfront.net
Software
Server /
Resource Hash
db474dcae6035d74edd4ebc274e72dfd03922a986af20695b13e292c817b78c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 17:55:41 GMT
via
1.1 0835ebd52ef8594cd8aa4dac9cfbd9a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ORD58-P1
age
3226
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.courant.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1764
x-amz-cf-id
jSkT1KZDgmjuTqNrHX0tekFvU9si8sjCfOG7Asf8sQy2PV0ad5wJpg==
183
p030.courant.com/DG/DEFAULT/rest/rpc/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p030.courant.com/DG/DEFAULT/rest/rpc/183?referer=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-01-10T08%3A49%3A28-10%3A00&ts=1704912568828
Requested by
Host: p030.courant.com
URL: https://p030.courant.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-56.ord56.r.cloudfront.net
Software
- /
Resource Hash
86ea2504eeeb204e6b67ce6ada63fbb3f7e3b8c7c43fbb614d69732afc779604
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 14e9a88a1a4a0e2e4fc6d487bbbfc7f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
ORD56-P9
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1433
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
lfjl4Im2iZaiZHxng-V3M1zxceU_SC5I4jbS0RmwBSZIUz1_alwiHg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&artid=6274276&artpubt=1704884442&artsrc=Hartford%20Courant&arttype=metered&artupt=1704893834&auth=Taylor%20Hartz&chrcnt=1366&cms=WP&hier=Connecticut%20News%7CNews&ptype=article&prem=metered&pubname=Hartford%20Courant&sec=Connecticut%20News&wrdcnt=212&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=7&tvcfg=wp&tid=e50d9669-fc33-4cda-840d-6548ee57c7bd&pid=78f3be2b-9b3a-4088-93e5-710cfea25081&dtm=1704912569125&qnm=_matherq&visible=1&tabid=0bd28c7e-7fc1-40f9-888b-5055caf6efa0&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&vp=1600x1200&ds=1600x4442&tofa=1704912569&vid=1&lvidt=1704912569&duid=0125e05d-c832-4067-8aa6-f6f328896171&fp=2592814021&cid=ma89701&mrk=197837617&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcwNDkxMjU2NTc0MyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiI1MC40bWIiLCJoZWFwVCI6IjcyLjJtYiIsImZzdFBhaW50IjoiMTAwMCIsImZldGNoUyI6IjEiLCJkb21haW5TIjoiNyIsImRvbWFpbkUiOiI3IiwiY29ublMiOiI3IiwiY29ubkUiOiI2MCIsInNzbFMiOiIzMiIsInJlcXVTIjoiNjAiLCJyZXNwUyI6Ijg2IiwicmVzcEUiOiIxMjgiLCJkb21Mb2FkIjoiOTIiLCJkb21JbnRlciI6IjE0NDQiLCJkb21Mb2FkUyI6IjE0NTQiLCJkb21Mb2FkRSI6IjE0NjAifSwia2V5d29yZHMiOlsiQ1QgbmV3cyIsImxvY2FsIG5ld3MiLCJicmVha2luZyBuZXdzIiwiY3JpbWUiLCJjb3VydCIsImNoaWxkIHBvcm5vZ3JhcGh5Iiwic2VudGVuY2luZyIsImZlZGVyYWwgcHJpc29uIiwicHJpc29uIiwiSGFydGZvcmQgQ291cmFudCIsIk5vcnRoIEJyYW5mb3JkIiwiQ29ubmVjdGljdXQgbmV3cyJdLCJpZGVudGl0aWVzIjpbeyJ0eXBlIjoiZ2EiLCJpZCI6IjIyMTQ5MjEwNSIsInJlZlRpbWUiOiIxNzA0OTEyNTY5MTIxIn1dLCJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJDb25uZWN0aWN1dCBOZXdzIiwiTmV3cyJdXX19
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.84.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-84-171.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 10 Jan 2024 18:49:29 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
css2
fonts.googleapis.com/ Frame DCDF 		3 KB
529 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
933ff38629199ba200d23e1a3afda3ca9cae06352169926a4609942ab4d3742b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 18:49:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 18:45:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 18:49:29 GMT
ping.gif
player-files.remixd.com/ Frame DCDF 		43 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player-files.remixd.com/ping.gif?action=playerImpression&userId=null&referrerUrl=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&domain=courant.com&adDuration=&inViewDuration=&sessionDuration=1&sessionId=e7e98257-ed10-4ef6-a57c-bf50c58ff1cd&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:29 GMT
x-guploader-uploadid
ABPtcPpgKlggZRvYkALgnuPjzpogmxWcRC391UoVkXcxiBap3roHdszBLORNcAyfLnHsMdJ146U
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Thu, 09 Jan 2025 18:49:29 GMT
ping.gif
player-files.remixd.com/ Frame DCDF 		43 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player-files.remixd.com/ping.gif?action=loading&userId=null&referrerUrl=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&domain=courant.com&adDuration=&inViewDuration=&sessionDuration=2&sessionId=e7e98257-ed10-4ef6-a57c-bf50c58ff1cd&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:29 GMT
x-guploader-uploadid
ABPtcPrM7oJduRPbfMuVrnGf78c8WVrWGwhylfjEKmJGM0X8ZUi2EzMtc1YUGIncUHc0r5Svarwc0aJWscmIfOX_JSWB0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Thu, 09 Jan 2025 18:49:29 GMT
ping.gif
player-files.remixd.com/ Frame DCDF 		43 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player-files.remixd.com/ping.gif?action=loaded&userId=null&referrerUrl=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&domain=courant.com&adDuration=&inViewDuration=&sessionDuration=4&sessionId=e7e98257-ed10-4ef6-a57c-bf50c58ff1cd&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:29 GMT
x-guploader-uploadid
ABPtcPrPLUF8O0wvwrW4hCGZQKbjaCnCZDEQuvD3GRiO2JpocihcA7mYdesMRdcjXlWUF1fVmBz-NEZk0OdXoFFLl40sIA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Thu, 09 Jan 2025 18:49:29 GMT
32363801895483147659ec120464a10.85151416.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		968 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/32363801895483147659ec120464a10.85151416.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-122-101.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c20337987f2f6d33510878c4ec379c5b2d893e354be16ccda1da9814f7750ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:19:53 GMT
via
1.1 8b65ef2814269fed146949146da561ac.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6
age
8977
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
968
last-modified
Wed, 10 Jan 2024 16:10:30 GMT
server
AmazonS3
etag
"722d77ac94554207720332cfe291a174"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
4KSOgk8BnQz6tgKEoZv9-gD2boa8Raj7GFMx9DF5LnoxkLLwC2MnOg==
183
p030.courant.com/DG/DEFAULT/rest/rpc/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p030.courant.com/DG/DEFAULT/rest/rpc/183?referer=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-01-10T08%3A49%3A29-10%3A00&ts=1704912569295
Requested by
Host: p030.courant.com
URL: https://p030.courant.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-56.ord56.r.cloudfront.net
Software
- /
Resource Hash
9e0683a3fc736ff6dea3a70a0b84e6d7963d41505d45406e5ad494c9f762c6e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 14e9a88a1a4a0e2e4fc6d487bbbfc7f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
ORD56-P9
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1474
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
0i8mM5RNLTV52uMjCUdmUngAC1dG6q735fFPinABtEccu0aM9A0g6w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 65FB 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-29-146.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:29 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 10 Jan 2024 19:04:29 GMT
ima.js
cdn-ima.33across.com/ Frame 65FB 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:35 GMT
server
cloudflare
age
600246
etag
W/"65833ebf-2810"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
843719a6abe236a7-YYZ
expires
Sat, 13 Jan 2024 18:49:29 GMT
hadron.js
cdn.hadronid.net/ Frame 65FB 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&ref=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&_it=amazon&partner_id=694
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:29 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
1685
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
843719a7c9e94bcd-BUF
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
183
p030.courant.com/DG/DEFAULT/rest/rpc/ 		185 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p030.courant.com/DG/DEFAULT/rest/rpc/183?referer=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&bcsessionid=d5d42d49-ce66-4d62-b0d4-f2fa3d1bb44f&bctempid=&overruleReferrer=&time=2024-01-10T08%3A49%3A29-10%3A00&ts=1704912569313
Requested by
Host: p030.courant.com
URL: https://p030.courant.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-56.ord56.r.cloudfront.net
Software
- /
Resource Hash
00c6ba2670e9e330abbfed4d811a6d49a7ea86105fc9d59a8936a5a2af17e15a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 14e9a88a1a4a0e2e4fc6d487bbbfc7f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
ORD56-P9
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
165
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
5rY4mOaoXnZ3JmKqHEoROtraqpyn5REE41juVbMKnJGQysIrgjl1tg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
a-05ac
i.liadm.com/s/c/ Frame 375F 		651 B
892 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.71.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-71-126.compute-1.amazonaws.com
Software
/
Resource Hash
f974407e736c2f1809e95ac89c28d1ee6e1f36f13c55c358f71902b4b87ea9ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
441
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Jan 2024 18:49:29 GMT
Request-Time
6
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
a-05ac
i.liadm.com/s/c/ Frame 134E 		651 B
892 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.6&cd=.www.courant.com&
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.71.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-71-126.compute-1.amazonaws.com
Software
/
Resource Hash
69312fa5de75b7829094405d2a23f8e61a0caff3905f64edc725a04e7eb2546d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
441
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Jan 2024 18:49:29 GMT
Request-Time
8
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
a-05ac
i.liadm.com/s/c/ Frame 3196 		651 B
892 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.71.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-71-126.compute-1.amazonaws.com
Software
/
Resource Hash
f974407e736c2f1809e95ac89c28d1ee6e1f36f13c55c358f71902b4b87ea9ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
441
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Jan 2024 18:49:29 GMT
Request-Time
4
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
a-05ac
i.liadm.com/s/c/ Frame 297D 		651 B
892 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.71.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-71-126.compute-1.amazonaws.com
Software
/
Resource Hash
f974407e736c2f1809e95ac89c28d1ee6e1f36f13c55c358f71902b4b87ea9ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
441
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Jan 2024 18:49:29 GMT
Request-Time
4
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
baker
sli.courant.com/ 		19 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sli.courant.com/baker?dtstmp=1704912569433
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.146 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-249-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires
Wed, 10 Jan 2024 18:49:29 GMT
Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:29 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
t
ds.reson8.com/v1/ Frame 65FB 		18 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ds.reson8.com/v1/t
Requested by
Host: cdn.resonate.com
URL: https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74df6a6e6baba23c158bc44b03c0e68cd743edffbf10942864e70e1414936b48
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:29 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
cf-ray
843719a86b07544f-YYZ
content-length
18
7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ Frame DCDF 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 16:50:17 GMT
x-content-type-options
nosniff
age
525552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20960
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:18:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 16:50:17 GMT
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ Frame DCDF 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 00:36:42 GMT
x-content-type-options
nosniff
age
324767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21144
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:43:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Jan 2025 00:36:42 GMT
32363801895483147659ec120464a10.85151416-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		329 KB
330 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/32363801895483147659ec120464a10.85151416-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-122-101.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62e7a66cf4d717120e843939ff7351a6cbf28270d549816079cdbcf98eb36277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:22:40 GMT
via
1.1 8b65ef2814269fed146949146da561ac.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6
age
8809
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
336896
last-modified
Wed, 10 Jan 2024 16:10:11 GMT
server
AmazonS3
etag
"86f02b3e53f48dc363d8677d67e848f2"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
8rmkK96vDN39zfr9ePR01pAbOq7fB2Lrc_B7gdghyxtE1AFiR01FAQ==
hadron.json
id.hadron.ad.gt/v1/ Frame 65FB 		96 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=694&sync=0&domain=www.courant.com&url=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&ref=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&_it=amazon&partner_id=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ffe5d9de90ea416fa84370945927a8d761ec097f8546fe0abf6dabdaa62d472

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
843719aaeacb6aed-BUF
usersync.aspx
dis.criteo.com/dis/ Frame 375F 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:29 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
523308
expires
Wed, 10 Jan 2024 00:00:00 GMT
a-05ac
i6.liadm.com/s/c/ Frame 375F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&cd=.www.courant.com&version=v2.11.4&us_privacy=1---&s=&euns=0&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:ed:550e:f339:4051:d8d6:6b16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
usersync.aspx
dis.criteo.com/dis/ Frame 134E 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.6&cd=.www.courant.com&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:29 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
321927
expires
Wed, 10 Jan 2024 00:00:00 GMT
a-05ac
i6.liadm.com/s/c/ Frame 134E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&cd=.www.courant.com&version=v2.11.6&us_privacy=1---&s=&euns=0&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.6&cd=.www.courant.com&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:ed:550e:f339:4051:d8d6:6b16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
usersync.aspx
dis.criteo.com/dis/ Frame 3196 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:29 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
598149
expires
Wed, 10 Jan 2024 00:00:00 GMT
a-05ac
i6.liadm.com/s/c/ Frame 3196 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&cd=.www.courant.com&version=v2.11.4&us_privacy=1---&s=&euns=0&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:ed:550e:f339:4051:d8d6:6b16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
usersync.aspx
dis.criteo.com/dis/ Frame 297D 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:29 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
263142
expires
Wed, 10 Jan 2024 00:00:00 GMT
a-05ac
i6.liadm.com/s/c/ Frame 297D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&cd=.www.courant.com&version=v2.11.4&us_privacy=1---&s=&euns=0&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:ed:550e:f339:4051:d8d6:6b16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
32363801895483147659ec120464a10.85151416.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		969 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/32363801895483147659ec120464a10.85151416.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-122-101.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7dd57012cb48aa8da82d5a92bf86e7e956c7087ed54abe5e212609f10b73908

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:22:41 GMT
via
1.1 8b65ef2814269fed146949146da561ac.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6
age
8809
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
969
last-modified
Wed, 10 Jan 2024 16:10:29 GMT
server
AmazonS3
etag
"9b47dfd8fcf4b66545ffc90e744e6385"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
iyZxx_UR3vut9sFmGL2Ysz40cL9WRPP21-kQKFc1DodChcjI3JcZsw==
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79DC) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 18:49:29 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
357
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (nya/79DC)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
95832e74-b01e-00b5-07f4-4369c5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 10 Jan 2024 19:19:29 GMT
index.js
cdn.pranmcpkx.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/index.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7991) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 18:49:29 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
289504
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (nya/7991)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
1c487a46-a01e-00ae-5e53-415aaf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
TRIBUNE__600CONFIG__600.json
cdn.pranmcpkx.com/prod/data/dfm/ 		477 KB
32 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/data/dfm/TRIBUNE__600CONFIG__600.json?_=1704912569952
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/dfm/t8y9347t.min.js?2024010
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
32eeceb7992d1d7f50412360f479919c1862b39ae5cf3fd7624526c4292922ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Wed, 10 Jan 2024 18:49:29 GMT
content-encoding
gzip
last-modified
Wed, 27 Dec 2023 15:27:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count
1
etag
0x8DC06F045425347
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
ce3d380a-201e-007b-21f5-43b522000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
cache-control
no-cache
x-ms-version
2009-09-19
content-length
32181
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.34.60 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 18:49:31 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
7C2BAABWJ2FH6CMX
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
GsKE9ELi+X9V96oiTI77EfliqkknaTo1YdOR3mQeeQad+R0CpIicMpfPef4rErhdDVhe8ifTpek=
x-amz-meta-s3b-last-modified
20191015T134358Z
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=694&sync=0&domain=www.courant.com&url=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.courant.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
843719aa7a9b6aed-BUF
content-length
0
content-type
application/json
date
Wed, 10 Jan 2024 18:49:30 GMT
debug
OPTIONS block
expires
Thu, 09 Jan 2025 18:49:30 GMT
server
cloudflare
d06b5b0e-ca85-4456-a46d-20761904355f
https://www.courant.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.courant.com/d06b5b0e-ca85-4456-a46d-20761904355f
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
gtm.js
www.googletagmanager.com/ 		258 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d130970d99e20621bad642fa8de324ea17ae14ec77954bf08b5e89ef1a6c1bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83397
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Jan 2024 18:49:30 GMT
694
a.ad.gt/api/v1/u/matches/ Frame 65FB 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/694?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&ref=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&_it=amazon&partner_id=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32736c030de4000ef195ed90f6e80818eb304eb837dbdc34117b56c3153b1439

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 18:45:02 GMT
server
cloudflare
age
268
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
843719adca024bc7-BUF
nr-rum-1.249.0.min.js
js-agent.newrelic.com/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.249.0.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
461f9f536c4dc41886fb453be7068b893e2817524bc24587fc0449c65aacec75
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.courant.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
3PbzC_N7CIB1L071r8FgkLVtaRZzQS.L
content-encoding
br
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:30 GMT
strict-transport-security
max-age=300
x-amz-request-id
CZD9EFJ5Y7AWVWRC
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15747
x-amz-id-2
+HG12lFi+NJuLDVNPTVucHh05B3oL23664PqaW3GoHPnRqDdRqIZOsoUQE6/hulIp1hKrbEK2do=
x-served-by
cache-yyz4569-YYZ
last-modified
Thu, 14 Dec 2023 16:36:09 GMT
server
AmazonS3
x-timer
S1704912571.548093,VS0,VE0
etag
"2ccd2352d2d5668fd135b1090e86b079"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
11609
a-05ac.min.js
b-code.liadm.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-05ac.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24d4:d000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
455c7ef154d40349b8a46a6d56eea2b032d21e19dadf5a73a8e2094148d24073

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 19:17:11 GMT
content-encoding
gzip
via
1.1 43af2ec1becf07da0a09b43135838da4.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD58-P5
age
84739
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
ba6Puf8sqqTzY76k6nAZcA2Cr00bjd8xhMPBiWn748nBa0VsjIdzXg==
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.138 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://www.courant.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Wed, 10 Jan 2024 18:49:30 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		415 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.138 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
feb16b2155b0e928d6b042e2f51bdae41580afd66888402dc1ec151cea6690d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
1F0FDD9A-FD1A-493A-8C8D-D6E3331801F9
strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 18:49:30 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
415
ac28ce4f-6812-4bd2-9d9f-c4f97b863aa4
https://www.courant.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.courant.com/ac28ce4f-6812-4bd2-9d9f-c4f97b863aa4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
hadron.js
cdn.hadronid.net/ Frame 65FB 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?partner_id=694&sync=1&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/694?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
1686
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
843719ae4cfe4bcd-BUF
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
694
p.ad.gt/api/v1/p/ Frame 65FB 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/694
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/694?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e307697090c78320ecd6ee0a812eafa5127d82afd68defbca427848114cb45d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 18:45:03 GMT
server
cloudflare
age
267
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
843719aedcc96aed-BUF
match
ids.ad.gt/api/v1/ Frame 65FB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704912571-IUWK4PT3-C13G&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001704912571-IUWK4PT3-C13G%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704912571-IUWK4PT3-C13G&adnxs_id=2840245782802064973&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704912571-IUWK4PT3-C13G&adnxs_id=2840245782802064973&gdpr=0
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843719b02ddc4bc3-BUF
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:30 GMT
an-x-request-uuid
8be3cc2b-fc1d-4934-b165-27bde44cc6b1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704912571-IUWK4PT3-C13G&adnxs_id=2840245782802064973&gdpr=0
x-proxy-origin
96.9.249.36; 96.9.249.36; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/ Frame 65FB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704912571-IUWK4PT3-C13G&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704912571-IUWK4PT3-C13G&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=e59d3934-868a-4c3e-9652-c62263f9455b&id=AU1D-0100-001704912571-IUWK4PT3-C13G
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=e59d3934-868a-4c3e-9652-c62263f9455b&id=AU1D-0100-001704912571-IUWK4PT3-C13G
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843719afddbe4bc3-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=e59d3934-868a-4c3e-9652-c62263f9455b&id=AU1D-0100-001704912571-IUWK4PT3-C13G
date
Wed, 10 Jan 2024 18:49:30 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/ Frame 65FB
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704912571-IUWK4PT3-C13G
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704912571-IUWK4PT3-C13G
  • https://ids.ad.gt/api/v1/pbm_match?pbm=BC1540B7-931D-4457-8971-3EF62F259356&id=AU1D-0100-001704912571-IUWK4PT3-C13G
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=BC1540B7-931D-4457-8971-3EF62F259356&id=AU1D-0100-001704912571-IUWK4PT3-C13G
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843719afddbc4bc3-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=BC1540B7-931D-4457-8971-3EF62F259356&id=AU1D-0100-001704912571-IUWK4PT3-C13G
date
Wed, 10 Jan 2024 07:56:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
token
token.rubiconproject.com/ Frame 65FB 		0
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001704912571-IUWK4PT3-C13G&gdpr=0
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/ Frame 65FB
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001704912571-IUWK4PT3-C13G&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704912571...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001704912571-IUWK4PT3-C13G&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9f598662-327e-406c-a623-1639fcaad77f%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e59d3934-868a-4c3e-9652-c62263f9455b&ttd_puid=9f598662-327e-406c-a623-1639fcaad77f%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704912571-IUWK4PT3-C13G&tapad_id=9f598662-327e-406c-a623-1639fcaad77f
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704912571-IUWK4PT3-C13G&tapad_id=9f598662-327e-406c-a623-1639fcaad77f
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843719b06e034bc3-BUF
content-length
43
content-type
image/gif

Redirect headers

date
Wed, 10 Jan 2024 18:49:30 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704912571-IUWK4PT3-C13G&tapad_id=9f598662-327e-406c-a623-1639fcaad77f
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/ Frame 65FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001704912571-IUWK4PT3-C13G
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704912571-IUWK4PT3-C13G&google_gid=CAESEH65F6_746F6PjNZr0Rv_UI&google_cver=1&google_ula=450542624,0
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704912571-IUWK4PT3-C13G&google_gid=CAESEH65F6_746F6PjNZr0Rv_UI&google_cver=1&google_ula=450542624,0
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843719af8d9e4bc3-BUF
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704912571-IUWK4PT3-C13G&google_gid=CAESEH65F6_746F6PjNZr0Rv_UI&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 65FB
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001704912571-IUWK4PT3-C13G
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDkxMjU3MS1JVVdLNFBUMy1DMTNH
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDkxMjU3MS1JVVdLNFBUMy1DMTNH
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDkxMjU3MS1JVVdLNFBUMy1DMTNH
date
Wed, 10 Jan 2024 18:49:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843719aedd534bc3-BUF
content-type
text/html; charset=utf-8
beeswax_match
ids.ad.gt/api/v1/ Frame 65FB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001704912571-IUWK4PT3-C13G
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001704912571-IUWK4PT3-C13G&_bee_ppp=1
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AABA9U7LPc0AABNRgylERA&id=AU1D-0100-001704912571-IUWK4PT3-C13G
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AABA9U7LPc0AABNRgylERA&id=AU1D-0100-001704912571-IUWK4PT3-C13G
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843719afedc34bc3-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AABA9U7LPc0AABNRgylERA&id=AU1D-0100-001704912571-IUWK4PT3-C13G
Date
Wed, 10 Jan 2024 18:49:30 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
adb_match
ids.ad.gt/api/v1/ Frame 65FB
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001704912571-IUWK4PT3-C13G&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001704912571-IUWK4P...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001704912571-IUWK4PT3-C13G&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-01...
  • https://ids.ad.gt/api/v1/adb_match?adb=86184965195569105544419199670438777659&id=AU1D-0100-001704912571-IUWK4PT3-C13G
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/adb_match?adb=86184965195569105544419199670438777659&id=AU1D-0100-001704912571-IUWK4PT3-C13G
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843719afedc24bc3-BUF
content-length
43
content-type
image/gif

Redirect headers

dcs
dcs-prod-va6-1-v053-03eb58c8d.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
7ksQnyv+QUw=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://ids.ad.gt/api/v1/adb_match?adb=86184965195569105544419199670438777659&id=AU1D-0100-001704912571-IUWK4PT3-C13G
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
openx
ids.ad.gt/api/v1/ Frame 65FB
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001704912571-IUWK4PT3-C13G%26auid%3DAU...
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001704912571-IUWK4PT3-C13G%26auid...
  • https://ids.ad.gt/api/v1/openx?openx_id=a7d142f4-d16d-4d4d-9f9f-806d13273478&id=AU1D-0100-001704912571-IUWK4PT3-C13G&auid=AU1D-0100-001704912571-IUWK4PT3-C13G
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/openx?openx_id=a7d142f4-d16d-4d4d-9f9f-806d13273478&id=AU1D-0100-001704912571-IUWK4PT3-C13G&auid=AU1D-0100-001704912571-IUWK4PT3-C13G
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843719b1eea14bc3-BUF
content-length
43
content-type
image/gif

Redirect headers

date
Wed, 10 Jan 2024 18:49:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://ids.ad.gt/api/v1/openx?openx_id=a7d142f4-d16d-4d4d-9f9f-806d13273478&id=AU1D-0100-001704912571-IUWK4PT3-C13G&auid=AU1D-0100-001704912571-IUWK4PT3-C13G
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
a-05ac
i.liadm.com/s/c/ Frame 4DD9 		187 B
610 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=ChMKBgjdARD4FgoJCP____8HEIIX&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.71.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-71-126.compute-1.amazonaws.com
Software
/
Resource Hash
851e83a1bff19c3c6a990477cd9208a81d831ba562665123015569d5e2166cb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
159
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Jan 2024 18:49:30 GMT
Request-Time
3
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
a-05ac.min.js
b-code.liadm.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-05ac.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24d4:d000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
455c7ef154d40349b8a46a6d56eea2b032d21e19dadf5a73a8e2094148d24073

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 19:17:11 GMT
content-encoding
gzip
via
1.1 43af2ec1becf07da0a09b43135838da4.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD58-P5
age
84739
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
G2ODX4ulFDgnVeAf3aTRIjuUqz83mIwfKR80zhaOdhhfef7asH9XuA==
7998548d3f
bam.nr-data.net/1/ 		40 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/7998548d3f?a=764630297&v=1.249.0&to=Ml0BbUEAXENYUBBfWAsXIlpHCF1eFkANWFAJXQ%3D%3D&rst=4896&ck=0&s=0&ref=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/&ap=321&be=85&fe=4698&dc=1375&at=HhoWGwkaTxwbUkYMTBhF&perf=%7B%22timing%22:%7B%22of%22:1704912565743,%22n%22:0,%22f%22:0,%22dn%22:6,%22dne%22:6,%22c%22:6,%22s%22:31,%22ce%22:60,%22rq%22:60,%22rp%22:85,%22rpe%22:127,%22di%22:1444,%22ds%22:1453,%22de%22:1460,%22dc%22:4747,%22l%22:4747,%22le%22:4783%7D,%22navigation%22:%7B%7D%7D&fp=999&fcp=1078
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.courant.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-nyc-kteb1890034-NYC
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035443/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
18.160.200.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-200-115.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:56:25 GMT
via
1.1 7bb50070cb50e51e99a51b4014f75d6a.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P5
age
21186
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
JJLUKIUA-nAhhpzloc-0fT-wiLgGc1NRfyqDw6W8PPG_IgxLikU9bg==

Redirect headers

date
Wed, 10 Jan 2024 18:49:30 GMT
via
1.1 7bb50070cb50e51e99a51b4014f75d6a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ORD56-P5
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
otc5DiPeQtFjQUsw7I_h-I06sF4bZjVkcKb1wcR3R2rEEZ9FDtWmAQ==
/
cmp.osano.com/ Frame F24A 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2509:e200:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
75837
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Wed, 10 Jan 2024 05:25:57 GMT
etag
W/"287b497c992487af362d33204f87d28f"
last-modified
Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 878742d0ad1850cbfc7910a5c4919ed0.cloudfront.net (CloudFront)
x-amz-cf-id
wZBgSf0bCyw5v3WjTkvcRHgUxP0RaJnw6wHsU8rpXH1rszs0p3tu5A==
x-amz-cf-pop
IAD12-P2
x-amz-version-id
xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
client
accounts.google.com/gsi/ 		207 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client?ver=6.4.2
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cd9e7e200e5f13fa3479e118c3c92f904c8b7b176072dffadc63a2ec8ccd9ef
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-vQ5EFglrHB7K5PhPBgbM9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-vQ5EFglrHB7K5PhPBgbM9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 10 Jan 2024 18:49:30 GMT
loader.js
cdn.taboola.com/libtrc/tribunedigital-network/ 		835 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a82d7a3c71671c9e0c5efa83cd0baad4365cf4c27215b232366f781fe56ff561

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
81wAzEPIDDDPmF.le9TCiKYRskDS.y7L
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:31 GMT
x-amz-request-id
5NVYW11YH5NXGE78
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
36
x-amz-replication-status
FAILED
content-length
88567
x-amz-id-2
lJqKuEfLl9IRBH1YRa7PDz/dD6tTZUrv7+SZWo18x+eGVN2a2qUMwtBsf7r0hTr/wr1BBOCsupw=
x-served-by
cache-yyz4545-YYZ
last-modified
Wed, 10 Jan 2024 16:06:19 UTC
server
nginx
x-timer
S1704912571.975569,VS0,VE83
etag
"4a015c2e5847fcfdc2b098cafddc233f3668e1bd"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
15
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24ae07aef0c960e5a87f147f375aade1dfd5f55ad61dd09d759b2d27d7058db2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29613
x-xss-protection
0
server
cafe
etag
765 / 19732 / m202401030101 / config-hash: 18310344931514748835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 18:49:31 GMT
op.js
tagan.adlightning.com/mng-trib/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/op.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-30.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0415bbe14ee5e29c3e534384c0e2e1db2c9af68ed386043e8efced271ecf5a1f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
K6bd2PHOl.PCeOq4MsltI5gfBDUMwqxw
content-encoding
gzip
via
1.1 c80d7d73c19744418338fdf12216d306.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 18:43:58 GMT
x-amz-cf-pop
ORD56-P1
age
340
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8836
x-amz-meta-git_commit
2805e46
last-modified
Wed, 10 Jan 2024 18:06:35 GMT
server
AmazonS3
etag
"b2bbdfa576b66f5f6d60c1d90be1a04c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
f_uKd6paEZnLA6cC_Ba29VlaWW-C0aoUKp2v6e2TqbyWris_tnF9ig==
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.166.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-166-127.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:18:55 GMT
content-encoding
gzip
via
1.1 38f01abc783d44e34c757455ac9006ce.cloudfront.net (CloudFront), 1.1 0835ebd52ef8594cd8aa4dac9cfbd9a8.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5, ORD58-P1
age
1836
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
iCT1uw0d40Jly2Mbdn1tbhKEyEscVST-WTUkvjjYm9zTIAq6cDQvSA==
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/70bb23e5-a2a7-414e-b709-7066b1333c83/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/70bb23e5-a2a7-414e-b709-7066b1333c83/launchpad-liveramp.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-18-13.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f35a7a3eb28e1da39e87276b8f75d6203b808e26b63218ffb0be3fd62e0de605

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
0wgTlvozKv_yHsVhsA.bHuhm0r2Cnphv
content-encoding
gzip
via
1.1 f9e7a291fbbfe75f0bf0596d792bf7bc.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 04:27:27 GMT
x-amz-cf-pop
ORD51-C3
age
51748
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Sun, 27 Aug 2023 22:55:22 GMT
server
AmazonS3
etag
W/"e1e9408aa4a994afbbb535269e3387fb"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
eDlVq8a2nhgLF2yDdDPzVSmCN-6BHYAPGc4ywnvM7WnSiZ4fDRKkzw==
load.js
s.ntv.io/serve/ 		621 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.7.17.42 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-17-42.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
573d17471db486e8c1db97968103afd30442952396917f633312ab4b0fc2bcf3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 18:49:31 GMT
Content-Encoding
gzip
x-amz-request-id
E1TXN1EQYSBH4AFG
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
/CSH71RljzM0tC7m8TZwN2L/ISQTtIJt8AHwWHnFWKfrUNquiJz+BYJ3BTOkPNmQ/AK9thyZi+8=
Last-Modified
Tue, 09 Jan 2024 16:00:28 GMT
Server
AmazonS3
ETag
"84c06ac06d449c75d911853d474891fa"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 18:26:15 GMT
server
cloudflare
age
1179
etag
W/"76318d-856b-60e9b90fe1913"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
843719b118d436c9-YYZ
expires
Wed, 10 Jan 2024 22:49:31 GMT
ppid.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ppid.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:46 GMT
server
cloudflare
age
600247
etag
W/"65833eca-2947"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
843719aeca7736a7-YYZ
expires
Sat, 13 Jan 2024 18:49:30 GMT
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 18:49:31 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A22D 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 10 Jan 2024 19:05:41 GMT
envelope
lexicon.33across.com/v1/ Frame 65FB
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7E%7E1YN-&gpp_sid=6
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7E%7E1YN-&gpp_sid=6&b=1&g=bg5Ai4JOZ%2FbrBBc11wwsxZAbHZlcDbcyp5mMZqVbDN8%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7E%7E1YN-&gpp_sid=6&b=1&g=bg5Ai4JOZ%2FbrBBc11wwsxZAbHZlcDbcyp5mMZqVbDN8%3D
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 10 Jan 2024 18:49:30 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.courant.com
location
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7E%7E1YN-&gpp_sid=6&b=1&g=bg5Ai4JOZ%2FbrBBc11wwsxZAbHZlcDbcyp5mMZqVbDN8%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
envelope
lexicon.33across.com/v1/ Frame 65FB
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAj...
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAj...
42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6&b=1&g=iE8C%2FoJ%2BUK5cryVZVujg7MGj2vXkv18N9Rd17Xj5iqw%3D
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H3
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 10 Jan 2024 18:49:30 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.courant.com
location
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6&b=1&g=iE8C%2FoJ%2BUK5cryVZVujg7MGj2vXkv18N9Rd17Xj5iqw%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
envelope
lexicon.33across.com/v1/ Frame 65FB
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4...
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4...
42 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6&b=1&g=zuziJVucrIKF7ViKv9kFnHSCSxGrgljAWeys032TdMI%3D
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 10 Jan 2024 18:49:30 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.courant.com
location
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6&b=1&g=zuziJVucrIKF7ViKv9kFnHSCSxGrgljAWeys032TdMI%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
envelope
lexicon.33across.com/v1/ Frame 65FB
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7E%7E1YN-&gpp_sid=6
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7E%7E1YN-&gpp_sid=6&b=1&g=MjiCReyjJMxlhKE3Uf1g6axzhardIENBXrP2ww6HZlY%3D
42 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7E%7E1YN-&gpp_sid=6&b=1&g=MjiCReyjJMxlhKE3Uf1g6axzhardIENBXrP2ww6HZlY%3D
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 10 Jan 2024 18:49:30 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.courant.com
location
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---&gpp=DBACOe%7E%7E%7E1YN-&gpp_sid=6&b=1&g=MjiCReyjJMxlhKE3Uf1g6axzhardIENBXrP2ww6HZlY%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
record
consent.api.osano.com/ 		0
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-107.ord56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
via
1.1 b97399a854ef3f7d0671de5362d14a2c.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P9
x-amzn-trace-id
Root=1-659ee6bb-56b968a64b9bb4403e3f1a0d
x-amzn-requestid
8ebd4b61-95d5-4a55-a821-59a6b6f0bfd5
x-cache
Miss from cloudfront
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
x-amz-apigw-id
RVj9SE-CoAMEDRw=
x-amz-cf-id
XTk_3xVhhwZwitiDVKXKA2UMs7XNwXb0EAInXoSKmnIyeO7j0biwjQ==
a-05ac
i.liadm.com/s/c/ Frame FAD1 		187 B
610 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-05ac?duid=836d203cdfdf--01hktbafpnzq95262nvqwrjkng&euns=0&s=ChMKBgjdARD4FgoJCP____8HEIIX&us_privacy=1---&version=v2.11.4&cd=.www.courant.com&
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.71.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-71-126.compute-1.amazonaws.com
Software
/
Resource Hash
851e83a1bff19c3c6a990477cd9208a81d831ba562665123015569d5e2166cb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
159
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Jan 2024 18:49:30 GMT
Request-Time
1
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
analytics.js
www.google-analytics.com/ Frame 65FB 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 Jan 2024 17:39:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4181
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 10 Jan 2024 19:39:49 GMT
collect
a.ad.gt/api/v1/ Frame 65FB 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.courant.com
access-control-allow-credentials
true
cf-ray
843719b06e464bbb-BUF
getpixels
pixels.ad.gt/api/v1/ Frame 65FB 		0
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=bbb26b9000223e3dc68995ac736d1ea2&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843719b1ddee4bc6-BUF
content-type
text/html; charset=utf-8
ppid
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&gpp=DBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZA...
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&gpp=DBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZA...
42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&gpp=DBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6&b=1&g=L5WLWPJzrpf1gtXm1ZUg5mWvM9S9nyaOEYHj%2B3T4d%2Bk%3D&fp=aYGH4SBeSHNjr40%2Bqf8oSGjVcG%2FCIcT%2BiBMwRdt0RUZ%2BY%2B6ERGnJTf%2FCQnaH64S1xBhvq7PFlcPc4H%2FzpoD9Tg%3D%3D
Protocol
H3
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 10 Jan 2024 18:49:30 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.courant.com
location
https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&gpp=DBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6&b=1&g=L5WLWPJzrpf1gtXm1ZUg5mWvM9S9nyaOEYHj%2B3T4d%2Bk%3D&fp=aYGH4SBeSHNjr40%2Bqf8oSGjVcG%2FCIcT%2BiBMwRdt0RUZ%2BY%2B6ERGnJTf%2FCQnaH64S1xBhvq7PFlcPc4H%2FzpoD9Tg%3D%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.166.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-166-127.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 87441111f0e4d414e651812e90f76e78.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 13:07:36 GMT
x-amz-cf-pop
ORD58-P1
age
20515
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
AOWxslMsZhkNUHOS-nFziu95yosyRATDKPlZ3xZSMJGIn3SgI3fL3g==
record
consent.api.osano.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-107.ord56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.courant.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 10 Jan 2024 18:49:31 GMT
via
1.1 b97399a854ef3f7d0671de5362d14a2c.cloudfront.net (CloudFront)
x-amz-apigw-id
RVj9RHYcoAMEU8w=
x-amz-cf-id
xGzM0MIHpAbypzI3eaK4sJKd1fHKIgNH5aqm-qNParJfxHQnkQe9wg==
x-amz-cf-pop
ORD56-P9
x-amzn-requestid
530bbe83-de36-4c99-82e4-0fe2638edda5
x-cache
Miss from cloudfront
ecommerce.js
www.google-analytics.com/plugins/ua/ Frame 65FB 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:01:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
2865
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 10 Jan 2024 19:01:45 GMT
ec.js
www.google-analytics.com/plugins/ua/ Frame 65FB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:45:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 10 Jan 2024 19:45:38 GMT
b-2805e46-145e842b.js
tagan.adlightning.com/mng-trib/ 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-30.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
793b1e3ce4434890057ad13bbeb745a152ca517e5fb962266b2679fd161d4f35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 09:40:42 GMT
content-encoding
gzip
via
1.1 c80d7d73c19744418338fdf12216d306.cloudfront.net (CloudFront)
x-amz-version-id
xM0td1wU4vB5LHL37TI_fGNZjW92dlQ9
x-amz-cf-pop
ORD56-P1
age
983330
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25694
x-amz-meta-git_commit
2805e46
last-modified
Wed, 27 Dec 2023 18:12:31 GMT
server
AmazonS3
etag
"51ffe63c118533b804d69f2dfd44767d"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
dCdyHcm23St5ibmm1LY7r1OadXPVb5sSrSnLziJQp3a5Pp3o-q5ZMQ==
bl-250cc79-5668bfd3.js
tagan.adlightning.com/mng-trib/ 		87 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/bl-250cc79-5668bfd3.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-30.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18df8a9eb313a3910f5b3782f22d5436d6416b4df4d5ab20e1fab4dfe518e883

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:10:51 GMT
content-encoding
gzip
via
1.1 c80d7d73c19744418338fdf12216d306.cloudfront.net (CloudFront)
x-amz-version-id
.vxBYcAZ6evit3RvFqRxkFtM35Tf9EAO
x-amz-cf-pop
ORD56-P1
age
2321
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37433
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 18:06:23 GMT
server
AmazonS3
etag
"bfd8ec1270040f0e17404b6da6093074"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
8TV_hebi1IMTXmIlgA8fY23ZE_mxOLmqAY9RfyVLuNDqHiavileA9g==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:42:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
22005
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140053
x-xss-protection
0
server
cafe
etag
1469350900164882112
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 09 Jan 2025 12:42:46 GMT
rid
match.adsrvr.org/track/ 		108 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
32636e6901ad478ab9064ab9c74f895ef6c0d36f796c444c40627cd980d78dc5

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 09 Feb 2024 18:49:31 GMT
identity
api.rlcdn.com/api/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
id.sv.rkdms.com/identity/ 		2 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.courant.com
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.99.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-99-162.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.courant.com
date
Wed, 10 Jan 2024 18:49:31 GMT
access-control-allow-credentials
true
server
awselb/2.0
content-length
2
vary
Accept-Encoding
content-type
application/json
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		126 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.120.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-120-77.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
OYXhO0yAI32wYHLbaFkvb4YycLXHk8gH
content-encoding
gzip
via
1.1 3122a7687971ff6ecbb9b32d02d4ed76.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 17:59:23 GMT
last-modified
Tue, 12 Dec 2023 13:01:22 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P3
age
3009
x-amz-server-side-encryption
AES256
etag
W/"6f5acc886b373331d622309f643f2f89"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
Lcol7G9yu12B3GbcnBgvfDXL5EOcSsszZXn-oUWhCvgZV4N7raqCwQ==
impl.20240110-5-RELEASE.js
cdn.taboola.com/libtrc/ 		836 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240110-5-RELEASE.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
3a4322febc8f4a183363f5ed72274960fc758cb017eef16d59c19a62b665c27b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
s7ctqEOFV9ZTJFp9II4iQNdsHXEbvGPB
content-encoding
br
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:31 GMT
x-amz-request-id
JJQHMKRY809D88N7
age
1267
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
176934
x-amz-id-2
uSHFvdt+TiuuRCWItUTAseROD6PafWnPnsYTyKuiX7fpIDzZSQ3Zo7EQtH43++HA0hTy0FhFaGM=
x-served-by
cache-yyz4545-YYZ
last-modified
Wed, 10 Jan 2024 10:27:36 GMT
server
AmazonS3-br
x-timer
S1704912571.296986,VS0,VE0
etag
"e61e428a0421877d7488028a07c3febc"
vary
Accept-Encoding
content-type
application/javascript
abp
15
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1125
t
jadserve.postrelease.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&ntv_mvi&us_privacy=1---
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.105.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-105-65.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b10a0e1942c796ddd404c5c3648d5512653c3c16a4f84eb4d347d2d7fabc8aad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:31 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1312
expires
Mon, 1 Jan 1990 12:00:00 GMT
e396f28e-5498-4a3f-9c64-9d113b096caf
https://www.courant.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.courant.com/e396f28e-5498-4a3f-9c64-9d113b096caf
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-8.ord56.r.cloudfront.net
Software
/
Resource Hash
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57

Request headers

Accept
application/json
Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Jan 2024 20:41:42 GMT
via
1.1 27a82dace35c369a5ab6e8776d8aca48.cloudfront.net (CloudFront), 1.1 0142d305b3e474a9b94430d2414bf1b2.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4, ORD56-P9
age
79669
x-amzn-requestid
3025dfb6-66da-4ad2-8f75-b04a109f38f9
x-amzn-trace-id
Root=1-659daf86-63f30e564ef72aca4bcc643d;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RShdBHisDoEEFMw=
content-length
30
x-amz-cf-id
JxJ9k5gox5_fLevpTeXkkxtisY3B9N3xULaHPfqdMbmkSJRKTfoUvw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-8.ord56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.courant.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 10 Jan 2024 18:49:31 GMT
via
1.1 aae20db21c50ea4a322cf21a1aa201b4.cloudfront.net (CloudFront), 1.1 0142d305b3e474a9b94430d2414bf1b2.cloudfront.net (CloudFront)
x-amz-apigw-id
RVj9ZHSlDoEEETg=
x-amz-cf-id
1g91NkcAhBVKM-XZBED6a5XnNQXEWY1bGFKxqUdFVG28dgqAa7FOzQ==
x-amz-cf-pop
ORD56-P6 ORD56-P9
x-amzn-requestid
3e1ab744-428b-40e7-8ffb-12fd344b6f4e
x-cache
Miss from cloudfront
.js
dyv1bugovvq1g.cloudfront.net/3/www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/ 		1 KB
903 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/3/www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/.js
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24bd:ca00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3487c295cefd526561b2ffe3615c5056d74210cf1f18218ea4bf6855005a0d45

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:32 GMT
content-encoding
gzip
via
1.1 9a578030b9eecb34c8e4677bc01587c4.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
272
x-amz-expiration
expiry-date="Mon, 11 Mar 2024 00:00:00 GMT", rule-id="cleanup"
last-modified
Wed, 10 Jan 2024 18:43:17 GMT
server
AmazonS3
etag
"1f21490b93fe3ab9d443bc83e7978e47"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.courant.com
cache-control
max-age=300
access-control-allow-credentials
true
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
bLYTiXNlLdcsBpNrO3svk-eR1zvamchzHHaXnlduWiTaLhbZpuMlOw==
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=948305
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e6c67baceef07100c041e7e2ec5caae82d97c5d395b71e5f1140d6d13052602

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EH4uCoABCaFzzAK9%2FEGjzQ7nhSAgnyv6mGRo9jjDGbPnJaupRMrxP6UP03r%2FYtSMMzx53E2il%2FM1vgM1is5hJm7hh9eBFPDZykui3ZJyBZsm%2BNzopbkUgX2CaDBEYGAgI3%2FtxVnP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
843719b4ad2136a5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		494 B
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7476&site_id=471192&zone_id=2792638&size_id=43&alt_size_ids=44&us_privacy=1---&rf=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&kw=CTnews%2Clocalnews%2Cbreakingnews%2Ccrime%2Ccourt%2Cchildpornography%2Csentencing%2Cfederalprison%2Cprison%2CHartfordCourant%2CNorthBranford%2CConnecticutnews&tg_i.domain=courant.com&tg_i.page=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&tg_i.pbadslot=%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Fsponsorship_1%231&tk_flint=pbjs_lite_v8.24.0&x_source.tid=b242b64f-bca5-4100-8a21-54e0794de414&l_pb_bid_id=675ae931efba39&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e25f5309-917d-41dd-a944-c6969a5c809f&rp_maxbids=1&p_gpid=%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Fsponsorship_1%231&m_ch_mobile=%3F0&slots=1&rand=0.0716556787158944
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
52e61f42ac0b39dbe4f76c932de0bd91e1a0452403128c402694c789680a003f

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
494
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		498 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7476&site_id=471192&zone_id=2792646&size_id=2&alt_size_ids=55%2C57&us_privacy=1---&rf=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&kw=CTnews%2Clocalnews%2Cbreakingnews%2Ccrime%2Ccourt%2Cchildpornography%2Csentencing%2Cfederalprison%2Cprison%2CHartfordCourant%2CNorthBranford%2CConnecticutnews&tg_i.domain=courant.com&tg_i.page=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&tg_i.pbadslot=%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Ftop_leaderboard%231&tk_flint=pbjs_lite_v8.24.0&x_source.tid=b242b64f-bca5-4100-8a21-54e0794de414&l_pb_bid_id=7c4389e40e0ecb&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=26c234ba-abbb-48c2-92c5-b483f311e41c&rp_maxbids=1&p_gpid=%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Ftop_leaderboard%231&m_ch_mobile=%3F0&slots=1&rand=0.11134417445860167
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a9a368704e49925fbc2638781948983006a4a98e14344539d3b3df3cf9b34778

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
498
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		498 B
532 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7476&site_id=471192&zone_id=2792624&size_id=15&alt_size_ids=9%2C10%2C54&us_privacy=1---&rf=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&kw=CTnews%2Clocalnews%2Cbreakingnews%2Ccrime%2Ccourt%2Cchildpornography%2Csentencing%2Cfederalprison%2Cprison%2CHartfordCourant%2CNorthBranford%2CConnecticutnews&tg_i.domain=courant.com&tg_i.page=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&tg_i.pbadslot=%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Fcube1_rrail_atf%231&tk_flint=pbjs_lite_v8.24.0&x_source.tid=b242b64f-bca5-4100-8a21-54e0794de414&l_pb_bid_id=8c88608f220baa&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=bf517f59-6e5f-48e1-85d6-d5689cf05a31&rp_maxbids=1&p_gpid=%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Fcube1_rrail_atf%231&m_ch_mobile=%3F0&slots=1&rand=0.08139599583105062
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
95939450f8c567ef60c00c6f817a675884ba6a9b03d6721c5af3f91d3023dbab

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
498
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb-multi
hb.yellowblue.io/ 		83 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.212.108.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-108-213.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
d3f9c1b18692ba66a5a1a0a1b5bbf55b2fcee53f016f7d23662ee4688c7c5837

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.courant.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
83
prebid
ads.yieldmo.com/exchange/ 		0
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.24.0&p=%5B%7B%22placement_id%22%3A%22htlad-1-gpt%22%2C%22callback_id%22%3A%22148f6eeeeb3be89%22%2C%22sizes%22%3A%5B%5B300%2C50%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%223261757594603036961%22%2C%22gpid%22%3A%22%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Fsponsorship_1%231%22%2C%22tid%22%3A%22e25f5309-917d-41dd-a944-c6969a5c809f%22%2C%22auctionId%22%3A%22b242b64f-bca5-4100-8a21-54e0794de414%22%7D%2C%7B%22placement_id%22%3A%22htlad-3-gpt%22%2C%22callback_id%22%3A%2215d6e825947b479%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%223261757596247204141%22%2C%22gpid%22%3A%22%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Ftop_leaderboard%231%22%2C%22tid%22%3A%2226c234ba-abbb-48c2-92c5-b483f311e41c%22%2C%22auctionId%22%3A%22b242b64f-bca5-4100-8a21-54e0794de414%22%7D%2C%7B%22placement_id%22%3A%22htlad-6-gpt%22%2C%22callback_id%22%3A%2216378396dc0ae2a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C1050%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%223261757591843184909%22%2C%22gpid%22%3A%22%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Fcube1_rrail_atf%231%22%2C%22tid%22%3A%22bf517f59-6e5f-48e1-85d6-d5689cf05a31%22%2C%22auctionId%22%3A%22b242b64f-bca5-4100-8a21-54e0794de414%22%7D%5D&page_url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&bust=1704912571578&dnt=false&description=A%20North%20Branford%20man%20has%20been%20sentenced%20to%20seven%20years%20in%20federal%20prison%20for%20downloading%20thousands%20of%20videos%20and%20photos%20of%20children%20and%20babies%20being%20sexually%20abused.&tmax=2000&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&w=1600&h=1200
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.14.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-14-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.courant.com
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:31 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
cdb
bidder.criteo.com/ 		0
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.24.0&cb=53470164569&lsavail=1
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.courant.com
date
Wed, 10 Jan 2024 18:49:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
tribune
direct.adsrvr.org/bid/bidder/ 		0
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/tribune
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
prebid
krk2.kargo.com/api/v1/ 		2 B
466 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.224.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-224-83.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:31 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
prebid
ib.adnxs.com/ut/v3/ 		360 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
03345267fab315487d8a669ae6c3640a4a5e5a3c5ec941cc3d2a9ea227d00d14
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:31 GMT
an-x-request-uuid
527c3e67-f543-4739-b6b1-4ef2f756e619
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.courant.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.36; 96.9.249.36; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
360
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
820 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.24.0&referrer=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&tmax=2000&us_privacy=1---
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.220.199.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-199-186.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:31 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status
29
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
3503
config.aps.amazon-adsystem.com/configs/ 		532 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3503
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-66.ord56.r.cloudfront.net
Software
CloudFront /
Resource Hash
d9e057fabfeefd905697e28192598d51e244a2f91caa08593ff51d120628c108

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:34:36 GMT
via
1.1 f919f2fc60dfd64e98d071f7bb195aee.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ORD56-P9
age
895
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
IybRcWZfKVdd5ZkAtBOSCCIqLU674sfSJqm1v-kIi44vy6wIUBg2zg==
config
c.amazon-adsystem.com/cdn/prod/ 		925 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3503&u=https%3A%2F%2Fwww.courant.com
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.166.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-166-127.ord58.r.cloudfront.net
Software
Server /
Resource Hash
780c6bbb6af26bfd0e7fe7d36eab7dd6cfe905656061f72763a54719834afef0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 15:45:19 GMT
via
1.1 0835ebd52ef8594cd8aa4dac9cfbd9a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ORD58-P1
age
11052
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.courant.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
925
x-amz-cf-id
o0HBFHW8qSBMEWTNG7FMhM_LLIGe_d4dnNJOZUBwRBhhd9kIzT5koA==
bid
aax.amazon-adsystem.com/e/dtb/ 		274 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3503&u=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&pid=HJFSIbnmeGfnm&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22300x50%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Fsponsorship_1%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22htlad-3-gpt%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Ftop_leaderboard%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22htlad-6-gpt%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Fcube1_rrail_atf%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-&gpp_sid=%5B6%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%223392eaf9-0376-47d5-83ab-8a2ea3815153%22%2C%22audigent%22%3A%22060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm6g4ko6gywigwiew6kwomy%22%7D%7D
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.128.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-128-118.ord56.r.cloudfront.net
Software
Server /
Resource Hash
ee60cc71705bd448308bef6967e0ff1ee9ff7f7ed33bb10be2b8c2f324f1651b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 07a4b037827865f8b4d5ae6c04d96b4e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ORD56-P6
x-amz-rid
RC1KNJYFAPJA7QHKPM8F
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.courant.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
274
x-amz-cf-id
7KNMNrfnoQTik5iGqAAD56dqlncXEW3bYQRLRfXyXyJ5Vp6OBVYAFQ==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-83.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 10:33:57 GMT
content-encoding
gzip
via
1.1 72fcd81c14e3eb0facf41fedad65e9e4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P1
age
29735
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
CUVAiHIu-xqZpQBAuQcfB42LHU_-cyTc1RwmIn6rKn456M5Q3PFp9w==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:32 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
66593e35387a2630df1792ed35c3878b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 19:37:10 GMT
content-encoding
gzip
age
2070741
x-guploader-uploadid
ABPtcPpk6oDx036tAyFrM6ODF6Dc7iDzxD5hnGhczM6YT3qls-8dFKPmCVbIOdtNGD5WNWEF4bzJSgzKAWV_jGhyW52PFQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 16 Dec 2024 19:37:10 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
600248
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
843719b50d6836a7-YYZ
expires
Sat, 13 Jan 2024 18:49:31 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
9bec4810857c8523bd1c6966212260eabb19826bb94394bb19856f7dd92b1c32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 04 Jan 2024 12:38:38 GMT
server
nginx
etag
W/"6596a6ce-a9b8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 Jan 2024 18:49:31 GMT
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D3%26bt%3Dnull
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.239.232.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-239-232-53.compute-1.amazonaws.com
Software
/
Resource Hash
b679d317e3ae5451eb2daf9443baec7388527417985cd724fa3c228f88a5af2c

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Wed, 10 Jan 2024 18:49:31 GMT
connection
keep-alive
x-amzn-RequestId
faa68f27-cf98-544c-9c47-d13f276346a4
Content-Length
378
Content-Type
text/xml
card-interference-detector.20240110-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20240110-5-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9f77905a277874aa71ba7148c88f9ae1e7b26f8aa6632cfa5d0145670f78217

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
XRkuyRPPY6VYadVey8JbYYD7y3riAXes
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:31 GMT
x-amz-request-id
X8R8CRPQW46HQVWZ
age
29916
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2179
x-amz-id-2
ClmHJuO4V2YkAmTCCtCE97DzoBkAVewtyHt9iOO+gaJl8fpW0xdrbRz6Hbe+bHodSsWXoxKXlqw=
x-served-by
cache-yyz4545-YYZ
last-modified
Wed, 10 Jan 2024 10:29:14 GMT
server
AmazonS3
x-timer
S1704912572.717983,VS0,VE0
etag
"335651b87ffbc51b31be0a2b47921434"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
45
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4448
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
407380
expires
60
json
trc.taboola.com/tribunedigital-thecourant/trc/3/ 		101 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/tribunedigital-thecourant/trc/3/json?tim=08%3A49%3A31.719&lti=deflated&data=%7B%22id%22%3A567%2C%22ii%22%3A%22%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1704885426087%2C%22vi%22%3A1704912571713%2C%22cv%22%3A%2220240110-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A0%2C%22ga%22%3Afalse%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F%22%2C%22vpi%22%3A%22%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A4000%2C%22dh%22%3A4601%2C%22nsid%22%3A%22tribunedigital-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2759.796875%2C%22mw%22%3A954.875%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A786.375%2C%22mw%22%3A304.953125%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Dtribunedigital-network%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ae00807b9321a00cee98b48bc1158b36adc499781eb7c53c091c1264a8d645

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
688
date
Wed, 10 Jan 2024 18:49:32 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.488125
x-fastly-to-nlb-rtt
14892
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4545-YYZ
x-log-content-encoding
gzip
server
nginx
x-timer
S1704912572.744841,VS0,VE688
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.courant.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-29-146.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 10 Jan 2024 19:04:31 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		113 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
FPKVXHKK6PS05GEB
age
1343
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
843719b5eaa44bd5-BUF
x-amz-id-2
alIa9OIJKxeEOeFr0rREGsyn3fTT85NhF1L9ygj38iHUeWLp3bzmORRA1OIKOo0KdgwZC6bnxp4=
trk.gif
jadserve.postrelease.com/ 		43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=3831454&ntv_pl=1202563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.105.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-105-65.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:31 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=926961f6-e38e-4669-a9ad-e18903ff9bb9&ntv_fl=OYjWkQbha6kxfmgvUk5jdLCNuydbdnZEzcyB3BBW7tlIl4hQymDls5MKcZqIk-dV-JKak5ewq8CYsaUWqu_9zUqOW9On7X6Z5JUcMv5Y_xKVgIzFHkMmWWFezlyMuyFWdMypAmBc0K-lLs1LlCRH0EE1IBkXZLkQzeKbWDrxEnGkM4S8jpERpi15peE7fS3_L8qWsry7Gnezh8zeQwQFrA14CNzINQi6jOs85PQwxEunDld3qCepoUYg5GYMhPVL81IBMjvwrd624g5CX75r2C5ZCAIIKqOsPjkIoQGASIVQaTEGjkiDMnl96mAxb_Z-GMEMb7FqVUMyXTkXlMuqQIAxdTtrJmr-nrKldTZWjDA=&ntv_ht=u-aeZQA&ntv_at=303,302&ntv_a=AAAAAAAAAAg1kSA&ord=1704912571748&ntv_it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.105.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-105-65.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:31 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=742115fb-5efa-443e-a667-98cee180beb5&ntv_fl=8tGhHBn760z9TxIQwlsgBf0xD-VIH0tuo93a-pu98Km1neIZd75im7cvlnWN6c5RTdb9TjvbTqho36HN7RPwfZ8ZdXmCLXQ3rLxA4JuQEnm37hZPz_h428r97cXirTD3m5g4Ui0trbOAo5jOhd4fqy7Qsvl4AZwLsmId8KYhT1RIGOLGWsADKf2uxLFkVNvegqvUmYHhhw-RUpfArja1CVjEBxULYqnYbGbfd4uNjg6U7rvNUd0zJrCaiulX2ExsKcxUBIHvfmYHoTheZdxxq2u35ycpWHUOSj_UY3V6QlQ5sl1zDFaTJnrT5Sas2GlkhH19Nnb8nmzi8mjm0D9PvF_8IEh-zEdUOJyX7v1HWm8=&ntv_ht=u-aeZQA&ntv_at=303&ntv_a=AAAAAAAAAAhVkSA&ord=1704912571751&ntv_it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.105.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-105-65.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:31 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=742115fb-5efa-443e-a667-98cee180beb5&ntv_fl=8tGhHBn760z9TxIQwlsgBf0xD-VIH0tuo93a-pu98Km1neIZd75im7cvlnWN6c5RTdb9TjvbTqho36HN7RPwfZ8ZdXmCLXQ3rLxA4JuQEnm37hZPz_h428r97cXirTD3m5g4Ui0trbOAo5jOhd4fqy7Qsvl4AZwLsmId8KYhT1RIGOLGWsADKf2uxLFkVNvegqvUmYHhhw-RUpfArja1CVjEBxULYqnYbGbfd4uNjg6U7rvNUd0zJrCaiulX2ExsKcxUBIHvfmYHoTheZdxxq2u35ycpWHUOSj_UY3V6QlQ5sl1zDFaTJnrT5Sas2GlkhH19Nnb8nmzi8mjm0D9PvF_8IEh-zEdUOJyX7v1HWm8=&ntv_ht=u-aeZQA&ntv_at=323&ntv_a=AAAAAAAAAAhVkSA&ntv_jtr=4&ntv_it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.105.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-105-65.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:31 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
load.js
pm-widget.taboola.com/tribunedigital-network/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/tribunedigital-network/load.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a67fe1e3752a0a0fa3db75543bb7eaa6acc2e9627f903967e93225e205eb987

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
vF2T8aSXjRlxqWyMzT2Z0V0wy42_Z.Xk
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:31 GMT
x-amz-request-id
FRWHPKXR2YWG5R1X
age
3448
x-cache
HIT
content-length
1509
x-amz-id-2
p6LrkZI5I7aXepRp39X9tZKqfGtbqZjbsJB9Ymf/7wu79o0yn2jtYpTfZcsJzh33kc1S1hI53zc=
x-served-by
cache-yyz4545-YYZ
last-modified
Thu, 28 Sep 2023 13:46:10 GMT
server
AmazonS3
x-timer
S1704912572.770223,VS0,VE1
etag
"b70dde6d8e1125cd827915529558b476"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
esp
oajs.openx.net/ 		85 B
316 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&rid=esp
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
a914258132c8bf91a9d82195d7886607de62f68149e09a739cad27d7584cb275

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:31 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-HTTPMd/u6fkY/ldCPuUqyXAsmp8"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.courant.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
envelope
lexicon.33across.com/v1/ 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=esp&ver=1.3.0&gpp=DBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 10 Jan 2024 18:49:30 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pmk-20220605.30.js
pm-widget.taboola.com/tribunedigital-network/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/tribunedigital-network/pmk-20220605.30.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9f892139e697bb9ea1db18fdec0a6ec24e17e388e833963adfcc783bb110d4f

Request headers

Referer
https://www.courant.com/
Origin
https://www.courant.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
iBWJKgsdDrDzTdDwSqgLFpn6ZkEF0wrY
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:31 GMT
x-amz-request-id
WD3T9Z2AS0PM24TR
age
117484
x-cache
HIT
content-length
28809
x-amz-id-2
sJ7NfolTJqYyvB286CWeu1lGYQOfcmfLYBeLDHl8SYe50xo/EeNkncIQkanI4Q3mYcS7+fzVazg=
x-served-by
cache-yyz4553-YYZ
last-modified
Thu, 28 Sep 2023 13:46:09 GMT
server
AmazonS3
x-timer
S1704912572.855200,VS0,VE0
etag
"47dd4e4fdd87733a0f1a1e1b829ed2a4"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
3
map
bcp.crwdcntrl.net/6/ 		156 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.169.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-169-119.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9abacaa4fff6052a41a9e5ca2093c6c49127b41da73ea74b6ee2709b16f0d87d

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.courant.com
cache-control
no-cache
x-server
10.40.48.101
access-control-allow-credentials
true
content-length
156
expires
0
pd
google-bidout-d.openx.net/w/1.0/ Frame A169 		725 B
757 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
55266120f7e57670e6a3b9be9a3e87a044aa72332d658f714704b5ebbbf6e8b2

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
454
content-type
text/html
date
Wed, 10 Jan 2024 18:49:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
1a563dd5-c84d-e0f8-fdb3-82c8fb0f3635
pr-bh.ybp.yahoo.com/sync/openx/ Frame A169 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/1a563dd5-c84d-e0f8-fdb3-82c8fb0f3635?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:8d75:79f2:fdf1:69ff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame A169
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=d64727ec-444b-c94b-0c6a-16aa6c6b309c
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=d64727ec-444b-c94b-0c6a-16aa6c6b309c&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=d64727ec-444b-c94b-0c6a-16aa6c6b309c&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
49HAPJNY052VMZZEP4GH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J6KT0NP8C27PMHPRK2Z8
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=d64727ec-444b-c94b-0c6a-16aa6c6b309c&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A169
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=8e915b91-58e1-72b1-cc64-943d0458fb7c&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e59d3934-868a-4c3e-9652-c62263f9455b&ttd_puid=8e915b91-58e1-72b1-cc64-943d0458fb7c&gdpr=0&gdpr_consent=
43 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e59d3934-868a-4c3e-9652-c62263f9455b&ttd_puid=8e915b91-58e1-72b1-cc64-943d0458fb7c&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e59d3934-868a-4c3e-9652-c62263f9455b&ttd_puid=8e915b91-58e1-72b1-cc64-943d0458fb7c&gdpr=0&gdpr_consent=
date
Wed, 10 Jan 2024 18:49:32 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame A169 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTJmZTg4NWItOTE5Ni0yYzE1LWQ5ODQtY2U4NGNlYmEzNTFj
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A169
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJRzzP7lD7cZJm9bU-N-yZA&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJRzzP7lD7cZJm9bU-N-yZA&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJRzzP7lD7cZJm9bU-N-yZA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ats.js
ats-wrapper.privacymanager.io/ats-modules/ef418cbd-4cde-4f15-b109-09a2e2f0c985/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/ef418cbd-4cde-4f15-b109-09a2e2f0c985/ats.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.85.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-85-71.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a279f09619c0564f394333bad7eed4ff0bcb434c0c90a78360ae4c340a194c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
D8pYJxK9ICH1ql2ed_BjBaKBtVgM3GKl
content-encoding
gzip
via
1.1 9fdb94d31cea383ee9cfa1b9714dc610.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 18:37:01 GMT
last-modified
Thu, 14 Dec 2023 12:29:22 GMT
server
AmazonS3
x-amz-cf-pop
ORD52-C1
age
752
x-amz-server-side-encryption
AES256
etag
W/"cd9700b7d0425879cee234202873253b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
2FK09JShIKxvsYgVDhHOnrPu2I_mK_WyV-yS8WJI82BNGBtP4_Xtjg==
encrypt
esp.rtbhouse.com/ 		241 B
514 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
8372b3929cd4032b0c46dae9aa05358bc4718a4759f1ad370878ec86e6d5d694

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:32 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
f00b7781598245edc03893b04d461273
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
241
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ads
securepubads.g.doubleclick.net/gampad/ 		124 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1915419649376422&correlator=1603804313654872&eid=31080295%2C31080299&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&us_privacy=1---&iu_parts=4011%2Ccourant.com%2Cnews%2Cconnecticut-news%2Csponsorship_1%2Cinterstitial%2Ctop_leaderboard%2Coutstream_video%2Ccube1_rrail_atf&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6%2C%2F0%2F1%2F2%2F3%2F7%2C%2F0%2F1%2F2%2F3%2F8&prev_iu_szs=300x50%7C320x50%2C1x1%2C728x90%7C970x90%7C970x250%2C480x360%2C300x250%7C300x600%7C300x1050%7C160x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704912572151&lmt=1704912572&adxs=3085%2C1360%2C1636%2C1597%2C2338&adys=79%2C209%2C335%2C2552%2C706&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&tos=~~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&vis=1&psz=300x0%7C1x0%7C728x0%7C711x0%7C304x0&msz=300x0%7C1x0%7C728x0%7C711x0%7C304x0&fws=3076%2C1028%2C3076%2C1028%2C3076&ohw=1254%2C1%2C1280%2C711%2C304&ga_vid=221492105.1704912568&ga_sid=1704912572&ga_hid=459813501&ga_fc=true&ga_cid=674424301.1704912568&a3p=EhsKDDMzYWNyb3NzLmNvbRi1m9WlzzFIAFICCG8SGgoNY3J3ZGNudHJsLm5ldBIAGMSc1aXPMUgAEhcKCHJ0YmhvdXNlGJCa1aXPMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lXRlF4YTNsUVJtMVVWV0ZYYzJ4NlZsbElMMGxuVVQwOUluMD0YkJzVpc8xSAASHQoOZXNwLmNyaXRlby5jb20YkZrVpc8xSABSAghk&dlt=1704912565835&idt=5680&prev_scp=pos%3DSponsorship_1%26optimera%3DZ%252CC7%252CC0%252CDE%7Cpos%3Dinterstitial%7Cpos%3Dtop_leaderboard%26optimera%3DZ%252CD4%252CE1%252CDE%7Cpos%3DOutstream_Video%7Cpos%3DCube1_RRail_ATF%26optimera%3DZ%252CH6%252CA6%252CB3%252CDE&cust_params=htlbidid%3D27497%26is_testing%3Dno%26kv%3Dconnecticut-news%252Cnews%252Cbreaking-news%252Cchild-pornography%252Cconnecticut-news%252Ccourt%252Ccrime%252Cct-news%252Cfederal-prison%252Chartford-courant%252Clocal-news%252Cnorth-branford%252Cprison%252Csentencing%252Ctaylor-hartz%252Cconnecticut%252Cnew-haven-county%252Cnorth-branford%26page%3Darticle%26content%3D%26RPN%3D415850526041%26rurl%3D%26articleid%3D6274276&adks=218008034%2C1912517975%2C3210662930%2C4242141643%2C1753997600&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6601b206acdccacd3067e7669616dfa30fe6b2d8f484944093919599f9c8fd96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26090
x-xss-protection
0
google-lineitem-id
5847203966,6235393151,5847205580,6235380917,5846630101
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373196699,138424071846,138373181732,138424018697,138373196948
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401030101&st=env
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd7afa97f171703623b8c274a3158c96d0f5bd8028956ba1eab5a592b2a1776d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12405
x-xss-protection
0
container.html
83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5495 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 18:49:32 GMT
expires
Thu, 09 Jan 2025 18:49:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iu3
s.amazon-adsystem.com/ Frame 6F50 		403 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5366d088e0529050c113aed3e87d4b81f1b894afec96efb88b0fcf4bfbbd85e2
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
403
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 10 Jan 2024 18:49:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
64FB4KXBHBJ5TQHT5DKB
183
p030.courant.com/DG/DEFAULT/rest/rpc/ 		185 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p030.courant.com/DG/DEFAULT/rest/rpc/183?referer=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&bcsessionid=d5d42d49-ce66-4d62-b0d4-f2fa3d1bb44f&bctempid=d5d42d49-ce66-4d62-b0d4-f2fa3d1bb44f&overruleReferrer=&time=2024-01-10T08%3A49%3A32-10%3A00&ts=1704912572260
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-56.ord56.r.cloudfront.net
Software
- /
Resource Hash
0e23a02ec53cec92a2d5d0f19591674dbb26d74dec30f7f512a3cfe094a98e6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 14e9a88a1a4a0e2e4fc6d487bbbfc7f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
ORD56-P9
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
Iy2Sh7OTHixM6-LM23e4fIA9Pi0LoUaLeTZUfYpxekCijmE7liO-Yw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/ef418cbd-4cde-4f15-b109-09a2e2f0c985/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.174.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-174-8.ord56.r.cloudfront.net
Software
/
Resource Hash
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 20:41:42 GMT
via
1.1 27a82dace35c369a5ab6e8776d8aca48.cloudfront.net (CloudFront), 1.1 0142d305b3e474a9b94430d2414bf1b2.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4, ORD56-P9
age
79670
x-amzn-requestid
3025dfb6-66da-4ad2-8f75-b04a109f38f9
x-amzn-trace-id
Root=1-659daf86-63f30e564ef72aca4bcc643d;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RShdBHisDoEEFMw=
content-length
30
x-amz-cf-id
6RWYqa4M5Is_AFAhDj5c-1gaEtzQNmvNRSjn9GIdE45CIWqnX1yr0g==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
views
prod-dfm-proxy-connext.azurewebsites.net/api/ 		90 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=d31f947a5a356281c3dc72cb52881a68&ConfigCode=600CONFIG&SiteCode=TRIBUNE&SettingsKey=600
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/dfm/t8y9347t.min.js?2024010
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9

Request headers

source-system
Plugin
site-code
TRIBUNE
autoqa
false
accept-language
en-US,en;q=0.9
settingskey
600
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE3NzY5MTI1Njh9.q2RXsLHw4LeH_rpLoZicu8eHGL009VwSOkMrAyVXAlg
ssid
350e504c1c02abe03b3d293e55ddb373
environment
prod
config-code
600CONFIG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json
access-control-allow-origin
*
accept
application/json
attr
600
location
System
Referer
https://www.courant.com/
version
Version: 2.8.6.1

Response headers

Expires
-1
Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:32 GMT
Content-Encoding
gzip
X-Server-Time
1/10/2024 6:49:32 PM
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Request-Context
appId=cid-v1:94ae5057-927d-4045-bf63-1b3776adbf9e
views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=d31f947a5a356281c3dc72cb52881a68&ConfigCode=600CONFIG&SiteCode=TRIBUNE&SettingsKey=600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method
GET
Origin
https://www.courant.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin
*
Content-Length
0
Date
Wed, 10 Jan 2024 18:49:32 GMT
X-Powered-By
ASP.NET
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 18:49:32 GMT
pr
s.amazon-adsystem.com/v3/ Frame 139E 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
90a9938b5a68884921034666da1d361080ff707ee0a6a8b1d70fafddc1a989b9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
4445
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 10 Jan 2024 18:49:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
AEETYMSNY0JD2SMKDXK5
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0BB7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
54391
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 03:43:01 GMT
expires
Thu, 09 Jan 2025 03:43:01 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CE8F 		829 B
983 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
52182d794d15f75107a4cf597de66fc79a2cb17687894529ed08690c04b8284c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wTw0Ix8x4GaX9e5YoHOP4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wTw0Ix8x4GaX9e5YoHOP4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 18:49:32 GMT
expires
Wed, 10 Jan 2024 18:49:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ecm3
s.amazon-adsystem.com/ Frame 139E
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=d7b6ceef-32a6-4550-85eb-960683662294
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=d7b6ceef-32a6-4550-85eb-960683662294
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
11E358GP11ZY67VF95JZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=d7b6ceef-32a6-4550-85eb-960683662294
Date
Wed, 10 Jan 2024 18:49:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 139E
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3479141726634070000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3479141726634070000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
72R81XGFPVN8WC3C93TG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:32 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3479141726634070000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Wed, 10 Jan 2024 18:49:32 GMT
ecm3
s.amazon-adsystem.com/ Frame 139E
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=580acb6756
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=580acb6756
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q3WHPS71R07GADNSEWC8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 10 Jan 2024 18:48:55 GMT
via
1.1 6aac9e8aea673b39a9a45a690aa06e62.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ORD53-C2
age
37
x-cache
Hit from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=580acb6756
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
HlZjcDnqTqARAAJSDrgP-HoYwRqLD8EtKHxoMVff_gDF0u980K0drw==
/
onetag-sys.com/match/ Frame 139E 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
amzns2s
rtb.gumgum.com/usync/ Frame BDDA 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.253.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-253-159.compute-1.amazonaws.com
Software
nginx /
Resource Hash
81c26e14d1dacf07fd903fd0eba5301fd52742c82599b01c03186d613568f1c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 10 Jan 2024 18:49:32 GMT
etag
W/"000f623271f340b82362e1091d0d2679a"
server
nginx
timing-allow-origin
*
cm
u.openx.net/w/1.0/ Frame 9088 		867 B
546 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
bc7e4884872b2c9125acbab25a32fc8fe44309174f4e40fc57345f634e790e3c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
527
content-type
text/html
date
Wed, 10 Jan 2024 18:49:32 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame B3E9
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6633317921081862514&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6633317921081862514&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 10 Jan 2024 18:49:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1JR507BM21TZSK1C7S5Y

Redirect headers

content-length
0
date
Wed, 10 Jan 2024 18:49:31 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6633317921081862514&gdpr=0&gdpr_consent=
usersync.html
cdn.undertone.com/js/ Frame F979 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:204d:d200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07378cb9079fe865c12da0f27effd6163adae9ce1ef5e177a527e35b9f093b12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
32858
content-encoding
gzip
content-type
text/html
date
Wed, 10 Jan 2024 09:42:35 GMT
etag
W/"c0ad5bceb34dc473809dd23603a31cec"
last-modified
Wed, 13 Dec 2023 14:37:07 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2dd6e4e67236c3654352bfc1a3f2920a.cloudfront.net (CloudFront)
x-amz-cf-id
dItxPKJEIg3azVXhsYiHdIfmpYAqDEF3Jc1gD5ECJDv9b0a_dbWtgQ==
x-amz-cf-pop
ORD52-C3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
FpPUYNzys4ObbGRuHL8tOpxgUSayXD44
x-cache
Hit from cloudfront
/
match.sharethrough.com/jwumXNuB/v1/ Frame A17F 		900 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.62.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-62-160.compute-1.amazonaws.com
Software
/
Resource Hash
2fb3dda374e0197636f49796340538033da845369ff9b3161b105f075d702ad5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
900
date
Wed, 10 Jan 2024 18:49:32 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C580 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.109.13 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-109-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43670
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 10 Jan 2024 18:49:32 GMT
expires
Thu, 11 Jan 2024 06:57:22 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 04FC 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.66.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-66-82.compute-1.amazonaws.com
Software
/
Resource Hash
0b1e5547c87f1110c16ba9c64bf89b8cc34ddf1ec20f2e549ea7db8c48565fb9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 10 Jan 2024 18:49:32 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 41B3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Jan 2024 18:49:32 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame A9E0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wb0dtcWtCRTJ1THVmVjVmalFGQl9IRmJpejdIOHRtOH5B&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wb0dtcWtCRTJ1THVmVjVmalFGQl9IRmJpejdIOHRtOH5B&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 10 Jan 2024 18:49:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1DTVRZZMADB2R8DRWBED

Redirect headers

age
0
content-length
0
date
Wed, 10 Jan 2024 18:49:32 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wb0dtcWtCRTJ1THVmVjVmalFGQl9IRmJpejdIOHRtOH5B&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
dinitsync
crb.kargo.com/api/v1/ Frame 6219 		196 B
529 B 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/dinitsync?partners=A9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.34.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-34-250.compute-1.amazonaws.com
Software
/
Resource Hash
6dd0b215548237e7eb534e9864e92f2fd663872540d0239a964632e9b5a5320b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-encoding
gzip
content-length
184
content-type
text/html; charset=UTF-8
date
Wed, 10 Jan 2024 18:49:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
vary
Origin
x-accel-expires
0
ecm3
s.amazon-adsystem.com/ Frame 50FF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=2840245782802064973&ex=appnexus.com&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=2840245782802064973&ex=appnexus.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 10 Jan 2024 18:49:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
F1CQ1NES2F20TA5ZNMPF

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
9aa36cee-b4bd-44bc-8fac-479f0b5972c9
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 10 Jan 2024 18:49:32 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=2840245782802064973&ex=appnexus.com&gdpr=0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.36; 96.9.249.36; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame 4CD1
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
4e009335c5bfbd3d8ac854d6d92c2a527abc5c5135195ee8058af2608415c673

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
485
Content-Type
text/html
Date
Wed, 10 Jan 2024 18:49:32 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap3dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Wed, 10 Jan 2024 18:49:32 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3dca1
sync-iframe
cs-server-s2s.yellowblue.io/ Frame F4F1 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
1b520193b57823da77ff57fe4dae5e17bbd7f147e4c52fb876f94691b9fcbf65

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-type
text/html
date
Wed, 10 Jan 2024 18:49:32 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
ecm3
s.amazon-adsystem.com/ Frame E5BF
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4121083549846426384162
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4121083549846426384162
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 10 Jan 2024 18:49:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
E815BMG7WD9WWBWS1NVE

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 10 Jan 2024 18:49:32 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4121083549846426384162
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
userx.20240110-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20240110-5-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b1be43951bab8e2e558a816a04d0279b3631cc5645604e5383787c880297031

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
7sKmDK1SKhQro0r8lT0NMMJsq7ybjm3N
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:32 GMT
x-amz-request-id
HV8MCA0D9E1J2C96
age
29992
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5539
x-amz-id-2
UtZ1VsQAUNjP39CSmbteDzpqzQM5J3KaDAhv28GkRyliUi63Y3t7uJvCmy49mfAIDSIpx58jQDE=
x-served-by
cache-yyz4545-YYZ
last-modified
Wed, 10 Jan 2024 10:28:12 GMT
server
AmazonS3
x-timer
S1704912573.531609,VS0,VE0
etag
"d0ddf3b91ea57ce49dff082abe19593b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
41
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
7575
distance-from-article.20240110-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20240110-5-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d07da29fdb2f8cfe16f01172705fc3c4031d805a55f694079dd9157670e7646

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
knrlLqEpnmKkF1z5WQPFw.luFOyJSgjy
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:32 GMT
x-amz-request-id
HDDXBGQ1F2C9K21V
age
29985
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1132
x-amz-id-2
ZFHP3ivv08jgxW+wdIpmDG1K+NwwThi1MvxrV8+/eknD4lrK1Lwv57XEDX75SD85IFqsuya6X2c=
x-served-by
cache-yyz4545-YYZ
last-modified
Wed, 10 Jan 2024 10:29:08 GMT
server
AmazonS3
x-timer
S1704912573.534497,VS0,VE0
etag
"470ec2759592a6f617f61292d3d4b9a8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
20
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
21464
article-detection.20240110-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20240110-5-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fcf6a7a615492516668f62f952e53ecec812ef6b71f21c039d9c28e7f6113d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
_D5GYe5dYTW4xm7pqY3X7liR4qtc3XSF
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:32 GMT
x-amz-request-id
HDDHGQE5J6ZSCZA5
age
29985
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1291
x-amz-id-2
MfZ/1ejadhGPWtfMGaEz3e7EX8RKxuCZeviDPKqDbcSi3cZryrm7Rg0ca5JJMRwINJHbILxxP6w=
x-served-by
cache-yyz4545-YYZ
last-modified
Wed, 10 Jan 2024 10:29:21 GMT
server
AmazonS3
x-timer
S1704912573.536803,VS0,VE0
etag
"8bea55ef5f013191bea50f4db3cd7614"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
99
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
21515
feed-card-placeholder.20240110-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20240110-5-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2d92ad1421f32593d627928ff12252b2ee4e1ba93b22667286e3f73c0a963bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
G6PyWgwqimiey6VYY6XgEkA6arfrcX1q
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:32 GMT
x-amz-request-id
PGV3EYQDQQYT1ACP
age
30024
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
FW3Yv74YeKKC9QQPnXIsvvZsGf/04t3J0pcywjnbwm3jqjoV7yOZnadmmk+4Lo8J7VX8aK3DJQ4=
x-served-by
cache-yyz4545-YYZ
last-modified
Wed, 10 Jan 2024 10:29:00 GMT
server
AmazonS3
x-timer
S1704912573.544511,VS0,VE0
etag
"c6b430819ffb75222857b7f6956f3a66"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
17412
explore-more.20240110-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20240110-5-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89e51de50c6bc21cb57d841e518ac69485b491c53fd2ec2935f8d27bb437184a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
9ZEWSzJZi.CqX49CbPnsGe9vpDMvbCOe
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:32 GMT
x-amz-request-id
XSWHRMYNHSQDM3BY
age
29983
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
7706
x-amz-id-2
TC0iopXR+WOaaLIW+/SwXgn3Vf/hwHTwRrRDnFwMld3wyay1CmLNktL2wLemUvsLUe/ONDDTcQo=
x-served-by
cache-yyz4545-YYZ
last-modified
Wed, 10 Jan 2024 10:29:02 GMT
server
AmazonS3
x-timer
S1704912573.793710,VS0,VE0
etag
"3cdf258cf53b6dffb9bf2caec47096fa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
22
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6194
abtests
ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/abtests?route=US:CH:V&tvi48=9598&tvi50=14585&lti=deflated&ri=430cead452dea1e68afd555814794b9b&sd=v2_46515c81dac9afa7b12f7171db34009e_8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b_1704912571_1704912571_CNawjgYQsco9GMGa1aXPMSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGjT8qDQscv7qdcBcAE&ui=8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b&pi=/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web&wi=-5067139764656792500&pt=text&vi=1704912571713&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1704912572487%7D&tim=08%3A49%3A32.487&id=7733&llvl=2&cv=20240110-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/supply-feature?route=US:CH:V&tvi48=9598&tvi50=14585&lti=deflated&ri=430cead452dea1e68afd555814794b9b&sd=v2_46515c81dac9afa7b12f7171db34009e_8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b_1704912571_1704912571_CNawjgYQsco9GMGa1aXPMSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGjT8qDQscv7qdcBcAE&ui=8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b&pi=/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web&wi=-5067139764656792500&pt=text&vi=1704912571713&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A49%3A32.781&id=6057&llvl=2&cv=20240110-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/ 		0
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/abtests?route=US:CH:V&tvi48=9598&tvi50=14585&lti=deflated&ri=430cead452dea1e68afd555814794b9b&sd=v2_46515c81dac9afa7b12f7171db34009e_8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b_1704912571_1704912571_CNawjgYQsco9GMGa1aXPMSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGjT8qDQscv7qdcBcAE&ui=8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b&pi=/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web&wi=-5067139764656792500&pt=text&vi=1704912571713&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22storageRef%22%3Anull%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1704912572853%7D&tim=08%3A49%3A32.853&id=5210&llvl=2&cv=20240110-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:32 GMT
x-amz-request-id
Q7B3P4ZAV2Y366GK
age
105
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
fYnop51yVYrXTh+dYjlCijAkUb1qj12DuyfEXsHN+R/b7H/4m3vl37rjBaDhWcVaftKElyow4dw=
x-served-by
cache-yyz4545-YYZ
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1704912573.877673,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
81
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
57
social
ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/social?route=US:CH:V&tvi48=9598&tvi50=14585&lti=deflated&ri=430cead452dea1e68afd555814794b9b&sd=v2_46515c81dac9afa7b12f7171db34009e_8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b_1704912571_1704912571_CNawjgYQsco9GMGa1aXPMSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGjT8qDQscv7qdcBcAE&ui=8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b&pi=/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web&wi=-5067139764656792500&pt=text&vi=1704912571713&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22CT%20man%20sentenced%20for%20downloading%20thousands%20of%20child%20abuse%20videos%20from%20dark%20web%22%2C%22sec%22%3A%22Connecticut%20News%22%2C%22aut%22%3A%5B%22Taylor%20Hartz%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.courant.com%2Fwp-content%2Fuploads%2Fmigration%2F2021%2F05%2F10%2FJUEPDEFSJ5CSZH3GHJUK4WGUU4.jpg%3Fw%3D1024%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=08%3A49%3A32.911&id=9955&llvl=2&cv=20240110-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ecm3
s.amazon-adsystem.com/ Frame 9088 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=d64727ec-444b-c94b-0c6a-16aa6c6b309c&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1CDQVDFHVDT3EJS617YK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58294/ Frame 9088 		0
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=a055d818-808b-48f8-9f43-553793fb0f15
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
db_sync
px.ads.linkedin.com/ Frame 9088
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=db5724f7-95a6-44d1-931d-14ce3dc39aa4
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokZGI1NzI0ZjctOTVhNi00NGQxLTkzMWQtMTRjZTNkYzM5YWE0EAAaDQi9zfusBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=2d84aca1b9f4bb015ccd20e3725850f762b4eb2e25ce5581a96077e8a3567ced791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=2d84aca1b9f4bb015ccd20e3725850f762b4eb2e25ce5581a96077e8a3567ced791426b5417dce21&rand=09483535
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=2d84aca1b9f4bb015ccd20e3725850f762b4eb2e25ce5581a96077e8a3567ced791426b5417dce21&rand=09483535&expected_cookie=338573fe-9dae-45a8-b59e-faffa86a83d8
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=2d84aca1b9f4bb015ccd20e3725850f762b4eb2e25ce5581a96077e8a3567ced791426b5417dce21&rand=09483535&expected_cookie=338573fe-9dae-45a8-b59e-faffa86a83d8
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4D412E2664C64E9F8AC1EBA93DD725DD Ref B: NYCEDGE1419 Ref C: 2024-01-10T18:49:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOm+RYVxSWczaOe9XSYQ==

Redirect headers

date
Wed, 10 Jan 2024 18:49:33 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 989633E8F4CB4DC9A1B402A3F7B6542D Ref B: NYCEDGE1419 Ref C: 2024-01-10T18:49:33Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
location
/db_sync?pid=10339&puuid=2d84aca1b9f4bb015ccd20e3725850f762b4eb2e25ce5581a96077e8a3567ced791426b5417dce21&rand=09483535&expected_cookie=338573fe-9dae-45a8-b59e-faffa86a83d8
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOm+RXIae3anrmHDBqCw==
sd
us-u.openx.net/w/1.0/ Frame 9088
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=2840245782802064973
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=2840245782802064973
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:32 GMT
an-x-request-uuid
5ef1525d-9414-4142-9dd8-5fe5b18c2578
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=2840245782802064973
x-proxy-origin
96.9.249.36; 96.9.249.36; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9088
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8061612558496674094&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8061612558496674094&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8061612558496674094&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 9088
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZZ7mvQANhnk-tQBU
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZ7mvQANhnk-tQBU&_test=ZZ7mvQANhnk-tQBU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZ7mvQANhnk-tQBU&_test=ZZ7mvQANhnk-tQBU
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4557-YYZ
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704912573.356780,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZ7mvQANhnk-tQBU&_test=ZZ7mvQANhnk-tQBU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
1x1.png
d24zb9qreavi2u.cloudfront.net/ 		95 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d24zb9qreavi2u.cloudfront.net/1x1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.134.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-134-74.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 22:38:56 GMT
via
1.1 8ef32c2f547e329f3176ec90207b9148.cloudfront.net (CloudFront)
last-modified
Mon, 16 May 2022 07:24:25 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P7
age
72638
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
FgU3ByZVE5g-k4_daDvQC25oC78wnZ3oWSGtvZxfAJdME6LCEuhI3g==
abtests
ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/abtests?route=US:CH:V&tvi48=9598&tvi50=14585&lti=deflated&ri=430cead452dea1e68afd555814794b9b&sd=v2_46515c81dac9afa7b12f7171db34009e_8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b_1704912571_1704912571_CNawjgYQsco9GMGa1aXPMSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGjT8qDQscv7qdcBcAE&ui=8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b&pi=/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web&wi=-5067139764656792500&pt=text&vi=1704912571713&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1704912572966%7D&tim=08%3A49%3A32.966&id=3093&llvl=2&cv=20240110-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
usync.js
eus.rubiconproject.com/ Frame 41B3 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91c5d4ccb996df1b6deb471c5ac0b7d98c0c3ad1a316cea3e59cee647b25e615

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 18:49:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jan 2024 16:49:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79171
Connection
keep-alive
Content-Length
10963
Expires
Thu, 11 Jan 2024 16:49:04 GMT
usersync
usersync.gumgum.com/ Frame BDDA
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2840245782802064973
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2840245782802064973
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
an-x-request-uuid
a437c4a1-62c3-4859-9261-f656593db5ed
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=2840245782802064973
x-proxy-origin
96.9.249.36; 96.9.249.36; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame BDDA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_9a3ca466-c429-4f79-bc91-994aa02d8112&gdpr=0&gdpr_consent=&us_privacy=
  • https://t.pswec.com/bsw_sync?ssp=gumgum2&bsw_user_id=d7b6ceef-32a6-4550-85eb-960683662294
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=gumgum2&bsw_user_id=d7b6ceef-32a6-4550-85eb-960683662294
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=5c7168c7-a845-4574-8b71-00b970ed52f5&expires=3&user_group=1&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=d7b6ceef-32a6-4550-85eb-960683662294&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=d7b6ceef-32a6-4550-85eb-960683662294&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=d7b6ceef-32a6-4550-85eb-960683662294&gdpr=&gdpr_consent=&us_privacy=
Date
Wed, 10 Jan 2024 18:49:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame BDDA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=79acffe1-70f4-4ae7-ab1f-84d0cc08fa3a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=79acffe1-70f4-4ae7-ab1f-84d0cc08fa3a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 10 Jan 2024 18:49:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=79acffe1-70f4-4ae7-ab1f-84d0cc08fa3a
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame BDDA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36
Date
Wed, 10 Jan 2024 18:49:33 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame BDDA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-HnQj3YBE2pffHU0_dZdoobRG5tsAKM.8ZZI.~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-HnQj3YBE2pffHU0_dZdoobRG5tsAKM.8ZZI.~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 10 Jan 2024 18:49:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-HnQj3YBE2pffHU0_dZdoobRG5tsAKM.8ZZI.~A
content-length
0
usersync
usersync.gumgum.com/ Frame BDDA
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=eb1d2174-4993-4a4f-b612-9f916f5fd710
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=eb1d2174-4993-4a4f-b612-9f916f5fd710
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=eb1d2174-4993-4a4f-b612-9f916f5fd710
Date
Wed, 10 Jan 2024 18:49:33 GMT
Connection
keep-alive
X-CI-RTID
0bec5369-a323-46e2-9527-13783e98d438
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame BDDA 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 10 Jan 2024 18:49:32 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame BDDA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_9a3ca466-c429-4f79-bc91-994aa02d8112&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=u_9a3ca466-c429-4f79-bc91-994aa02d8112&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=LFwXsVv6eeBiPOgTffud&gdpr=0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=LFwXsVv6eeBiPOgTffud&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=LFwXsVv6eeBiPOgTffud&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
103
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame BDDA
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=TP3jY7tnqGRv&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=TP3jY7tnqGRv&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
34.226.253.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-253-159.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=TP3jY7tnqGRv&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-nfrhc
expires
-1
usersync
usersync.gumgum.com/ Frame BDDA
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6633317921081862514
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6633317921081862514
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6633317921081862514
date
Wed, 10 Jan 2024 18:49:32 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame BDDA 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_9a3ca466-c429-4f79-bc91-994aa02d8112
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H2V1RQZBVR90FW906TST
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame A17F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=58ae8b8f-0bc8-4085-bd8f-708b5e638f6c
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GWC5YAWNDM2S2WQC6AKQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame A17F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.6.62.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-62-160.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=
date
Wed, 10 Jan 2024 18:49:33 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame A17F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NThhZThiOGYtMGJjOC00MDg1LWJkOGYtNzA4YjVlNjM4ZjZj
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.6.62.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-62-160.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame A17F
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=s&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DxTFJbLbs37tyhbKsPP9VC2cm%26source_user_id%3D%24UID
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=580acb6756
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=580acb6756
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.6.62.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-62-160.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Wed, 10 Jan 2024 18:48:57 GMT
via
1.1 6aac9e8aea673b39a9a45a690aa06e62.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ORD53-C2
age
36
x-cache
Hit from cloudfront
location
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=580acb6756
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
2DRKF2cBYO-FAkM0lmxKgSdNmqA0OjzEU1hKUU9E426P0MQKWN3eUw==
v1
match.sharethrough.com/sync/ Frame A17F
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkMxNTQwQjctOTMxRC00NDU3LTg5NzEtM0VGNjJGMjU5MzU2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOFZrYImsMuGPy0PAZmovUU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3DBC1540B7-931D-4457-8971-3EF62...
  • https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=BC1540B7-931D-4457-8971-3EF62F259356
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=BC1540B7-931D-4457-8971-3EF62F259356
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.6.62.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-62-160.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:34 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=BC1540B7-931D-4457-8971-3EF62F259356
date
Wed, 10 Jan 2024 18:49:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ecm3
s.amazon-adsystem.com/ Frame 04FC 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=VEeM___OOM_hTP3txScq&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VP0VRJ9WHWF6TX1JFG4W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 04FC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=VEeM___OOM_hTP3txScq
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D9f598662-327e-406c-a623-1639fcaad77f%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2840245782802064973&pt=9f598662-327e-406c-a623-1639fcaad77f%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2840245782802064973&pt=9f598662-327e-406c-a623-1639fcaad77f%2C%2C
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
an-x-request-uuid
64ce1598-715b-4473-8c98-94cc00ad242d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2840245782802064973&pt=9f598662-327e-406c-a623-1639fcaad77f%2C%2C
x-proxy-origin
96.9.249.36; 96.9.249.36; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 04FC 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=VkVlTV9fX09PTV9oVFAzdHhTY3E=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 04FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEPfdWGHbMne1TMJa8_Nhc5E&google_cver=1
43 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEPfdWGHbMne1TMJa8_Nhc5E&google_cver=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
3.218.14.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-14-70.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEPfdWGHbMne1TMJa8_Nhc5E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 04FC
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
  • https://ads.yieldmo.com/v000/sync?userid=TP3jY7tnqGRv&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=TP3jY7tnqGRv&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
3.218.14.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-14-70.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://ads.yieldmo.com/v000/sync?userid=TP3jY7tnqGRv&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-nfrhc
expires
-1
cs
cs.yellowblue.io/ Frame 04FC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=816857504
  • https://sync.1rx.io/usersync/turn/8061612558496674094?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://sync-amz.ads.yieldmo.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11599&id=RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
date
Wed, 10 Jan 2024 18:49:33 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4c6d19350ff44d6897e9bae0f270cbb5005
content-type
text/html
cs
cs.yellowblue.io/ Frame F4F1
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=58ae8b8f-0bc8-4085-bd8f-708b5e638f6c&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=58ae8b8f-0bc8-4085-bd8f-708b5e638f6c&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=58ae8b8f-0bc8-4085-bd8f-708b5e638f6c&gdpr=0
date
Wed, 10 Jan 2024 18:49:33 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame F4F1
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=6da7a73d-c934-4847-ac54-caabe4abbf80
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=6da7a73d-c934-4847-ac54-caabe4abbf80
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-150
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=6da7a73d-c934-4847-ac54-caabe4abbf80
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.yellowblue.io/ Frame F4F1
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11600&id=6633317921081862514&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11600&id=6633317921081862514&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11600&id=6633317921081862514&gdpr=0&gdpr_consent=
date
Wed, 10 Jan 2024 18:49:32 GMT
content-length
0
cs
cs.yellowblue.io/ Frame F4F1
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=28745898956b3019f07ebd41b5237fbb&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=28745898956b3019f07ebd41b5237fbb&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=28745898956b3019f07ebd41b5237fbb&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1704912573367053-1195
cs
cs-server-s2s.yellowblue.io/ Frame F4F1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=2840245782802064973&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=2840245782802064973&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
an-x-request-uuid
f11730c6-f26c-4405-8849-d12465403f1a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=2840245782802064973&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.36; 96.9.249.36; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame F4F1
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212415999423087
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212415999423087
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:32 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212415999423087
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs-server-s2s.yellowblue.io/ Frame F4F1
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=BC1540B7-931D-4457-8971-3EF62F259356
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=BC1540B7-931D-4457-8971-3EF62F259356
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=BC1540B7-931D-4457-8971-3EF62F259356
date
Wed, 10 Jan 2024 18:49:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame F4F1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=TP3jY7tnqGRv&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=TP3jY7tnqGRv&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=TP3jY7tnqGRv&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-nfrhc
expires
-1
cksync.php
contextual.media.net/ Frame F4F1 		57 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 18:49:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Wed, 10 Jan 2024 18:49:33 GMT
cs
cs-server-s2s.yellowblue.io/ Frame F4F1
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEeM___OOM_hTP3txScq&gdpr=0&gdpr_consent=&us_privacy=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEeM___OOM_hTP3txScq&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEeM___OOM_hTP3txScq&gdpr=0&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
sync.targeting.unrulymedia.com/csync/ Frame F4F1
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2581584403
  • https://sync.1rx.io/usersync/tradedesk/e59d3934-868a-4c3e-9652-c62263f9455b
  • https://sync.targeting.unrulymedia.com/csync/RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
cs
cs-server-s2s.yellowblue.io/ Frame F4F1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=66914707-8f0e-4ff4-8723-c8af25f12f3f
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=66914707-8f0e-4ff4-8723-c8af25f12f3f
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Wed, 10 Jan 2024 18:49:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=66914707-8f0e-4ff4-8723-c8af25f12f3f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame F4F1
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=a8980298-017c-4b63-8990-637b41d892ee&gdpr_consent=null&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=a8980298-017c-4b63-8990-637b41d892ee&gdpr_consent=null&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=a8980298-017c-4b63-8990-637b41d892ee&gdpr_consent=null&gdpr=0
date
Wed, 10 Jan 2024 18:49:33 GMT
server
_
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame F4F1
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=d7b6ceef-32a6-4550-85eb-960683662294
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=d7b6ceef-32a6-4550-85eb-960683662294
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=d7b6ceef-32a6-4550-85eb-960683662294
Date
Wed, 10 Jan 2024 18:49:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame F4F1 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rise.com&id=j4R8jLgzCj_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XHH9B2E260SV8DGAM74S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 6219 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=b73fd4a4-2aed-f754-d6a6-55e05f45d66a&ex=kargo.com&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/dinitsync?partners=A9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MQHQX39AJS53A0PHS7NM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 4CD1 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=H-CpjPZHkAIsI4hfTom0aT2C&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WVKKDWSZFQ44VPBTTDB4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 4CD1
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1704912573108
  • https://ad.turn.com/r/cs?pid=45&rndcb=3014432731
  • https://sync.1rx.io/usersync/turn/7989554964458746158?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=97&3pid=RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
date
Wed, 10 Jan 2024 18:49:33 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4c6d19350ff44d6897e9bae0f270cbb5005
content-type
text/html
merge
ce.lijit.com/ Frame 4CD1
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1704912572731&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=B67B9CB5FAEF4990AE46B66C7A6FC2E9
43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=B67B9CB5FAEF4990AE46B66C7A6FC2E9
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Wed, 10 Jan 2024 18:49:33 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=B67B9CB5FAEF4990AE46B66C7A6FC2E9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 09 Jan 2024 18:49:33 GMT
merge
ce.lijit.com/ Frame 4CD1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=2840245782802064973&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=2840245782802064973&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
an-x-request-uuid
bdae042c-3c1a-46c6-994e-bf48711f9867
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=2840245782802064973&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.36; 96.9.249.36; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 4CD1
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=27&3pid=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=
date
Wed, 10 Jan 2024 18:49:33 GMT
server
Kestrel
content-length
223
merge
ce.lijit.com/ Frame 4CD1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=AABA9U7LPc0AABNRgylERA&pid=85&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=AABA9U7LPc0AABNRgylERA&pid=85&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?3pid=AABA9U7LPc0AABNRgylERA&pid=85&gdpr=0
Date
Wed, 10 Jan 2024 18:49:33 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
abtests
ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/abtests?route=US:CH:V&tvi48=9598&tvi50=14585&lti=deflated&ri=430cead452dea1e68afd555814794b9b&sd=v2_46515c81dac9afa7b12f7171db34009e_8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b_1704912571_1704912571_CNawjgYQsco9GMGa1aXPMSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGjT8qDQscv7qdcBcAE&ui=8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b&pi=/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web&wi=-5067139764656792500&pt=text&vi=1704912571713&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1704912573027%7D&tim=08%3A49%3A33.027&id=7556&llvl=2&cv=20240110-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
syncframe
gum.criteo.com/ Frame A5CE 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.courant.com&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-&gpp_sid=6
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 18:49:32 GMT
server
Kestrel
server-processing-duration-in-ticks
624175
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
b46fa63adfa0830344c71b16cb1109f87f7c75768294832c2b65a01a21c43711
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
https://www.courant.com
date
Wed, 10 Jan 2024 18:49:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usermatch
ssum-sec.casalemedia.com/ Frame 0571
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
0
268 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
843719c05df836a5-YYZ
content-length
0
date
Wed, 10 Jan 2024 18:49:33 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EgLl3tzD%2FVogZxvQXpfXu2mBQNLVsR4Pmo7w%2Bm%2B96ajmoGQGkNnjJBDXPtIelMA9PxUD%2Fw3U2GoeDq0xokHPuvxMP4MFmg5QK7gFAnOlRaOBBud3i7naH6%2BD46PNd1B74Qcc%2FHedauvwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
843719bfed7036a5-YYZ
content-length
0
date
Wed, 10 Jan 2024 18:49:33 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hS6claoFQQYZZolyHKEhoDmpuj%2FTWBRry0zvDFYUDX5q3%2FZkrglmo%2B5bthSAZ2jvXliJPo3cHitl0TqyRM5M0SktHouNUoYnE6aA3E7jGKtxRC5B8plTIarHdOteGlr%2BUMGRt7ROiVNEmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8B23
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Jan 2024 18:49:33 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 10 Jan 2024 18:49:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame F979
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=c5fc3cb6-584e-4ed2-a6e1-8bfaf3f4db2e
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=c5fc3cb6-584e-4ed2-a6e1-8bfaf3f4db2e
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Server
34.206.237.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-237-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
content-length
0

Redirect headers

date
Wed, 10 Jan 2024 18:49:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=c5fc3cb6-584e-4ed2-a6e1-8bfaf3f4db2e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame F979
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-9BSszoBE2uGnE0fIap1vW9RzpV65zwBo~A
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-9BSszoBE2uGnE0fIap1vW9RzpV65zwBo~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Server
34.206.237.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-237-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-9BSszoBE2uGnE0fIap1vW9RzpV65zwBo~A
date
Wed, 10 Jan 2024 18:49:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame F979
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=e59d3934-868a-4c3e-9652-c62263f9455b&ttl=1707504573
0
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=e59d3934-868a-4c3e-9652-c62263f9455b&ttl=1707504573
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Server
34.206.237.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-237-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=e59d3934-868a-4c3e-9652-c62263f9455b&ttl=1707504573
date
Wed, 10 Jan 2024 18:49:33 GMT
server
Kestrel
content-length
249
sync
usr.undertone.com/userPixel/ Frame F979
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR84XAX2-1U-C4IM
0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR84XAX2-1U-C4IM
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Server
34.206.237.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-237-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR84XAX2-1U-C4IM
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
sync
usr.undertone.com/userPixel/ Frame F979
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DBC1540B7-931D-4457-8971-3EF62F259356
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=BC1540B7-931D-4457-8971-3EF62F259356
0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=BC1540B7-931D-4457-8971-3EF62F259356
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Server
34.206.237.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-237-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=BC1540B7-931D-4457-8971-3EF62F259356
date
Wed, 10 Jan 2024 18:49:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame F979
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553
0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Server
34.206.237.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-237-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:34 GMT
content-length
0

Redirect headers

date
Wed, 10 Jan 2024 18:49:33 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame F979
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-B752TM1E2uFSR3odvahsE_Y754mx.GQVtIfjJcc-~A
0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-B752TM1E2uFSR3odvahsE_Y754mx.GQVtIfjJcc-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Server
34.206.237.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-237-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-B752TM1E2uFSR3odvahsE_Y754mx.GQVtIfjJcc-~A
date
Wed, 10 Jan 2024 18:49:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame F979
Redirect Chain
  • https://usr.undertone.com/userPixel/syncr?gdpr=&gdprstr=&partnerId=49&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24UIDENC
  • https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=bk9mjmk7uy6yw7754ibfxb1e8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=bk9mjmk7uy6yw7754ibfxb1e8
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GMCMDDBVZ6GFX3FQ5APE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=bk9mjmk7uy6yw7754ibfxb1e8
date
Wed, 10 Jan 2024 18:49:33 GMT
content-length
0
usersync
usersync.gumgum.com/ Frame 5E92
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=3604464877181281496&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=3604464877181281496&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 10 Jan 2024 18:49:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 10 Jan 2024 18:49:33 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=3604464877181281496&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame F666 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV85YTNjYTQ2Ni1jNDI5LTRmNzktYmM5MS05OTRhYTAyZDgxMTI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 18:49:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0ADF 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.109.13 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-109-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43669
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 10 Jan 2024 18:49:33 GMT
expires
Thu, 11 Jan 2024 06:57:22 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 1126
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=e59d3934-868a-4c3e-9652-c62263f9455b
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=e59d3934-868a-4c3e-9652-c62263f9455b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 10 Jan 2024 18:49:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Wed, 10 Jan 2024 18:49:33 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=e59d3934-868a-4c3e-9652-c62263f9455b
server
Kestrel
usersync
usersync.gumgum.com/ Frame 7627
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZ7mvcCo5sAAAAfS.3IAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZZ7mvcCo5sAAAAfS.3IAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 10 Jan 2024 18:49:34 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 10 Jan 2024 18:49:33 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZZ7mvcCo5sAAAAfS.3IAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
7
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40026.dc2p.scaleout.jp
X-SO-IP
96.9.249.36
X-SO-Key
ZZ7mvcCo5sAAAAfS.3IAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.36","key":"ZZ7mvcCo5sAAAAfS.3IAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40026"}
X-SO-LB-Hostname
a-tgng40002.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40026
usersync
usersync.gumgum.com/ Frame 6DF4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=GJMLBpYQZAvIR6klJc2UYhA_6HBuZcCWjxnuciECe08&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=GJMLBpYQZAvIR6klJc2UYhA_6HBuZcCWjxnuciECe08&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 10 Jan 2024 18:49:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 10 Jan 2024 18:49:33 GMT Wed, 10 Jan 2024 18:49:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=GJMLBpYQZAvIR6klJc2UYhA_6HBuZcCWjxnuciECe08&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame A9C3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Jan 2024 18:49:33 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 10 Jan 2024 18:49:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 3D13 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
container.html
83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BB72 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 18:49:32 GMT
expires
Thu, 09 Jan 2025 18:49:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-2805e46-145e842b.js
tagan.adlightning.com/mng-trib/ Frame A0E4 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-30.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
793b1e3ce4434890057ad13bbeb745a152ca517e5fb962266b2679fd161d4f35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 09:40:42 GMT
content-encoding
gzip
via
1.1 c80d7d73c19744418338fdf12216d306.cloudfront.net (CloudFront)
x-amz-version-id
xM0td1wU4vB5LHL37TI_fGNZjW92dlQ9
x-amz-cf-pop
ORD56-P1
age
983332
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25694
x-amz-meta-git_commit
2805e46
last-modified
Wed, 27 Dec 2023 18:12:31 GMT
server
AmazonS3
etag
"51ffe63c118533b804d69f2dfd44767d"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
42eJsJxGRm8Qq6bkD2Z1lO-nla1BteKSKU0RoHTopErKXqC16Run9w==
iframebuster.js
assets.bounceexchange.com/assets/bounce/ Frame A0E4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/iframebuster.js?bx_tracker=https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstoOAApFK-ZYlIqzY7B8JqbSjxE4NBD-owIdjFJIJE4HhToIhUITOpHxooxdMP3HISyjqDif8w-7vea7qE8in97D4PWMkewj7WSoVRWfGSvPe3C_-gEdzz4VH90esXyZ1mzrV7l-EDIdhUH97Leo7TZm7_23KyokITUyQnb_z3BHqRA20cNwqYbUKcw_TTU_5zb6-qG3OuSUp9Rk5Nf75WmbwzZHafhg3wIp1NLd6mSozisbCgm9GaQEDMiEIAJVVbuHvdUnMxDTqukpBHfZOX0SOjMO4yNXvVrybgAbjNASnA2i8zjOTqJUfUkKtJ7q2ajwJ9U_QW6oPq64CxxHlXNZG-3__VdBbWHiSYubA6VHXJzsQ5xK4fKtVA7e_W4%26sai%3DAMfl-YRS0HrPfA_r3yfMQePfx7VH3Bnu77vUfU8Aj-aiXfPtF7YW_XMwDO_0DxKICT4x6H-qvBvvQAEKwaYKR2Xm9R8Pp-N1lg5OOUu9e5sKWu-fNdEMORMey193oxL08Q%26sig%3DCg0ArKJSzKipLAYhCx2DEAE%26uach_m%3D%255BUACH%255D%26urlfix%3D1%26adurl%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:56:21 GMT
content-encoding
br
age
165192
x-guploader-uploadid
ABPtcPpZbY5J2TDjUX68N2agb1RrMrqaO9GrMhT6wd8EBHO0qJqKEyP-Lj9seAig5nxyf5_ITdVkf2hOqC5Uo7HwQpBZl06GoOJQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
834
last-modified
Thu, 07 Dec 2023 16:30:15 GMT
server
UploadServer
etag
W/"e834a0cd12abffd04acda8e08953a77a"
vary
Accept-Encoding
x-goog-generation
1701966615371923
x-goog-hash
crc32c=PdRfKg==, md5=6DSgzRKr/9BKzajgiVOneg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
2317
accept-ranges
none
content-type
text/javascript; charset=UTF-8
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A0E4 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 18:49:33 GMT
container.html
83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 26EF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 18:49:32 GMT
expires
Thu, 09 Jan 2025 18:49:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-2805e46-145e842b.js
tagan.adlightning.com/mng-trib/ Frame 758E 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-30.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
793b1e3ce4434890057ad13bbeb745a152ca517e5fb962266b2679fd161d4f35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 09:40:42 GMT
content-encoding
gzip
via
1.1 c80d7d73c19744418338fdf12216d306.cloudfront.net (CloudFront)
x-amz-version-id
xM0td1wU4vB5LHL37TI_fGNZjW92dlQ9
x-amz-cf-pop
ORD56-P1
age
983332
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25694
x-amz-meta-git_commit
2805e46
last-modified
Wed, 27 Dec 2023 18:12:31 GMT
server
AmazonS3
etag
"51ffe63c118533b804d69f2dfd44767d"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
BIYToW3_6tZKoGQrZi4t3Xqw5_z1vRP-t1MJiVb_HJ99aoZpeMQb2g==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 758E 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 18:49:33 GMT
container.html
83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5FC7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 18:49:32 GMT
expires
Thu, 09 Jan 2025 18:49:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
at9ldozncdxxwonirmds.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1701939344/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1701939344/at9ldozncdxxwonirmds.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d14a9076e5d50dcf7b1f7ea3ebadcfe4bd5b53d78b2e36ffd2b53eb7464cf3a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Wed, 10 Jan 2024 18:49:33 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1701939344/at9ldozncdxxwonirmds.jpg
age
1396721
edge-cache-tag
423210732001626724105338351099557828859,613570411217116831189459287628353010494,29ecf9b93bbf306179626feeda1fab70
cache-tag
423210732001626724105338351099557828859,613570411217116831189459287628353010494,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
122
expiration
expiry-date="Sun, 07 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://the-ans.jp/
content-length
10106
x-served-by
cache-iad-kiad7000085-IAD, cache-iad-kcgs7200054-IAD, cache-lga21976-LGA, cache-iad-kjyo7100155-IAD, cache-yyz4545-YYZ
last-modified
Thu, 07 Dec 2023 09:00:11 GMT
server
nginx
surrogate-reporting
width=600,height=400,bytes=20776,owidth=714,oheight=400,obytes=23095
x-timer
S1704912574.840464,VS0,VE3
etag
"1f5d8aaacee6faabaa72730527c41363"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 3, 1
717f582fc14dc4463afc60cf327ae019.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/717f582fc14dc4463afc60cf327ae019.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7a9bdd8acb40c1466ae7e97dce64199c43d90a59a580b87186d9d740ea6f37c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms
11
date
Wed, 10 Jan 2024 18:49:33 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/717f582fc14dc4463afc60cf327ae019.jpg
age
643730
edge-cache-tag
446356767536041041381803295247032934647,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
cache-tag
446356767536041041381803295247032934647,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
201
expiration
expiry-date="Sat, 13 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.belfasttelegraph.co.uk/
content-length
12138
x-served-by
cache-iad-kiad7000040-IAD, cache-iad-kjyo7100089-IAD, cache-lax-kwhp1940027-LAX, cache-iad-kcgs7200088-IAD, cache-yyz4545-YYZ
last-modified
Wed, 13 Dec 2023 15:19:29 GMT
server
nginx
surrogate-reporting
width=380,height=254,bytes=20481,owidth=1200,oheight=627,obytes=793176,ef=(1,13,17,23,30)
x-timer
S1704912574.840111,VS0,VE11
etag
"88c0459f2aeb2ca3f5ed87608aac6941"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 12, 1
0336112845e2e8f5ffa129f1f906a078.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0336112845e2e8f5ffa129f1f906a078.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d9d85b620d254c1d17e8e8a7141a73e66288924dbe03c7f4acd3cb07d4110d70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms
7
date
Wed, 10 Jan 2024 18:49:33 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0336112845e2e8f5ffa129f1f906a078.jpg
age
463137
edge-cache-tag
553181374269775817010722959770498339736,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
cache-tag
553181374269775817010722959770498339736,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
26
expiration
expiry-date="Wed, 24 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.dailypress.com/
content-length
10916
x-served-by
cache-iad-kcgs7200106-IAD, cache-iad-kcgs7200025-IAD, cache-lga21937-LGA, cache-iad-kiad7000026-IAD, cache-yyz4545-YYZ
last-modified
Sun, 24 Dec 2023 13:02:01 GMT
server
nginx
surrogate-reporting
width=380,height=254,bytes=15776,owidth=1200,oheight=800,obytes=167545,ef=(1,13,17,23,30)
x-timer
S1704912574.840602,VS0,VE7
etag
"efac82f60a28e85469c115d93329349a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 138, 1
535b0e3268b31a852c04880e04be870f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/535b0e3268b31a852c04880e04be870f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
68ee4a5fe8c6445381f8bf7b546813a19edb6e8bd1d824b9aa15f117d7033f74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Jan 2024 18:49:33 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/535b0e3268b31a852c04880e04be870f.jpg
age
502534
edge-cache-tag
616733365129023588437673220000991150169,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
cache-tag
616733365129023588437673220000991150169,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
62
req-referer
https://www.dailypress.com/
content-length
2866
x-request-id
7e8c90d2268e0d68db4ace35885ae2d7
x-served-by
cache-iad-kjyo7100049-IAD, cache-iad-kcgs7200152-IAD, cache-lga21967-LGA, cache-iad-kcgs7200038-IAD, cache-yyz4545-YYZ
last-modified
Tue, 19 Dec 2023 09:18:43 GMT
server
nginx
surrogate-reporting
width=380,height=254,bytes=6331,owidth=1000,oheight=600,obytes=77136,ef=(1,13,17,23,30)
x-timer
S1704912574.840463,VS0,VE1
etag
"3682b111d9580a1330d92d7fca705791"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 490, 1
usync.html
eus.rubiconproject.com/ Frame 0661
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Jan 2024 18:49:33 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 10 Jan 2024 18:49:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VSKJTSMTNP&gtm=45je4180v9120195009z871194413&_p=1704912566728&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cid=221492105.1704912568&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1704912568&sct=1&seg=0&dl=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&dt=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&tfd=8178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSKJTSMTNP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A9C3 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91c5d4ccb996df1b6deb471c5ac0b7d98c0c3ad1a316cea3e59cee647b25e615

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 18:49:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jan 2024 16:49:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79170
Connection
keep-alive
Content-Length
10963
Expires
Thu, 11 Jan 2024 16:49:04 GMT
usync.js
eus.rubiconproject.com/ Frame 8B23 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91c5d4ccb996df1b6deb471c5ac0b7d98c0c3ad1a316cea3e59cee647b25e615

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 18:49:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jan 2024 16:49:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79170
Connection
keep-alive
Content-Length
10963
Expires
Thu, 11 Jan 2024 16:49:04 GMT
index.js
cdn.pranmcpkx.com/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/index.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7991) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Jan 2024 18:49:34 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
289509
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (nya/7991)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
1c487a46-a01e-00ae-5e53-415aaf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.34.60 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 18:49:35 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
8W5ZZ8E4AVFY051J
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
hh3HyllykBmVMg2+uVLpIKyuxtW/ywM6MkspOmXCcXa2t0ka9ncFI+pQMgdj/SbEm0/ellZAqME=
x-amz-meta-s3b-last-modified
20191015T134358Z
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 Jan 2024 18:49:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CE8F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401030101&jk=1915419649376422&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame A5CE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=courant.com&sn=ChromeSyncframe&so=0&topUrl=www.courant.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Q2D93nxtN29tL0gzZC9QbWVRdVhEanJkRTlORmVkMVJVR2VJN0N5MjlnM200eVR0VlRpOGFEazNLM1BmWFZvZCt0ckU4bnROdHM5RDJjS2dMSkdoTkN2OWNGbHlRVnZwRXFvdk9uSVFBRmxWTGFneEgwRDFpNXpEWlAzWW...
436 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Q2D93nxtN29tL0gzZC9QbWVRdVhEanJkRTlORmVkMVJVR2VJN0N5MjlnM200eVR0VlRpOGFEazNLM1BmWFZvZCt0ckU4bnROdHM5RDJjS2dMSkdoTkN2OWNGbHlRVnZwRXFvdk9uSVFBRmxWTGFneEgwRDFpNXpEWlAzWWpTN0NncVlaOFlESU9ybzBYMUZEYzVZaG9jYWU0V2Qza1FsRXdhUm11TE9LVzJ6YXM2TEcxL0hGdmFDRmdYeUZreTdYVjZqQ2JYQnd5YlpSbTFiNGpoRklnN1pUY0Rsck14NTR5bWViNTl3djhaRFZ2dkdLNEE3NGk1Ym9LODJMTEl6RytKQ0c2ekh0NXhQWWUwUEZnWGJMVkhZVXI2eUdYTjVjemFyWm9hcm93c2NNcElFQT18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
66c00229a8c609026dac353950c2206d6e8929543c94ff7b3d48033c988ea946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1135679
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Q2D93nxtN29tL0gzZC9QbWVRdVhEanJkRTlORmVkMVJVR2VJN0N5MjlnM200eVR0VlRpOGFEazNLM1BmWFZvZCt0ckU4bnROdHM5RDJjS2dMSkdoTkN2OWNGbHlRVnZwRXFvdk9uSVFBRmxWTGFneEgwRDFpNXpEWlAzWWpTN0NncVlaOFlESU9ybzBYMUZEYzVZaG9jYWU0V2Qza1FsRXdhUm11TE9LVzJ6YXM2TEcxL0hGdmFDRmdYeUZreTdYVjZqQ2JYQnd5YlpSbTFiNGpoRklnN1pUY0Rsck14NTR5bWViNTl3djhaRFZ2dkdLNEE3NGk1Ym9LODJMTEl6RytKQ0c2ekh0NXhQWWUwUEZnWGJMVkhZVXI2eUdYTjVjemFyWm9hcm93c2NNcElFQT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
257966
content-length
0
expires
0
at9ldozncdxxwonirmds.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1701939344/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1701939344/at9ldozncdxxwonirmds.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d14a9076e5d50dcf7b1f7ea3ebadcfe4bd5b53d78b2e36ffd2b53eb7464cf3a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Jan 2024 18:49:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1701939344/at9ldozncdxxwonirmds.jpg
age
1396721
edge-cache-tag
423210732001626724105338351099557828859,613570411217116831189459287628353010494,29ecf9b93bbf306179626feeda1fab70
cache-tag
423210732001626724105338351099557828859,613570411217116831189459287628353010494,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
122
expiration
expiry-date="Sun, 07 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://the-ans.jp/
content-length
10106
x-served-by
cache-iad-kiad7000085-IAD, cache-iad-kcgs7200054-IAD, cache-lga21976-LGA, cache-iad-kjyo7100155-IAD, cache-yyz4545-YYZ
last-modified
Thu, 07 Dec 2023 09:00:11 GMT
server
nginx
surrogate-reporting
width=600,height=400,bytes=20776,owidth=714,oheight=400,obytes=23095
x-timer
S1704912574.286551,VS0,VE0
etag
"1f5d8aaacee6faabaa72730527c41363"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 3, 2
535b0e3268b31a852c04880e04be870f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/535b0e3268b31a852c04880e04be870f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
68ee4a5fe8c6445381f8bf7b546813a19edb6e8bd1d824b9aa15f117d7033f74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Jan 2024 18:49:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/535b0e3268b31a852c04880e04be870f.jpg
age
502534
edge-cache-tag
616733365129023588437673220000991150169,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
cache-tag
616733365129023588437673220000991150169,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
62
req-referer
https://www.dailypress.com/
content-length
2866
x-request-id
7e8c90d2268e0d68db4ace35885ae2d7
x-served-by
cache-iad-kjyo7100049-IAD, cache-iad-kcgs7200152-IAD, cache-lga21967-LGA, cache-iad-kcgs7200038-IAD, cache-yyz4545-YYZ
last-modified
Tue, 19 Dec 2023 09:18:43 GMT
server
nginx
surrogate-reporting
width=380,height=254,bytes=6331,owidth=1000,oheight=600,obytes=77136,ef=(1,13,17,23,30)
x-timer
S1704912574.286893,VS0,VE0
etag
"3682b111d9580a1330d92d7fca705791"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 490, 2
supply-feature
ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/supply-feature?route=US:CH:V&tvi48=9598&tvi50=14585&lti=deflated&ri=430cead452dea1e68afd555814794b9b&sd=v2_46515c81dac9afa7b12f7171db34009e_8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b_1704912571_1704912571_CNawjgYQsco9GMGa1aXPMSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGjT8qDQscv7qdcBcAE&ui=8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b&pi=/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web&wi=-5067139764656792500&pt=text&vi=1704912571713&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2263.953125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A49%3A34.290&id=8674&llvl=2&cv=20240110-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
css2
fonts.googleapis.com/ 		20 KB
915 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 18:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 18:28:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 18:49:34 GMT
container.html
83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9FE5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/explore-more.20240110-5-RELEASE.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 18:49:32 GMT
expires
Thu, 09 Jan 2025 18:49:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
spa-detector.20240110-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20240110-5-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7609ef556e5ffde43d3481cc9eeac45a404f40051f064c509f1b41d64ca12f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
8YofwiHoYEKayeko1Elmmctd2v6Kx7SI
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:34 GMT
x-amz-request-id
XSWRC4N9ZXC2GSGB
age
29984
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
778
x-amz-id-2
KsHFV5XBsEUdrgZT8qEZSSVWO4AXvqE80u9XPym0rUbuegqj6cDZbFXdseJOegoLhn9dojOEu8U=
x-served-by
cache-yyz4545-YYZ
last-modified
Wed, 10 Jan 2024 10:28:32 GMT
server
AmazonS3
x-timer
S1704912574.349107,VS0,VE0
etag
"fe3743576106b2f7010028b596da9167"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
88
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6534
supply-feature
ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/supply-feature?route=US:CH:V&tvi48=9598&tvi50=14585&lti=deflated&ri=430cead452dea1e68afd555814794b9b&sd=v2_46515c81dac9afa7b12f7171db34009e_8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b_1704912571_1704912571_CNawjgYQsco9GMGa1aXPMSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGjT8qDQscv7qdcBcAE&ui=8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b&pi=/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web&wi=-5067139764656792500&pt=text&vi=1704912571713&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A49%3A34.294&id=5945&llvl=2&cv=20240110-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/abtests?route=US:CH:V&tvi48=9598&tvi50=14585&lti=deflated&ri=430cead452dea1e68afd555814794b9b&sd=v2_46515c81dac9afa7b12f7171db34009e_8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b_1704912571_1704912571_CNawjgYQsco9GMGa1aXPMSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGjT8qDQscv7qdcBcAE&ui=8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b&pi=/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web&wi=-5067139764656792500&pt=text&vi=1704912571713&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1704912574315%7D&tim=08%3A49%3A34.315&id=9066&llvl=2&cv=20240110-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/supply-feature?route=US:CH:V&tvi48=9598&tvi50=14585&lti=deflated&ri=430cead452dea1e68afd555814794b9b&sd=v2_46515c81dac9afa7b12f7171db34009e_8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b_1704912571_1704912571_CNawjgYQsco9GMGa1aXPMSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGjT8qDQscv7qdcBcAE&ui=8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b&pi=/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web&wi=-5067139764656792500&pt=text&vi=1704912571713&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A49%3A34.318&id=9138&llvl=2&cv=20240110-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
hartford.png
www.courant.com/wp-content/uploads/2023/01/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.courant.com/wp-content/uploads/2023/01/hartford.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.166 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
03aabb73c030ff20d2305e55bf0efb077a40a20d418105df4324b44e7a4b5937

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:34 GMT
x-rq
jfk2 102 32 443
last-modified
Sat, 06 May 2023 03:11:04 GMT
server
nginx
etag
"6cf56975264da0f3"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
14514
abtests
ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/abtests?route=US:CH:V&tvi48=9598&tvi50=14585&lti=deflated&ri=430cead452dea1e68afd555814794b9b&sd=v2_46515c81dac9afa7b12f7171db34009e_8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b_1704912571_1704912571_CNawjgYQsco9GMGa1aXPMSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGjT8qDQscv7qdcBcAE&ui=8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b&pi=/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web&wi=-5067139764656792500&pt=text&vi=1704912571713&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1704912574335%7D&tim=08%3A49%3A34.335&id=6949&llvl=2&cv=20240110-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
PugMaster
image6.pubmatic.com/AdServer/ Frame C580 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=90894102&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ab06d2e71e5ded9c6b0948014bd0afb70d9d93f2f8a6fae80734bbebf726f2e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 10 Jan 2024 18:49:32 GMT
content-length
1714
content-type
text/html; charset=UTF-8
717f582fc14dc4463afc60cf327ae019.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/717f582fc14dc4463afc60cf327ae019.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7a9bdd8acb40c1466ae7e97dce64199c43d90a59a580b87186d9d740ea6f37c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Jan 2024 18:49:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/717f582fc14dc4463afc60cf327ae019.jpg
age
643731
edge-cache-tag
446356767536041041381803295247032934647,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
cache-tag
446356767536041041381803295247032934647,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
201
expiration
expiry-date="Sat, 13 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.belfasttelegraph.co.uk/
content-length
12138
x-served-by
cache-iad-kiad7000040-IAD, cache-iad-kjyo7100089-IAD, cache-lax-kwhp1940027-LAX, cache-iad-kcgs7200088-IAD, cache-yyz4545-YYZ
last-modified
Wed, 13 Dec 2023 15:19:29 GMT
server
nginx
surrogate-reporting
width=380,height=254,bytes=20481,owidth=1200,oheight=627,obytes=793176,ef=(1,13,17,23,30)
x-timer
S1704912574.374014,VS0,VE0
etag
"88c0459f2aeb2ca3f5ed87608aac6941"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 12, 2
0336112845e2e8f5ffa129f1f906a078.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0336112845e2e8f5ffa129f1f906a078.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d9d85b620d254c1d17e8e8a7141a73e66288924dbe03c7f4acd3cb07d4110d70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Jan 2024 18:49:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0336112845e2e8f5ffa129f1f906a078.jpg
age
463138
edge-cache-tag
553181374269775817010722959770498339736,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
cache-tag
553181374269775817010722959770498339736,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
26
expiration
expiry-date="Wed, 24 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.dailypress.com/
content-length
10916
x-served-by
cache-iad-kcgs7200106-IAD, cache-iad-kcgs7200025-IAD, cache-lga21937-LGA, cache-iad-kiad7000026-IAD, cache-yyz4545-YYZ
last-modified
Sun, 24 Dec 2023 13:02:01 GMT
server
nginx
surrogate-reporting
width=380,height=254,bytes=15776,owidth=1200,oheight=800,obytes=167545,ef=(1,13,17,23,30)
x-timer
S1704912574.374141,VS0,VE0
etag
"efac82f60a28e85469c115d93329349a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 138, 2
bulk
trc.taboola.com/tribunedigital-thecourant/log/3/ 		0
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/tribunedigital-thecourant/log/3/bulk?tvi48=9598&tvi50=14585&route=US%3ACH%3AV&lti=deflated&bulkSize=14
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
19
date
Wed, 10 Jan 2024 18:49:34 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
14217
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4545-YYZ
pragma
no-cache
server
nginx
x-timer
S1704912574.426105,VS0,VE19
content-type
image/gif
access-control-allow-origin
https://www.courant.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame A0E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoOAApFK-ZYlIqzY7B8JqbSjxE4NBD-owIdjFJIJE4HhToIhUITOpHxooxdMP3HISyjqDif8w-7vea7qE8in97D4PWMkewj7WSoVRWfGSvPe3C_-gEdzz4VH90esXyZ1mzrV7l-EDIdhUH97Leo7TZm7_23KyokITUyQnb_z3BHqRA20cNwqYbUKcw_TTU_5zb6-qG3OuSUp9Rk5Nf75WmbwzZHafhg3wIp1NLd6mSozisbCgm9GaQEDMiEIAJVVbuHvdUnMxDTqukpBHfZOX0SOjMO4yNXvVrybgAbjNASnA2i8zjOTqJUfUkKtJ7q2ajwJ9U_QW6oPq64CxxHlXNZG-3__VdBbWHiSYubA6VHXJzsQ5xK4fKtVA7e_W4&sai=AMfl-YRS0HrPfA_r3yfMQePfx7VH3Bnu77vUfU8Aj-aiXfPtF7YW_XMwDO_0DxKICT4x6H-qvBvvQAEKwaYKR2Xm9R8Pp-N1lg5OOUu9e5sKWu-fNdEMORMey193oxL08Q&sig=Cg0ArKJSzKipLAYhCx2DEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 758E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQNihRD7T0n3_onoc8_CjuKqVZZhnB5cgxV4T34_Lj8xm0wmZNxffy8VaDE8KKxNEP7OGYzMouzbmOexFPFw3iTR2CErMScFGS_VzJHxcjsIx20KX96n-dnutdAzrIG193UHnsEMrk1CTFAhDTWqWVqrTn3Pl5xAJqBTYqntq3BFvsT9sdBMtcxnv9dXLA2ADpwHcPkuKwvP-uXGC9sfEtIw6jL8DdzIcuSd3n0-XWJeXW8deRm_5IMy5ephipQlzb1ZIDZJoL9AzZkoNHh2cfxDyXKGOTDNjtS5W1t7zIXKDXaQIBs9T_SGq_xqMiMqq0YCZkLlYtIRc19is3wvXx5HGw_6BRmppete95z1scYD3Zph6V61rxwR1PcEpGhfZ8foUcnDu7NQQ3HW2eZ7RD99XvWvpKwg&sai=AMfl-YSBy-euLp6GSoWasspiK4Xd221RCd7kQs3CPVCLEjzrMDRZZB3UCd30GnEFVTirjLS-oUHkioUioxK3AUXZCKUgnUvELfzOH-AiWVsAOQ5Pcxi6chTt2s5QRsjZzg&sig=Cg0ArKJSzEfmS0cqfjUJEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
capi.connatix.com/tr/ Frame 758E 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=28d4ae3b-2c3a-4a6e-9aa7-52a2ca2f7324&cid=38d5daa3-18ac-4ee1-a905-373c67622f25
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719c8cf7f39e9-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
bl-250cc79-5668bfd3.js
tagan.adlightning.com/mng-trib/ Frame BB72 		87 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/bl-250cc79-5668bfd3.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-30.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18df8a9eb313a3910f5b3782f22d5436d6416b4df4d5ab20e1fab4dfe518e883

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:10:51 GMT
content-encoding
gzip
via
1.1 c80d7d73c19744418338fdf12216d306.cloudfront.net (CloudFront)
x-amz-version-id
.vxBYcAZ6evit3RvFqRxkFtM35Tf9EAO
x-amz-cf-pop
ORD56-P1
age
2324
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37433
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 18:06:23 GMT
server
AmazonS3
etag
"bfd8ec1270040f0e17404b6da6093074"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
GQZE9lDrkqDV5ySHkbs6yKHw_EPeZ20WIX8cZNTR56h4VbNC6SwWsA==
b-2805e46-145e842b.js
tagan.adlightning.com/mng-trib/ Frame BB72 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-30.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
793b1e3ce4434890057ad13bbeb745a152ca517e5fb962266b2679fd161d4f35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 09:40:42 GMT
content-encoding
gzip
via
1.1 c80d7d73c19744418338fdf12216d306.cloudfront.net (CloudFront)
x-amz-version-id
xM0td1wU4vB5LHL37TI_fGNZjW92dlQ9
x-amz-cf-pop
ORD56-P1
age
983333
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25694
x-amz-meta-git_commit
2805e46
last-modified
Wed, 27 Dec 2023 18:12:31 GMT
server
AmazonS3
etag
"51ffe63c118533b804d69f2dfd44767d"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
lTZG2uEiC7RWZhvwOs7YhhmsrSkaaaG-fbYvrcYJA7EyixdzAx24vw==
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame BB72 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:09:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
34778
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 09:09:57 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BB72 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:56:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
35575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Jan 2025 08:56:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BB72 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 18:49:34 GMT
bl-250cc79-5668bfd3.js
tagan.adlightning.com/mng-trib/ Frame 26EF 		87 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/bl-250cc79-5668bfd3.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-30.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18df8a9eb313a3910f5b3782f22d5436d6416b4df4d5ab20e1fab4dfe518e883

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:10:51 GMT
content-encoding
gzip
via
1.1 c80d7d73c19744418338fdf12216d306.cloudfront.net (CloudFront)
x-amz-version-id
.vxBYcAZ6evit3RvFqRxkFtM35Tf9EAO
x-amz-cf-pop
ORD56-P1
age
2324
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37433
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 18:06:23 GMT
server
AmazonS3
etag
"bfd8ec1270040f0e17404b6da6093074"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xr_R_8GXOaNigPPdcMgsEkXIzDxdo3RsKwB9KC70-zMJtO89nTKvfQ==
b-2805e46-145e842b.js
tagan.adlightning.com/mng-trib/ Frame 26EF 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-30.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
793b1e3ce4434890057ad13bbeb745a152ca517e5fb962266b2679fd161d4f35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 09:40:42 GMT
content-encoding
gzip
via
1.1 c80d7d73c19744418338fdf12216d306.cloudfront.net (CloudFront)
x-amz-version-id
xM0td1wU4vB5LHL37TI_fGNZjW92dlQ9
x-amz-cf-pop
ORD56-P1
age
983333
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25694
x-amz-meta-git_commit
2805e46
last-modified
Wed, 27 Dec 2023 18:12:31 GMT
server
AmazonS3
etag
"51ffe63c118533b804d69f2dfd44767d"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_-Oe471YvPWmDPM8vuyUbHB0QRnHs3HMGTKGJWfS6BFTPJze6C5f2Q==
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 26EF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:09:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
34778
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 09:09:57 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 26EF 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:56:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
35575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Jan 2025 08:56:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 26EF 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 18:49:34 GMT
usync.js
eus.rubiconproject.com/ Frame 0661 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
91c5d4ccb996df1b6deb471c5ac0b7d98c0c3ad1a316cea3e59cee647b25e615

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 18:49:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jan 2024 16:49:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79170
Connection
keep-alive
Content-Length
10963
Expires
Thu, 11 Jan 2024 16:49:04 GMT
bl-250cc79-5668bfd3.js
tagan.adlightning.com/mng-trib/ Frame 5FC7 		87 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/bl-250cc79-5668bfd3.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-30.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18df8a9eb313a3910f5b3782f22d5436d6416b4df4d5ab20e1fab4dfe518e883

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:10:51 GMT
content-encoding
gzip
via
1.1 c80d7d73c19744418338fdf12216d306.cloudfront.net (CloudFront)
x-amz-version-id
.vxBYcAZ6evit3RvFqRxkFtM35Tf9EAO
x-amz-cf-pop
ORD56-P1
age
2324
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37433
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 18:06:23 GMT
server
AmazonS3
etag
"bfd8ec1270040f0e17404b6da6093074"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
1eO4HOLwmaHlNlPJAPHzIg-4wgDErNg8H6rA9IZFFT4KVVtO1nc8YQ==
b-2805e46-145e842b.js
tagan.adlightning.com/mng-trib/ Frame 5FC7 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-30.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
793b1e3ce4434890057ad13bbeb745a152ca517e5fb962266b2679fd161d4f35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 09:40:42 GMT
content-encoding
gzip
via
1.1 c80d7d73c19744418338fdf12216d306.cloudfront.net (CloudFront)
x-amz-version-id
xM0td1wU4vB5LHL37TI_fGNZjW92dlQ9
x-amz-cf-pop
ORD56-P1
age
983333
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25694
x-amz-meta-git_commit
2805e46
last-modified
Wed, 27 Dec 2023 18:12:31 GMT
server
AmazonS3
etag
"51ffe63c118533b804d69f2dfd44767d"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
BUaMgflk0b3FfR_ZIQeLnJ03H0jkWKahAskdT3Py4NOm-a5pVv0bTA==
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 5FC7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:09:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
34778
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 09:09:57 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5FC7 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:56:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
35575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Jan 2025 08:56:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5FC7 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 18:49:34 GMT
khaos.json
token.rubiconproject.com/ Frame 41B3 		7 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
delete
prod-dfm-proxy-connext.azurewebsites.net/api/views/user/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-dfm-proxy-connext.azurewebsites.net/api/views/user/delete?UserId=d31f947a5a356281c3dc72cb52881a68&ConfigCode=600CONFIG&SiteCode=TRIBUNE&SettingsKey=600&conversationId=104258
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method
GET
Origin
https://www.courant.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin
*
Content-Length
0
Date
Wed, 10 Jan 2024 18:49:34 GMT
X-Powered-By
ASP.NET
delete
prod-dfm-proxy-connext.azurewebsites.net/api/views/user/ 		0
805 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-dfm-proxy-connext.azurewebsites.net/api/views/user/delete?UserId=d31f947a5a356281c3dc72cb52881a68&ConfigCode=600CONFIG&SiteCode=TRIBUNE&SettingsKey=600&conversationId=104258
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/dfm/t8y9347t.min.js?2024010
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

source-system
Plugin
site-code
TRIBUNE
autoqa
false
accept-language
en-US,en;q=0.9
settingskey
600
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE3NzY5MTI1Njh9.q2RXsLHw4LeH_rpLoZicu8eHGL009VwSOkMrAyVXAlg
ssid
350e504c1c02abe03b3d293e55ddb373
environment
prod
config-code
600CONFIG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json
access-control-allow-origin
*
accept
application/json
attr
600
location
System
Referer
https://www.courant.com/
version
Version: 2.8.6.1

Response headers

Expires
-1
Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:48 GMT
X-Server-Time
1/10/2024 6:49:48 PM
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
0
Request-Context
appId=cid-v1:94ae5057-927d-4045-bf63-1b3776adbf9e
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 Jan 2024 17:39:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4186
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 10 Jan 2024 19:39:49 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=459813501&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&ul=en-us&de=UTF-8&dt=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MeterStart&el=%7B%22ConversationName%22%3A%22Not%20Set%22%2C%22MeterLevel%22%3A%22Metered%22%2C%22ConversationDateStarted%22%3A%22Not%20Set%22%2C%22ConversationDateEnded%22%3A%22Not%20Set%22%2C%22ConversationDateExpiratation%22%3A%22Not%20Set%22%2C%22ConversationPaywallLimit%22%3A%22Not%20Set%22%2C%22ArticleViews%22%3A%22Not%20Set%22%7D&_u=6GDACEAjBAAAACgFKAC~&jid=&gjid=&cid=221492105.1704912568&tid=UA-40841508-27&_gid=674424301.1704912568&gtm=45He4180n81NFD2QGDv79549296&cd3=courant.com&cd51=Not%20Set&cd121=Not%20Set&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cd75=Not%20Set&cd95=Not%20Set&cd96=Not%20Set&cd97=Not%20Set&cd98=Not%20Set&cd100=1704912575198.qdydk85l&cd101=d31f947a5a356281c3dc72cb52881a68&cd102=Not%20Set&cd103=Not%20Set&cd104=Not%20Set&cd105=Unknown&cd106=Metered&cd107=Not%20Set&cd108=Not%20Set&cd109=Not%20Set&cd110=Not%20Set&cd111=Not%20Set&cd112=Not%20Set&cd113=Not%20Set&cd114=Not%20Set&cd115=Not%20Set&cd116=article&cd117=Not%20Set&cd119=Not%20Set&cd120=Default&cd122=1.0.0.2&cd123=Not%20Set&z=67039805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 08:15:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38037
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=459813501&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&ul=en-us&de=UTF-8&dt=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=PageView&el=%7B%22Page%22%3A%22CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web%22%2C%22ContentType%22%3A%22Not%20Set%22%2C%22MeterLevel%22%3A%22Metered%22%7D&_u=6GDACEAjBAAAACgFKAC~&jid=&gjid=&cid=221492105.1704912568&tid=UA-40841508-27&_gid=674424301.1704912568&gtm=45He4180n81NFD2QGDv79549296&cd3=courant.com&cd51=Not%20Set&cd121=Not%20Set&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cd75=Not%20Set&cd95=Not%20Set&cd96=Not%20Set&cd97=Not%20Set&cd98=Not%20Set&cd100=1704912575293.pxhp2zgf&cd101=d31f947a5a356281c3dc72cb52881a68&cd102=Not%20Set&cd103=Not%20Set&cd104=Not%20Set&cd105=Unknown&cd106=Metered&cd107=trib%20anonymous&cd108=1&cd109=unlimited&cd110=unlimited&cd111=2024-01-10T18%3A49%3A35Z&cd112=Not%20Set&cd113=2024-03-10T18%3A49%3A35Z&cd114=Not%20Set&cd115=Not%20Set&cd116=article&cd117=Not%20Set&cd119=Not%20Set&cd120=Default&cd122=1.0.0.2&cd123=Not%20Set&z=719521025
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 08:15:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38037
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 0BB7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:36:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
8013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 16:36:02 GMT
v3
id5-sync.com/gm/ 		698 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
b972e38f419e555604a644d02e020913aa6c4b73ef58f23aefc9a23202e18d8e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.courant.com
date
Wed, 10 Jan 2024 18:49:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
auction
tlx.3lift.com/header/ 		19 B
819 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.24.0&referrer=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&tmax=2000&us_privacy=1---
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.220.199.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-199-186.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:35 GMT
accept-ch
sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status
29
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.24.0&p=%5B%7B%22placement_id%22%3A%22htlad-12-gpt%22%2C%22callback_id%22%3A%22398a7c4ab828171%22%2C%22sizes%22%3A%5B%5B300%2C50%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%223261757594603036961%22%2C%22gpid%22%3A%22%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Fsponsorship_1%232%22%2C%22tid%22%3A%2271dae7b6-a84f-4150-afc7-2b122c416c19%22%2C%22auctionId%22%3A%22379cc67d-b633-4743-8f9a-7859f2c99059%22%7D%5D&page_url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&bust=1704912575392&dnt=false&description=A%20North%20Branford%20man%20has%20been%20sentenced%20to%20seven%20years%20in%20federal%20prison%20for%20downloading%20thousands%20of%20videos%20and%20photos%20of%20children%20and%20babies%20being%20sexually%20abused.&tmax=2000&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&w=1600&h=1200
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.14.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-14-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.courant.com
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		139 B
980 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1620d622e7e3b44ae8a6aa6f4404053b07da77097a5a358ec148156630ee2d1f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:35 GMT
an-x-request-uuid
90a8d726-acf9-4c86-a47f-6d0aa061f683
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.courant.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.36; 96.9.249.36; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.24.0&cb=31644778230&lsavail=1
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.courant.com
date
Wed, 10 Jan 2024 18:49:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
640 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=948305
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67de64b0a01212cacfca8d0f1f6f38defc686477313f2fb9e0e19e05d0647fcd

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0klm%2F06kXLf9BQ88EcuyKM6XMwHoKV0pj1M6fBwZTM2xvJmusOLJk5wS6mr79A33yOuF34Mb7ZHKzgjzTgICosI7jkIK3BJbPxf2u4MECSWYxWwfUUlLotzWBNyRUCAZc6L94Gj1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
843719cc48c639dd-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
hb-multi
hb.yellowblue.io/ 		84 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.212.108.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-108-213.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
0522785f79d80191cdd156ede93d74aa99eeb68a8f595fba53a4eacd729964f2

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:35 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.courant.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
tribune
direct.adsrvr.org/bid/bidder/ 		0
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/tribune
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:35 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		494 B
551 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7476&site_id=471192&zone_id=2792638&size_id=43&alt_size_ids=44&us_privacy=1---&rf=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&kw=CTnews%2Clocalnews%2Cbreakingnews%2Ccrime%2Ccourt%2Cchildpornography%2Csentencing%2Cfederalprison%2Cprison%2CHartfordCourant%2CNorthBranford%2CConnecticutnews&tg_i.domain=courant.com&tg_i.page=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&tg_i.pbadslot=%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Fsponsorship_1%232&tk_flint=pbjs_lite_v8.24.0&x_source.tid=379cc67d-b633-4743-8f9a-7859f2c99059&l_pb_bid_id=51efdf200316cf5&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=71dae7b6-a84f-4150-afc7-2b122c416c19&rp_maxbids=1&p_gpid=%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Fsponsorship_1%232&m_ch_mobile=%3F0&slots=1&rand=0.849345255503916
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b2c58d0e2b460f02dabd0ae9e68e4a6fcea518d668b8fcab1787471a3b8ad1ae

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
494
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		121 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3503&u=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&pid=HJFSIbnmeGfnm&cb=1&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-12-gpt%22%2C%22s%22%3A%5B%22300x50%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F4011%2Fcourant.com%2Fnews%2Fconnecticut-news%2Fsponsorship_1%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-&gpp_sid=%5B6%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%223392eaf9-0376-47d5-83ab-8a2ea3815153%22%2C%22audigent%22%3A%22060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm6g4ko6gywigwiew6kwomy%22%7D%7D
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.128.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-128-118.ord56.r.cloudfront.net
Software
Server /
Resource Hash
60499ce6eb992a481d4f365fd0f06a192391e01f31e6d552cbfd9fe4bea04e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 07a4b037827865f8b4d5ae6c04d96b4e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ORD56-P6
x-amz-rid
96XC3ZRT06TXAHNGCSQN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.courant.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
121
x-amz-cf-id
VB_8cJKoC0MCf5bsA_aZoYplJPUd5n8oleAlwoGto1kwZxj7L0bzCA==
i.js
tag.bounceexchange.com/2054/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/2054/i.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
67e008725aa8746ecd8345824387a61ab5cafde36db1164fc4de8d05406bc9df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:15 GMT
content-encoding
gzip
via
1.1 google
age
20
x-envoy-upstream-service-time
2
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13686
server
istio-envoy
etag
285981068ab692
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
truncated
/ Frame A0E4 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e5f7b15b4626f58c746bb1c774cd1dcf13c170450ec007cc09b57434e55a84d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A0E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssduZACqO8nYK9m8stZpkWkWha8VCXDlX2amODn7o2TooQwyP-lqRceTnIcXP7lCbCl6Zaoyv5WVwzcp7CQzXEWoWbkfQiIVTyz-MLcm-1X5OPzvTALXu_cdza6fRZqEOtfIlj_zoL0APIl9w-7z_m2-om39DOc0dDxhYRWIMvIJrj6OtojspMUPDjnfhvgvOodAs-XTgciWssWOYj5Kl-ckAKzXV4SeIFs2uV9AGXf2tuw7O9Fx96sRTaC_tt92rhWrVbVTSFED0QszSzPr9EMojVt9R3g2PRK0tJI-I4Cl7oB8F-GBVkSM8mjCaSwQU1sa80ij-gyFBjsM1rsXebCxbOpt_JPB9RnhYV9RJxoT_tHtEdLO6PC85Scuyi-J4Y&sai=AMfl-YQ4nXqIRnSfSI4AWpnRMiLo90z_jaxBAJi0YHYTp8MDMaqMomyfbZruxUV1xJsnU1hi_acck8ZhxOGLwk5cBwOiRxFE4jwFYmozKCsqQwT1LwA9cye7SOp_pzUjkg&sig=Cg0ArKJSzChPWZ4s0G72EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 Jan 2024 18:49:35 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:35 GMT
x-amz-request-id
Q89PZAPY13C01VBS
age
1411
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
WyW+sQit27+5QQaPOprDWlxQkOlwneaUZDqksoV7u0dxhY+oAngI45yJEW41JVZdfQSdWufJIXs=
x-served-by
cache-yyz4545-YYZ
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1704912576.509845,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
50
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
2341
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:35 GMT
x-amz-request-id
F0ERNPAEKW73Z8P2
age
27171
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
plsZvdnyCt2i8Bpor4XZ/Hw8FQ82hV+hAUU7z72e8PcCioobdkLHvDkUimb10ggYrfGsRVEk5hI=
x-served-by
cache-yyz4545-YYZ
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1704912576.510337,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
6
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
54234
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
393 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Jan 2024 18:49:35 GMT
x-amz-request-id
S9J5BFAA7WPTMDGJ
age
26000
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
wWtPRy+nUtfHDp77gPzlWCF3v6EWhngazARKv0aGBw+bq/wfsPbkn4AZ0roXloZfIZagWP16wbs=
x-served-by
cache-yyz4545-YYZ
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1704912576.514401,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
34
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
39523
truncated
/ Frame 758E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8afdf0d993b64fe372c02c667be231619e911388f157386a2b37c4d2cf8a55a5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
connatix.playspace.js
cd.connatix.com/ Frame D0FE 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cd.connatix.com/connatix.playspace.js?cid=38d5daa3-18ac-4ee1-a905-373c67622f25
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd23a33116788c37d11a29b1f43152f729d720bf1d2a909d65237348b8c00bc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:35 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
843719cd2f2439e9-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
ecm3
s.amazon-adsystem.com/ Frame 41B3
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LR84XAX2-1U-C4IM
  • https://s.amazon-adsystem.com/ecm3?id=LR84XAX2-1U-C4IM&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LR84XAX2-1U-C4IM&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5NNDMRCZAKM159X5R491
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LR84XAX2-1U-C4IM&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f1d2dfe1ca3ed0321925c13f4507bd26
Expires
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 10 Jan 2024 18:49:35 GMT
via
1.1 varnish
x-amz-request-id
C4YX393BV63BMCS9
age
11567
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
hJZ9rVKYX0/8YTS367+n1JLWaWxjxwlUGV9luK6w6nrhJtmZXbtiGq/h5BjCJKdhOOZFYFppGpg=
x-served-by
cache-yyz4545-YYZ
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1704912576.568068,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
55
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2541
view
securepubads.g.doubleclick.net/pcs/ Frame 758E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnS-KKCPHsWSrBoySYX_47gab4YpQyWWi-u4yi9GuDv694bbRh4w9hwWHHI9nJNkPnm_TddzwYcIS-ZQGScoWer07M1-4mVr73Iagq1E_c-qlLedxG12c3MejXB8PbCzGucrrHttOIGDHjDDvK6L9pli0O722RkizS7vS5qfer1NvWIYGBa2IS17r6wBIDHL_rjq-ts6wFtTt1-UmlWKl_H-hVMQs3_QjHoOYRpEj3d-ds8Pv0qq9k-i87IR_JjPLwGFf6EC0PARSj0C1HKXl_2eiWnFr7EWUn-PT5Z9I9Mktn2NEiUL842__EGG4wdFbaz9BC0WiBZ1K_2PG3nX-qIZMWxrq1redGIDy5tMUi0KKwqzNtYuKwvAZYLwc5OhnUTkhY84q14XZr0EFXGtVzMcUgpLnkUA36&sai=AMfl-YSwUL4UU_zyOzR1WLpeQ7VN8pYsUlqcfCxLs-dLRE3LXRdtwbDZLVrxqGLa76F2ZWPsUBhCXjnDTRJjSxFkMz1Pu9owWgOkpWPgejSDNaq6I4xXcMH6W_nWbttyRA&sig=Cg0ArKJSzBhcGhXAr4FjEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 Jan 2024 18:49:35 GMT
rid
match.adsrvr.org/track/ 		108 B
739 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=tcugyhe&fmt=json
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
f4e378b9cd1b46f9f999338c1aac1f1fd7932427a2fbe6e183822ce7f4a46cdf

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:35 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.courant.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 09 Feb 2024 18:49:35 GMT
ibs:dpid=903&dpuuid=e59d3934-868a-4c3e-9652-c62263f9455b
dpm.demdex.net/
Redirect Chain
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=e59d3934-868a-4c3e-9652-c62263f9455b
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=e59d3934-868a-4c3e-9652-c62263f9455b
Protocol
H2
Server
52.204.246.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-246-173.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-084f61900.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
hAkO5r4bQTQ=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=e59d3934-868a-4c3e-9652-c62263f9455b
date
Wed, 10 Jan 2024 18:49:35 GMT
server
Kestrel
content-length
189
bl-250cc79-5668bfd3.js
tagan.adlightning.com/mng-trib/ Frame 9FE5 		87 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/bl-250cc79-5668bfd3.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-30.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18df8a9eb313a3910f5b3782f22d5436d6416b4df4d5ab20e1fab4dfe518e883

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:10:51 GMT
content-encoding
gzip
via
1.1 c80d7d73c19744418338fdf12216d306.cloudfront.net (CloudFront)
x-amz-version-id
.vxBYcAZ6evit3RvFqRxkFtM35Tf9EAO
x-amz-cf-pop
ORD56-P1
age
2325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37433
x-amz-meta-git_commit
250cc79
last-modified
Wed, 10 Jan 2024 18:06:23 GMT
server
AmazonS3
etag
"bfd8ec1270040f0e17404b6da6093074"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xnwfSlqCxohyWRWygf1RlCA6YA6zI6wULOUmgUIeha7DQjTXlzZdIg==
b-2805e46-145e842b.js
tagan.adlightning.com/mng-trib/ Frame 9FE5 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-30.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
793b1e3ce4434890057ad13bbeb745a152ca517e5fb962266b2679fd161d4f35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 09:40:42 GMT
content-encoding
gzip
via
1.1 c80d7d73c19744418338fdf12216d306.cloudfront.net (CloudFront)
x-amz-version-id
xM0td1wU4vB5LHL37TI_fGNZjW92dlQ9
x-amz-cf-pop
ORD56-P1
age
983334
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25694
x-amz-meta-git_commit
2805e46
last-modified
Wed, 27 Dec 2023 18:12:31 GMT
server
AmazonS3
etag
"51ffe63c118533b804d69f2dfd44767d"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
i4NUinJ35scgWTQsgbvIB_HQMARi6olN87p44V02FjWY2a5ojTndeA==
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 9FE5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:09:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
34779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 09:09:57 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9FE5 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:56:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
35576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Jan 2025 08:56:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9FE5 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704717871404979"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 18:49:35 GMT
dcm
s.amazon-adsystem.com/ Frame 2DB2 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BC1540B7-931D-4457-8971-3EF62F259356&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 10 Jan 2024 18:49:35 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
68M0SB5S3XV0RRQRJJM7
Pug
simage2.pubmatic.com/AdServer/ Frame 3971
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=001896fe-afe9-11ee-8ce6-6e5169de39ab
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=001896fe-afe9-11ee-8ce6-6e5169de39ab
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 10 Jan 2024 18:49:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Wed, 10 Jan 2024 18:49:35 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=001896fe-afe9-11ee-8ce6-6e5169de39ab
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-1
ecm3
s.amazon-adsystem.com/ Frame DDD9 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDBC1540B7-931D-4457-8971-3EF62F259356
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 10 Jan 2024 18:49:35 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
C8392S9TH1A98BFWQFZW
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C580
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vBVAt5MdRFeJcT72LyWTVg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
23.220.109.13 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-109-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:35 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=43667
accept-ranges
bytes
content-length
5622
expires
Thu, 11 Jan 2024 06:57:22 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame C580
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=BC1540B7-931D-4457-8971-3EF62F259356
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=9f598662-327e-406c-a623-1639fcaad77f&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=86184965195569105544419199670438777659&pt=9f598662-327e-406c-a623-1639fcaad77f%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=86184965195569105544419199670438777659&pt=9f598662-327e-406c-a623-1639fcaad77f%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

dcs
dcs-prod-va6-2-v053-0f80eae11.edge-va6.demdex.com 14 ms
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
YY456QPNQTs=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=86184965195569105544419199670438777659&pt=9f598662-327e-406c-a623-1639fcaad77f%2C%2C
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame C580 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20BC1540B7-931D-4457-8971-3EF62F259356&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame C580 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=BC1540B7-931D-4457-8971-3EF62F259356&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 10 Jan 2024 18:49:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame C580
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B67B9CB5FAEF4990AE46B66C7A6FC2E9
42 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B67B9CB5FAEF4990AE46B66C7A6FC2E9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 10 Jan 2024 07:59:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 10 Jan 2024 18:49:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B67B9CB5FAEF4990AE46B66C7A6FC2E9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 09 Jan 2024 18:49:35 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C580
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=
42 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 10 Jan 2024 18:49:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=
date
Wed, 10 Jan 2024 18:49:35 GMT
server
Kestrel
content-length
355
BC1540B7-931D-4457-8971-3EF62F259356
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C580 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BC1540B7-931D-4457-8971-3EF62F259356?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:8d75:79f2:fdf1:69ff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame C580
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BC1540B7-931D-4457-8971-3EF62F259356&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rWyekSdE2uUfpW4x7Cs4NjILA7rMUdw-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rWyekSdE2uUfpW4x7Cs4NjILA7rMUdw-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 07:58:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rWyekSdE2uUfpW4x7Cs4NjILA7rMUdw-~A&gdpr=0
date
Wed, 10 Jan 2024 18:49:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
khaos.json
token.rubiconproject.com/ Frame A9C3 		7 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LR84XAX2-1U-C4IM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 41B3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=&expires=30
42 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cdd55fb02049ca8b9389527f6c1a1194
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e59d3934-868a-4c3e-9652-c62263f9455b&gdpr=0&gdpr_consent=&expires=30
date
Wed, 10 Jan 2024 18:49:35 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 41B3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qfoFvGNHRRy1Pmt3pfTSfw&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qfoFvGNHRRy1Pmt3pfTSfw&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qfoFvGNHRRy1Pmt3pfTSfw&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DQGPMFB5Y9177V7DTTT9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qfoFvGNHRRy1Pmt3pfTSfw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 41B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEP-fIqv3o8KmA0oR1-cWxfU&google_cver=1
42 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEP-fIqv3o8KmA0oR1-cWxfU&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cdd55fb02049ca8b9389527f6c1a1194
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEP-fIqv3o8KmA0oR1-cWxfU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 41B3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR84XAX2-1U-C4IM&gdpr=0
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR84XAX2-1U-C4IM&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:35 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 76D2034B0AA342CFBE03509E25564E61 Ref B: NYCEDGE1419 Ref C: 2024-01-10T18:49:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOm+R2/rPxIHwb5C5oTw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR84XAX2-1U-C4IM&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f84b118a3f01dd6ffa744f6af941f4e8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 41B3 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TG8N2NNGRJWXDPRSRX74
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 41B3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=LR84XAX2-1U-C4IM&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LR84XAX2-1U-C4IM&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R3J21KTMWG0W38F7Q5Y0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LR84XAX2-1U-C4IM&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
pixel
cm.g.doubleclick.net/ Frame 41B3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjAzYjRjNDkyYzlkMzM3YTdhYzllOGQyNDhkZjI1NTIyZGNhNzk3OA&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjAzYjRjNDkyYzlkMzM3YTdhYzllOGQyNDhkZjI1NTIyZGNhNzk3OA&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjAzYjRjNDkyYzlkMzM3YTdhYzllOGQyNDhkZjI1NTIyZGNhNzk3OA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78008fe701b681dce86a72fc23cacc40
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 41B3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI4NFhBWDItMVUtQzRJTQ==&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEF1uDWqYl2mD4nJslov5ghY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4NFhBWDItMVUtQzRJTQ==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4NFhBWDItMVUtQzRJTQ==&google_push=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4NFhBWDItMVUtQzRJTQ==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 41B3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/PWcvJ07Ecnd7dqKb5y3Ehcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HNZ_vDFE2oJTLDjbMpUcA.wbwkNd6SK7skHmpQ--~A
42 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HNZ_vDFE2oJTLDjbMpUcA.wbwkNd6SK7skHmpQ--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 10 Jan 2024 18:49:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HNZ_vDFE2oJTLDjbMpUcA.wbwkNd6SK7skHmpQ--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 41B3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABA9U7LPc0AABNRgylERA&expires=30&gdpr=0
42 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABA9U7LPc0AABNRgylERA&expires=30&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABA9U7LPc0AABNRgylERA&expires=30&gdpr=0
Date
Wed, 10 Jan 2024 18:49:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 41B3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LR84XAX2-1U-C4IM&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR84XAX2-1U-C4IM
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR84XAX2-1U-C4IM&ckls=true&ci=PDdHuMmCCp&nc=false&trid=-116256748
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR84XAX2-1U-C4IM&ckls=true&ci=PDdHuMmCCp&nc=false&trid=-116256748
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
13.249.85.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-85-33.ord52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:36 GMT
via
1.1 b3b447b105629bd56594fff84bb75992.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
IgvaAJz82LCSWuKnnlEWPvJREVRBDH39L-5fyfV2u7Cys7F0k5o4CQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:36 GMT
via
1.1 1ecd507992d571d2f586f5b218388a24.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P3
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR84XAX2-1U-C4IM&ckls=true&ci=PDdHuMmCCp&nc=false&trid=-116256748
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Z41gEjKwBjP2N_WnHCTXC2gzc6rUwQPlwrp15vIQ1a6RAzcoxNuQ2g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 41B3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR84XAX2-1U-C4IM&gdpr=0
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR84XAX2-1U-C4IM&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
52.6.62.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-62-160.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:35 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR84XAX2-1U-C4IM&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Expires
0
pixel
capi.connatix.com/us/ Frame 41B3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LR84XAX2-1U-C4IM&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LR84XAX2-1U-C4IM&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LR84XAX2-1U-C4IM&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
843719d26a0b3a06-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 10 Jan 2024 18:49:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LR84XAX2-1U-C4IM&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
843719d138093a06-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
magnite
prebid.a-mo.net/setuid/ Frame 41B3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
  • https://prebid.a-mo.net/setuid/magnite?uid=LR84XAX2-1U-C4IM&gdpr=0
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LR84XAX2-1U-C4IM&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LR84XAX2-1U-C4IM&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 41B3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=eb1d2174-4993-4a4f-b612-9f916f5fd710&expires=30&gdpr=0
42 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=eb1d2174-4993-4a4f-b612-9f916f5fd710&expires=30&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
eea754ae2ea80a3b4eb2fcf35349058a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=eb1d2174-4993-4a4f-b612-9f916f5fd710&expires=30&gdpr=0
Date
Wed, 10 Jan 2024 18:49:36 GMT
Connection
keep-alive
X-CI-RTID
a03e13d6-b47e-4a62-add8-609c247649b9
Content-Length
155
Content-Type
text/html; charset=utf-8
merge
ce.lijit.com/ Frame 41B3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LR84XAX2-1U-C4IM&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LR84XAX2-1U-C4IM&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LR84XAX2-1U-C4IM&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
Expires
0
khaos.json
token.rubiconproject.com/ Frame 8B23 		7 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LR84XAX2-1U-C4IM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
9.gif
id5-sync.com/c/687/1242/0/
Redirect Chain
  • https://id5-sync.com/i/687/8.gif?id5id=ID5*H5i_3T5EH7ILVz9bT63Pcey9wY8aPlvirajTinWA2617etR7ygZjNTGOm0H1uAYoe3sReo-io88YoL5PGtHoAQ&o=api&gdpr_consent=undefined&gdpr=false&gpp=DBACOe~CP4KqwAP4KqwAEXg...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F108%2F7%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%...
  • https://id5-sync.com/c/687/108/7/2.gif?puid=9f598662-327e-406c-a623-1639fcaad77f&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJA...
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F796%2F6%2F3.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/687/796/6/3.gif?puid=eb1d2174-4993-4a4f-b612-9f916f5fd710&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJA...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=e59d3934-868a-4c3e-9652-c62263f9455b&ttl=%%TTL%%
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F441%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFg...
  • https://id5-sync.com/c/687/441/4/5.gif?puid=u_9a3ca466-c429-4f79-bc91-994aa02d8112&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAE...
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAF...
  • https://id5-sync.com/c/687/434/3/6.gif?puid=6da7a73d-c934-4847-ac54-caabe4abbf80&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJA...
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F203%2F2%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D...
  • https://id5-sync.com/c/687/203/2/7.gif?puid=8cb235f6-5897-4ec0-8d5c-d9793ac95fbd&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJA...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4KqwAP4KqwAEXgoAE...
  • https://id5-sync.com/c/687/429/1/8.gif?puid=BC1540B7-931D-4457-8971-3EF62F259356&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJA...
  • https://ce.lijit.com/merge?pid=58&3pid=BC1540B7-931D-4457-8971-3EF62F259356&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F1242%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/687/1242/0/9.gif?puid=H-CpjPZHkAIsI4hfTom0aT2C&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAA...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/687/1242/0/9.gif?puid=H-CpjPZHkAIsI4hfTom0aT2C&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 10 Jan 2024 18:49:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://id5-sync.com/c/687/1242/0/9.gif?puid=H-CpjPZHkAIsI4hfTom0aT2C&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4KqwAP4KqwAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4KqwAP4KqwAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		411 B
176 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1915419649376422&correlator=1019637752955781&eid=31080295%2C31080299&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&us_privacy=1---&iu_parts=4011%2Ccourant.com%2Cnews%2Cconnecticut-news%2Csponsorship_1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x50%7C320x50&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D506fc7777242df3b%3AT%3D1704912572%3ART%3D1704912572%3AS%3DALNI_MZ8Gaka985hFbwTDPA41VrRD-L7Rg&gpic=UID%3D00000db60a434777%3AT%3D1704912572%3ART%3D1704912572%3AS%3DALNI_MZpurniMNNC894zD-FS1_MMfFsgZQ&abxe=1&dt=1704912576418&lmt=1704912576&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&vis=1&psz=0x0&msz=0x0&fws=1156&ohw=0&psts=AOrYGsnYij7ielh0Y3yH6B07LP0R1gxHs0nVenkHzKJFRoRVa3Dhz2hatx98S2LaIvZiY1f0QdqL21U61557P-yi1Fg2Zxw%2CAOrYGsn4OnampU1qDb6cT34OanqF7LtxislAnElrksQL7lLN9_UCfMQgbDBSKrModsNO0atFUUKqd5u0w0lIFdxa_Q5vNLM%2CAOrYGsk7paeRlKrqHGDEY7kC42lbK1atSgkY-Qbg7b_aN4dl2yI8Dt_qqFnFpJ9eebLQP8ltXiLSlIeAhBc4wrE-bQP8MWs%2CAOrYGsnatN_EwfcP-Ekvc7ToHJmSTe5txGCQCcBzWofbB_tIZQwhNuKfnJgoGQBeivhlB1zzLpSc8d-dHRXu7HO8aEivYaY%2CAOrYGskEV6UYYLD59dExZIUcYfq8YLhviulEA2j6Y-ZBCXGAsNtBSROk_3HFCl6zwqkj0oamyTQ_7C7sEGLybabHefTeZPU&ga_vid=221492105.1704912568&ga_sid=1704912572&ga_hid=459813501&ga_fc=true&ga_cid=674424301.1704912568&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjEnNWlzzFIABLWAQoIcnRiaG91c2USwAEwNVlEVVg2Sm5YdysrTVhiR2wyVGphYnk0b0pPYzV3TDdLY2ZwSktRSkhNNVI4UGloWUJOcEtPOTMwK2dwbE1HVUx4RnBSVTVMUG9RZURXVXNuOVQvc1F4bjhrWDFFSk5yTnQwZWx0TFJFbjZ5QkcrYXVGVjF0TTV6YjVwV01OaFNwbjRSTkhSYXVBV1pmQWF5L3RNemZ3LzcvSnRkNVhDV2xoZ0ZHWG1GRjRST0R4QzlmUFUzeHowdW9PQXU2enkYqp_Vpc8xSAASGwoMMzNhY3Jvc3MuY29tGLWb1aXPMUgAUgIIbxI-CgVvcGVueBIsZXlKcElqb2lXRlF4YTNsUVJtMVVWV0ZYYzJ4NlZsbElMMGxuVVQwOUluMD0YkJzVpc8xSAASHQoOZXNwLmNyaXRlby5jb20YkZrVpc8xSABSAghk&dlt=1704912565835&idt=5680&prev_scp=pos%3DSponsorship_1%26optimera%3DZ%252CC7%252CC0%252CDE&cust_params=htlbidid%3D27497%26is_testing%3Dno%26kv%3Dconnecticut-news%252Cnews%252Cbreaking-news%252Cchild-pornography%252Cconnecticut-news%252Ccourt%252Ccrime%252Cct-news%252Cfederal-prison%252Chartford-courant%252Clocal-news%252Cnorth-branford%252Cprison%252Csentencing%252Ctaylor-hartz%252Cconnecticut%252Cnew-haven-county%252Cnorth-branford%26page%3Darticle%26content%3D%26RPN%3D415850526041%26rurl%3D%26articleid%3D6274276&adks=3609289630&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855db21e0ff9d91973fbc966e1c0ed25a4a1d47a9cc66bae3726cd5d3b5f89f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pips.taboola.com/ 		4 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by
cache-yyz4553-YYZ
date
Wed, 10 Jan 2024 18:49:36 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.courant.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:33:33 GMT
content-encoding
br
age
2164563
x-guploader-uploadid
ABPtcPqoJ_qYnevpN3Sw7njJekKVg-SyvuKdhXjW8Ix88fTMaO3ersfli0AIRvqniQmVL7n0sgC1Z9eezyjRYbQdKB10UaiqIuBj
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1317
last-modified
Mon, 13 Nov 2023 15:33:51 GMT
server
UploadServer
etag
"dbc90523c425a5d782995c1a39051881"
x-goog-generation
1699889631731187
x-goog-hash
crc32c=Xs/EYg==, md5=28kFI8QlpdeCmVwaOQUYgQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
1317
accept-ranges
bytes
content-type
text/javascript
usersync
usersync.gumgum.com/ Frame A9C3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&khaos=LR84XAX2-1U-C4IM
  • https://usersync.gumgum.com/usersync?b=mag&i=LR84XAX2-1U-C4IM&gdpr=0&gdpr_consent=undefined
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LR84XAX2-1U-C4IM&gdpr=0&gdpr_consent=undefined
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LR84XAX2-1U-C4IM&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
44e748b6247b033344ab4f6b8c0f8cbb
Expires
0
sync
usr.undertone.com/userPixel/ Frame 8B23
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr_consent=undefined&gdpr=0&khaos=LR84XAX2-1U-C4IM
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR84XAX2-1U-C4IM&gdpr=0&gdpr_consent=undefined
0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR84XAX2-1U-C4IM&gdpr=0&gdpr_consent=undefined
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
34.206.237.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-237-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:36 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR84XAX2-1U-C4IM&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame BB72 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
Origin
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 21:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 21:26:44 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 26EF 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
Origin
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 21:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 21:26:44 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 5FC7 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
Origin
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 21:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 21:26:44 GMT
khaos.json
token.rubiconproject.com/ Frame 0661 		7 B
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LR84XAX2-1U-C4IM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
connatix.playspace.js
cds.connatix.com/p/407037/ Frame D0FE 		1 MB
304 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/407037/connatix.playspace.js?cid=38d5daa3-18ac-4ee1-a905-373c67622f25
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
878548ccb699d4d47f036ced300780bae1cb3f75abb5af276db3589f800575a3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:36 GMT
x-amz-version-id
A1X5m8qro1R5CG8lR8LGTwJm8h1LSpTy
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 10 Jan 2024 15:17:47 GMT
server
cloudflare
etag
W/"775a923c99ea088219b4b1d48f48259a"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
843719d4ef4e3a06-YYZ
access-control-allow-headers
range
expires
Thu, 09 Jan 2025 18:49:36 GMT
syncframe
gum.criteo.com/ Frame EB83 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.courant.com&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 18:49:36 GMT
server
Kestrel
server-processing-duration-in-ticks
3080230
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 Jan 2024 18:49:37 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b&mbl=ZmFsc2U=
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Jan 2024 18:49:37 GMT
cache-control
no-store
server
nginx
cs
cs.yellowblue.io/ Frame 0661
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LR84XAX2-1U-C4IM
  • https://cs.yellowblue.io/cs?aid=11590&id=LR84XAX2-1U-C4IM
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LR84XAX2-1U-C4IM
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LR84XAX2-1U-C4IM
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f1d2dfe1ca3ed0321925c13f4507bd26
Expires
0
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 9FE5 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
Origin
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 21:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76973
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 21:26:44 GMT
placeAnAd_tribpub_320x50.html
s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/ Frame C3A3 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf2376b276cc094c06a9365bb20f289b665f6712f0bb2ce1e3200d41f1936da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
9330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
gzip
content-length
1782
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 16:14:07 GMT
expires
Thu, 11 Jan 2024 16:14:07 GMT
last-modified
Mon, 29 Nov 2021 15:33:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame BB72 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspk3RxZC7v5w6_nH1KGXjdlgQwzZVBo8KJ0oZVPERvoE-MVjaIiQPRjygQR977m1T-LBdvaqTiFeZA7zRWZj1r192x8PRXOCqk6pd-V4XDbzoqkcx-7-5lgMH_PzuJ7bDIMQ-jju6ghGgC_RR61jPtTYS82GAs3Ct_hCRcpwydtRJjtXAMcOldOIPjtWUa__F1uwktiVQ_sv1-F6hMs40Ml4615BJzYV1eMVzkaw9_BRSq8ZzfF80wYQAtH99l6fyoA_vNuVrL8dnf1azOrBCMzR01AVufTnwyPHDoBiPMgNrOrZ02jjqTOSZyaawbd0nwN4MhNs2_k2CQEIvrhfaihZeRsid-Dwwar1q0whpwU3KVWEsgnTujz6ybdpnp_wHqCIelLqd5wj4o7xXYnIKeAhA&sai=AMfl-YTR60q25FdcBrLcpTVR9pvrBXcfJpEYiRvreFWZkn-eRQuA0ZP4imeVqQMlRyDlPZ45kDekDt_I1cErnvobQfg8gWqx_4oc0BRDcE6MZp17Ke-nKQiYgtysoeB8KA&sig=Cg0ArKJSzK3aaAPFI9CtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
placeAnAd_tribpub_728x90.html
s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/ Frame EF40 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/placeAnAd_tribpub_728x90.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56eed25183cdafeccfe798945a039d2b9ae3a84adf91548b58fa2684f30bc8fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
37610
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
gzip
content-length
1783
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 08:22:47 GMT
expires
Thu, 11 Jan 2024 08:22:47 GMT
last-modified
Mon, 29 Nov 2021 15:34:45 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 26EF 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdUURomvTxhbcC6plUPBRL9UgTBmi7qrfwyaykxu-WVaqrvx7usdPEBWCR67kfyT_MyIAowFXg-1GJr74Mj4l9ptxIYo4NCOkPZNgJ-dfbb4Jacw9HWj_m4ZioI2gRe7dpqtyuPtIgi4cpvaFQiCeQI0Al8himPoq3eJo0tN9xoLgdHYVB78ENjzFW7kHCLnXhet-sWBFwdkOAo97PuYbC7ZwXYrKP5BXHLbNHgvrKirh24XuztxOITXJwY7DAQPKVJDi5w-a_s2eopsDoFv55IpEpS9dHxn_k2ZzAdiQAZs5HEt4qt5gvygeajmrEWNoYplM45u81bBsf3aO2HGEFWxm7H1VAozy6tNP-rm8b8rCetPVO1-3Qg9blYHOJrN4gocjCb-lHSRLzw_RTW6J-75P91A&sai=AMfl-YQRlsps9MS8Fia8AExexhnjuoi38-WECulHT-zsLvOx-4WjZHEjV4AqL2HgwCeqaPHOnaQG0IIzOF5WzdP_gZd06QRIgcdQSJmtA_l_O00DsWnvj9hGT_C6fkicRQ&sig=Cg0ArKJSzBOiYfmMoQGLEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
main-v2_2310f880ee35407f87f754e56bbccc9a.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		478 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_2310f880ee35407f87f754e56bbccc9a.br.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a8468608faf727a5af1a589c5813abcbb79df1b725194d2e67e5a31250ae2262

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:27:37 GMT
content-encoding
br
age
87720
x-guploader-uploadid
ABPtcPoajjte2xc6LNLjxxrsA02QAhQNGjhOE3efCugGWwe8MHlOCeGEoLqHfij6k02h2DeF18kYJdobJkfP8eDyaoLPsIz7ds7E
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106433
last-modified
Tue, 09 Jan 2024 18:27:26 GMT
server
UploadServer
etag
"15a9fcba0ae8b5ac383d15f9909f25a9"
x-goog-generation
1704824846156054
x-goog-hash
crc32c=044wmw==, md5=Fan8ugrotaw4PRX5kJ8lqQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
106433
accept-ranges
bytes
content-type
text/javascript
cjs_min_1e55b565811f11b08485230cf1d150d6.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9846c98d92f9ede0abb2db68013d613791db3ccdb486451de1432034b563fb77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 11:09:39 GMT
content-encoding
gzip
age
27598
x-guploader-uploadid
ABPtcPqQmcjIByuNoDpS2KrNwA-NVuCmCM7S7sIC6ei11u-xoEDpBaZogY0KHQJMCKhZeNZHKYJjOwiZV7F7EvUox70onw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15751
last-modified
Wed, 13 Dec 2023 16:23:11 GMT
server
UploadServer
etag
"d7dc7d7ebcc4f5af5fc2d4804e7ec737"
x-goog-generation
1702484591435387
x-goog-hash
crc32c=3TW0yQ==, md5=19x9frzE9a9fwtSATn7HNw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000,no-transform
x-goog-stored-content-length
15751
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
placeAnAd_tribpub_300x250.html
s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/ Frame AAF7 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/placeAnAd_tribpub_300x250.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a4f35250016b2ed22899c8d576324d5a20712c6e6e67c4e5b343c33e12b3d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
67143
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
gzip
content-length
1783
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 00:10:34 GMT
expires
Thu, 11 Jan 2024 00:10:34 GMT
last-modified
Mon, 29 Nov 2021 15:33:46 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5FC7 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdc1TN3D0TyWQY6GfZf_JyJ9cLISLEKpsid1W8DZNRao4SHxqjaAyfLeg2sPOYdFZV6urY7LdeLeksm4GRnta5ReYmcROzqsP_yzitjtlsVNjPFpSX8Vi2S9QLxAvcVUbYMtyz1zoXo1b_2KsPAOUFXvmQbCfxxKYMD9RZnSHfuGDZYdvbpsfHkYe3okoM11CGtHEagrmIATDNrMwYGC1vJKq7rIW2XbCeDNm33YHMDXYzZ3kuvUi6AALCx67iajPYCPL8L-oNKzVDSehLTbR515_4k-FCEBplM7SezLJDFIA4b0cvbjB6fFpzz2oQ2tzf2mlohYdnnuvwPWdojtCoZVHq_nPmeBGFvvZeQavuQIDQp00nXCw9lcz8MJreithH2VMnE-Gw-QUvXw6OxUaNEVArQw&sai=AMfl-YTz5ci6WAJe9eHZq1Efna7X6uUg6aDlWDVObJdVdr1GLe3fy0MQZ-1qyrnMe6-pV4GGBzw7YHbyzLwj8vKt3pGOes7NCWD_-YhpxwXTIHQ8QCrZVI1l6GiFlXQE9g&sig=Cg0ArKJSzOYzy84XZIJMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sid
mug.criteo.com/ Frame EB83
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=courant.com&sn=ChromeSyncframe&so=3&topUrl=www.courant.com&bundle=BI9wbl9ENzllSEhnNzkwNksxcmhuUWxoTHJFc0JWT2VaemJpTDIlMkJ2SHpnYW5xMiUyRlQw...
  • https://mug.criteo.com/sid?cpp=_wRPE3xHMjRsdklLY3JYT3I4RjQ1RE1UbkJ2aXZ5NzFKSmVPcHBWUGxNQWdFWVlOb3FsK29ZVHpxWlE2VGdSNXh3OTBSV21scW1FWDJYNy96eGJicUpJZ1gvakVrNWN3RWFuRVZaamZxOG1PMWdyZmdGai9qYXpyZU53ZH...
420 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_wRPE3xHMjRsdklLY3JYT3I4RjQ1RE1UbkJ2aXZ5NzFKSmVPcHBWUGxNQWdFWVlOb3FsK29ZVHpxWlE2VGdSNXh3OTBSV21scW1FWDJYNy96eGJicUpJZ1gvakVrNWN3RWFuRVZaamZxOG1PMWdyZmdGai9qYXpyZU53ZHpwbHM1NFZ1SVVpanMzODVSbytRWWcra0hjUEYvclBmUGFOdlVSekE0RGRMNVJBenpvVEJDVzkrRzV6dFZBT3JxMndLSkpZS2ZlWWZId3NneG5DdWFkK3NwQXloTWgyUHBwRXVGS3FBR20yQTlGRktVeGZJaG9BQWxrTU52bDJVbE9NTEt0eGpwRXhtK3YzQ0s0eUpDeFM5RjcvQlluL2lkdzQ0S0xZWTJrUXZqUjljUWJZdz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9b47d87a7fe583a81f426bf087695c17b541265945da90966e10c018b3f70be0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1716347
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=_wRPE3xHMjRsdklLY3JYT3I4RjQ1RE1UbkJ2aXZ5NzFKSmVPcHBWUGxNQWdFWVlOb3FsK29ZVHpxWlE2VGdSNXh3OTBSV21scW1FWDJYNy96eGJicUpJZ1gvakVrNWN3RWFuRVZaamZxOG1PMWdyZmdGai9qYXpyZU53ZHpwbHM1NFZ1SVVpanMzODVSbytRWWcra0hjUEYvclBmUGFOdlVSekE0RGRMNVJBenpvVEJDVzkrRzV6dFZBT3JxMndLSkpZS2ZlWWZId3NneG5DdWFkK3NwQXloTWgyUHBwRXVGS3FBR20yQTlGRktVeGZJaG9BQWxrTU52bDJVbE9NTEt0eGpwRXhtK3YzQ0s0eUpDeFM5RjcvQlluL2lkdzQ0S0xZWTJrUXZqUjljUWJZdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
458562
content-length
0
expires
0
cSyncRemoteEntry.js
cds.connatix.com/p/407037/ Frame D0FE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/407037/cSyncRemoteEntry.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
x-amz-version-id
n35iW1fsi.Sb.fprA1AJ86LOIYF6a9XY
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 10 Jan 2024 15:17:49 GMT
server
cloudflare
etag
W/"d60d811350d7df0f4503ae40d8a9728a"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
843719d8fff13a06-YYZ
access-control-allow-headers
range
expires
Thu, 09 Jan 2025 18:49:37 GMT
connatix.playspace.css
cds.connatix.com/p/407037/ 		117 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/407037/connatix.playspace.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc5851758ac9f463cdc2fc3f76298fe17e16d607788e6e2bf486f19288413eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
x-amz-version-id
I.NpsXaLjZtLCZNTSjPQFR9KipkEAPf2
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 10 Jan 2024 15:17:47 GMT
server
cloudflare
etag
W/"82dee560f7efd9da1bab844ae7f14cef"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
843719d8fffe3a06-YYZ
access-control-allow-headers
range
expires
Thu, 09 Jan 2025 18:49:37 GMT
createjs.min.js
s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/libs/1.0.0/ Frame C3A3 		236 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/libs/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 21:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63907
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:33:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 21:56:15 GMT
placeAnAd_tribpub_320x50.js
s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/ Frame C3A3 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b601fc83035bbc889da1cc25a00d9717b4c6b86dedf63bfd8ef872450d3b1f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5540
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:33:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 16:26:20 GMT
createjs.min.js
s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/libs/1.0.0/ Frame EF40 		236 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/libs/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/placeAnAd_tribpub_728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/placeAnAd_tribpub_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:22:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37610
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63907
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:34:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 08:22:47 GMT
placeAnAd_tribpub_728x90.js
s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/ Frame EF40 		46 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/placeAnAd_tribpub_728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/placeAnAd_tribpub_728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36dac7012372f0b0c74a33ec040db81109d15ee8a99c4922402e56a86737640b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/placeAnAd_tribpub_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10257
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:34:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 18:45:26 GMT
createjs.min.js
s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/libs/1.0.0/ Frame AAF7 		236 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/libs/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/placeAnAd_tribpub_300x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/placeAnAd_tribpub_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 00:49:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63907
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:33:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 00:49:43 GMT
placeAnAd_tribpub_300x250.js
s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/ Frame AAF7 		47 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/placeAnAd_tribpub_300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/placeAnAd_tribpub_300x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df3bd2b5ba1953de83dfadb867bd652bc7e5c9d15d31345661f0d9543c634f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/placeAnAd_tribpub_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 06:02:10 GMT
x-content-type-options
nosniff
age
46047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48213
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:33:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 06:02:10 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C580 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55033247&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3bd72ab0a106f85ffff184fb630448b2aa66aafe4ef26f0dc15b5adb6c5187d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 10 Jan 2024 18:49:36 GMT
content-length
1623
content-type
text/html; charset=UTF-8
generate_204
tpc.googlesyndication.com/ Frame 0BB7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0pcrbQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
placeAnAd_tribpub_320x50.html
s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/ Frame 7CC4 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf2376b276cc094c06a9365bb20f289b665f6712f0bb2ce1e3200d41f1936da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
9330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
gzip
content-length
1782
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 16:14:07 GMT
expires
Thu, 11 Jan 2024 16:14:07 GMT
last-modified
Mon, 29 Nov 2021 15:33:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9FE5 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspk3RxZC7v5w6_nH1KGXjdlgQwzZVBo8KJ0oZVPERvoE-MVjaIiQPRjygQR977m1T-LBdvaqTiFeZA7zRWZj1r192x8PRXOCqk6pd-V4XDbzoqkcx-7-5lgMH_PzuJ7bDIMQ-jju6ghGgC_RR61jPtTYS82GAs3Ct_hCRcpwydtRJjtXAMcOldOIPjtWUa__F1uwktiVQ_sv1-F6hMs40Ml4615BJzYV1eMVzkaw9_BRSq8ZzfF80wYQAtH99l6fyoA_vNuVrL8dnf1azOrBCMzR01AVufTnwyPHDoBiPMgNrOrZ02jjqTOSZyaawbd0nwN4MhNs2_k2CQEIvrhfaihZeRsid-Dwwar1q0whpwU3KVWEsgnTujz6ybdpnp_wHqCIelLqd5wj4o7xXYnIKeAhA&sai=AMfl-YTR60q25FdcBrLcpTVR9pvrBXcfJpEYiRvreFWZkn-eRQuA0ZP4imeVqQMlRyDlPZ45kDekDt_I1cErnvobQfg8gWqx_4oc0BRDcE6MZp17Ke-nKQiYgtysoeB8KA&sig=Cg0ArKJSzK3aaAPFI9CtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
inbox-v2_48b3046e5658d067d380731acb25edd9.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_48b3046e5658d067d380731acb25edd9.br.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d37545bbfbab30b44e51e630172af7d5d8a717afe66642b3e8eba0f6e1666872

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:32:38 GMT
content-encoding
br
age
166619
x-guploader-uploadid
ABPtcPqM3DyNdXZQkVc5owsLBV7qezAYmth6s-ADh8h334gaL6516ZiXRZBqlLhj4wBa7r-fL3jh51C_XnXjaBCeFj1EAw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4862
last-modified
Thu, 07 Dec 2023 16:30:37 GMT
server
UploadServer
etag
"e08d76c0eee63d930afa55862092fe13"
x-goog-generation
1701966637584237
x-goog-hash
crc32c=om6Z6Q==, md5=4I12wO7mPZMK+lWGIJL+Ew==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
4862
accept-ranges
bytes
content-type
text/javascript
sms-v2_59133b5ff2491255abf0da3a6c439b40.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/sms-v2_59133b5ff2491255abf0da3a6c439b40.br.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7d6b2e34f8baa2cbb0d0352ba4401894ca78bd0e98a8f0259798be00d3f9f4ec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 19:42:07 GMT
content-encoding
br
age
428850
x-guploader-uploadid
ABPtcPoenwOLxvsl-YvafjHHiuBx-mMf-H5gy2p_q_Auqw4oJ7unrJLvKOv1TRmUCqGx2MmyH_udhxg9W5XBs4vcRHRnykfN5y6W
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1301
last-modified
Thu, 04 Jan 2024 21:33:16 GMT
server
UploadServer
etag
"fc8b1adafd5fdfc3a8542a947659bc4f"
x-goog-generation
1701703223576805
x-goog-hash
crc32c=pCs8WQ==, md5=/Isa2v1f38OoVCqUdlm8Tw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
1301
accept-ranges
bytes
content-type
text/javascript
onsite-v2_5631bf90701659009118a89f964ae570.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_5631bf90701659009118a89f964ae570.br.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:36:24 GMT
content-encoding
br
age
591193
x-guploader-uploadid
ABPtcPoA-xoP9e-984OcKbtpY8VjNtTh34I02gHoHMQ3TxCLyLba7AW8htSVJRyvjL__VNtdGQjnn0wUu5Qpx2p_wqUFCrlvwWLY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4962
last-modified
Mon, 04 Dec 2023 15:20:09 GMT
server
UploadServer
etag
"801d41813e7b11c4986b4ca00307283b"
x-goog-generation
1701703209164802
x-goog-hash
crc32c=+KL22A==, md5=gB1BgT57EcSYa0ygAwcoOw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
4962
accept-ranges
bytes
content-type
text/javascript
ads-v2_37cc0ef2d386d1feb3ecca6c2567f9e5.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		175 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_37cc0ef2d386d1feb3ecca6c2567f9e5.br.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
aa953f4d52f4da871ada41158b62e9e84fbfb39580965fea146df4de95aaddee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:27:07 GMT
content-encoding
br
age
87750
x-guploader-uploadid
ABPtcPqxHKs_i8iszLRH0s4iWcDyeaq94ZtXAAKJzlGw3V7XICh40thQVSi-2Y1vROJtNhkSaz0Tf4OGiTA-A80xJXqvFg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39066
last-modified
Tue, 09 Jan 2024 18:26:55 GMT
server
UploadServer
etag
"f86c38f998ed45513e8b458c2882eacc"
x-goog-generation
1704824815677978
x-goog-hash
crc32c=YYcQtA==, md5=+Gw4+ZjtRVE+i0WMKILqzA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
39066
accept-ranges
bytes
content-type
text/javascript
9d74668f198d13181dda20b714c1d037.br.json
assets.bounceexchange.com/assets/gam/4011/ 		756 KB
136 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/gam/4011/9d74668f198d13181dda20b714c1d037.br.json
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_2310f880ee35407f87f754e56bbccc9a.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c329ba99041e98b390b22b93ac9bbe95cc709312ce4b7df7d1e0a4e915dd3b84

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:02:12 GMT
content-encoding
br
age
2845
x-guploader-uploadid
ABPtcPpVqdUTMAashx-ath_77el5FBnCqqY485bi9gX-qcJ8Bnoo10gzk_sOnfhP9DwCE8Y80gckWHLG1aeWaTNYm8fJVZay_9hl
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138760
last-modified
Wed, 10 Jan 2024 18:01:54 GMT
server
UploadServer
etag
"2e2ee3e84e882ff14f4b4bbb9938406e"
x-goog-generation
1704909714723650
x-goog-hash
crc32c=WEnBCA==, md5=Li7j6E6IL/FPS0u7mThAbg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, etag
cache-control
public,max-age=31536000
x-goog-stored-content-length
138760
accept-ranges
bytes
content-type
text/plain; charset=UTF-8
952.js
cds.connatix.com/p/407037/ Frame D0FE 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/407037/952.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
x-amz-version-id
_tU9PL2pdJLjc2.MWG1SowK93ml2Be7z
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 10 Jan 2024 15:17:49 GMT
server
cloudflare
etag
W/"57846254bbd200f9201061ef4191f1e3"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
843719da2b7c3a06-YYZ
access-control-allow-headers
range
expires
Thu, 09 Jan 2025 18:49:37 GMT
402.js
cds.connatix.com/p/407037/ Frame D0FE 		45 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/407037/402.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a453ade31af0118629c4b7686eaae4e4248a1768b707e033d8d0f4eaf177c01a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
x-amz-version-id
wTsLXavenoEKz0X61dJdMem2zRYpG_81
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 10 Jan 2024 15:17:49 GMT
server
cloudflare
etag
W/"0bfdcab785ef6b9a586feebcbe69419f"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
843719da2b823a06-YYZ
access-control-allow-headers
range
expires
Thu, 09 Jan 2025 18:49:37 GMT
/
data.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.148.158 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
158.148.102.34.bc.googleusercontent.com
Software
/
Resource Hash
ca8edd84575cece2729fc29af7a81907d962da5d810ce7c077477dba5af5b21d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:38 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.98.126.122 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
122.126.98.34.bc.googleusercontent.com
Software
/
Resource Hash
eec2cd1094a6238af60f038e8f42ee2e90b115afd360a765d49a2dcd1d532336

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:38 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.20.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.20.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e15506e299da3d4a8ca095007fae20286400cb4993c333f0bff4360cc1fe2cca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:37 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
Pug
image2.pubmatic.com/AdServer/ Frame DEC1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCQTlVN0xQYzBBQUJOUmd5bEVSQQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?uid=AABA9U7LPc0AABNRgylERA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABA9U7LPc0AABNRgylERA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6633317921081862514&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AABA9U7LPc0AABNRgylERA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6633317921081862514%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6633317921081862514&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AABA9U7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABA9U7LPc0AABNRgylERA&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABA9U7LPc0AABNRgylERA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 10 Jan 2024 07:59:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 10 Jan 2024 18:49:38 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABA9U7LPc0AABNRgylERA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2C37
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2840245782802064973&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2840245782802064973&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 10 Jan 2024 18:49:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
843a8f8b-a425-4c39-9251-b6044997dc56
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 10 Jan 2024 18:49:37 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2840245782802064973&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.36; 96.9.249.36; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 09B8 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 10 Jan 2024 18:49:37 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4557-YYZ
x-timer
S1704912578.717199,VS0,VE21
Pug
image2.pubmatic.com/AdServer/ Frame 90BA
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_43f4896b9c164b82b4130
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_43f4896b9c164b82b4130
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 10 Jan 2024 18:49:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Wed, 10 Jan 2024 18:49:37 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_43f4896b9c164b82b4130
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
ecm3
s.amazon-adsystem.com/ Frame DE6F 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDBC1540B7-931D-4457-8971-3EF62F259356
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 10 Jan 2024 18:49:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
GSS3NVQ8JKSCYJH6ABPG
insync
thrtle.com/ Frame C580
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=BC1540B7-931D-4457-8971-3EF62F259356&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=BC1540B7-931D-4457-8971-3EF62F259356&vxii_pid=12&vxii_pid1=10067&vxii_rcid=9c589e05-8916-459e-b49f-934b4cf7a740
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=BC1540B7-931D-4457-8971-3EF62F259356&vxii_pid=12&vxii_pid1=10067&vxii_rcid=9c589e05-8916-459e-b49f-934b4cf7a740
Protocol
H2
Server
34.234.194.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-194-189.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Wed, 10 Jan 2024 18:49:37 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=BC1540B7-931D-4457-8971-3EF62F259356&vxii_pid=12&vxii_pid1=10067&vxii_rcid=9c589e05-8916-459e-b49f-934b4cf7a740
date
Wed, 10 Jan 2024 18:49:37 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame C580 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=BC1540B7-931D-4457-8971-3EF62F259356&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame C580 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=BC1540B7-931D-4457-8971-3EF62F259356&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.34.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-34-250.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:37 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame C580 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=BC1540B7-931D-4457-8971-3EF62F259356&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.7.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-7-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 10 Jan 2024 18:49:37 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C580
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=eb1d2174-4993-4a4f-b612-9f916f5fd710&gdpr=0&gdpr_consent=
1 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=eb1d2174-4993-4a4f-b612-9f916f5fd710&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 10 Jan 2024 18:49:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=eb1d2174-4993-4a4f-b612-9f916f5fd710&gdpr=0&gdpr_consent=
Date
Wed, 10 Jan 2024 18:49:37 GMT
Connection
keep-alive
X-CI-RTID
15824aae-b4c0-4f46-a71d-3bb81ad23fa0
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame C580
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BC1540B7-931D-4457-8971-3EF62F259356&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=40ab0a63f9301006&is_secure=true&networkId=17100&version=1&nuid=BC1540B7-931D-4457-8971-3EF62F259356&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFsVly7E00ZwNopi8YAAAAAAA&expiration=1704998978&nuid=BC1540B7-931D-4457-8971-3EF62F259356&...
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFsVly7E00ZwNopi8YAAAAAAA&expiration=1704998978&nuid=BC1540B7-931D-4457-8971-3EF62F259356&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 10 Jan 2024 18:49:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:38 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFsVly7E00ZwNopi8YAAAAAAA&expiration=1704998978&nuid=BC1540B7-931D-4457-8971-3EF62F259356&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
placeAnAd_tribpub_320x50_atlas_P_1.png
s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/images/ Frame C3A3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/images/placeAnAd_tribpub_320x50_atlas_P_1.png
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c387f4ae62271d1ce8cf3971d3916de18fdf3d98a3dc589f6ae545e97053680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:09:59 GMT
x-content-type-options
nosniff
age
38378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2514
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:33:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 08:09:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BB72 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4ewSbluEbepddX9C9yZheD15TJLwhUnlOuI7wSqr0lO_WRg4KtwFK5sFK4OjK1hhXGTyE-IpGYBfVLSPdaV7C5X1X221yhgmdBMrHubPkcXEbKY5NGVdU8850hc7ShatujKxptQENksUH82-PYuhMjWob4_5vuKhpNto67eO4BS5MPtC1jz2fIQU06kqFgyBtJ4Xhm6r1XgWDGwXxQ8RSD4WjK1ZlAtP_O-13UnqlF3qlS4g69W-XPS0LuF8B6PHhfHjgr6VqslxDBxY7MarHI4Suk6Ilq5yDfGI4XXPTAuung0isEBu-yYMwG0vx7qQDe6_gFBS17oCb_K6XpvDhD0vSHEo_HBNblwAPw7z95Hl2yI-k9NabIg1deg3bviHUxLjE5vnZNn46jiQcCsYr19Msmw&sai=AMfl-YQztNsPsqCjZBMkNs__2F9hINpK36dlQWfvE2lsuTx9mfE5OOg76sS6cabZIZ8onIytS8Dc5XUDqBGo9ZwiRzSNmE8ltMG9anD9Xjh6tKh7g9HKKmdiNFx2mmwBbg&sig=Cg0ArKJSzJQkHnAQr5iLEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 Jan 2024 18:49:37 GMT
placeAnAd_tribpub_728x90_atlas_P_1.png
s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/images/ Frame EF40 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/images/placeAnAd_tribpub_728x90_atlas_P_1.png
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00afe3d2b0a8d1c8d36a4059464c681095e8438658d34512810d7294ff1c10d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/placeAnAd_tribpub_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:26:24 GMT
x-content-type-options
nosniff
age
8593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3407
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:34:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 16:26:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 26EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnv4BxQXxUf22ZPxEa5w7jHgdCQ5BnnuXqicJ05L8yrHZNxFKPlThQtya-KI8FyiYH5i_6OTwRECpsOLjAl56lf7KrgkSi-g1wQafXrdM7qHkqL5P0fjOzl7Mim2h7uNecD5BzuaqPJPkl0SQPSsMArOCy5P_16CjAoZoABKhNTzjIvHYkQ1G1z8yOKsbeMVs_P89uQzQ5vO4DVU-Bclne0bHP_5O4qJkBXUerWsuZdDNEFwetr8AKwrT4JbdF1jJ4kQe2dBeRhJsupc4gmMDK0me3Lbt5PUuhPAo2Nv_49N90bFKzXqP9R0PsppCx5I7gJ2bP_QSPOG1smihb707_J4D804vqESe-exeUQ31sE6HLnWSOvinMGnGIkkbTYRAFiACD6RE3CaxC9ylu7pn_blpOYPVs&sai=AMfl-YRLr7tq67uk5TTtEXUOXshpyRT0A58yocqG4iIZAVm1qRfcEe9vbR7Kg8llusrXZoJQ6Brznd5gJOhI1JFLyeUSDKJoMFyOPzN_ZRWEfF4UmUkUbJ0qOs6UbLyhvg&sig=Cg0ArKJSzF7NFOzXZa3cEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 Jan 2024 18:49:37 GMT
placeAnAd_tribpub_300x250_atlas_P_1.png
s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/images/ Frame AAF7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/images/placeAnAd_tribpub_300x250_atlas_P_1.png
Requested by
Host: 83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
URL: https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
827a7bdcfec65087214da88754738d26e2e4cc3197df6d45f0fa749d59d6b7d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/placeAnAd_tribpub_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 00:10:34 GMT
x-content-type-options
nosniff
age
67143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3998
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:33:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 00:10:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5FC7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHIpMAuXVhUrWLZoEU05Bq4HgF4393LbLZoha3L26fbSQf98NT7qr4xA8rdfzJQqcRUdPhXd9ICOxih19N-VM7RNTW38IlHPzp7wEFjzlKSqx-5jChTY30PsXgDkhK3E7Iady-6SoXBDGyC7oG_g5l5DkfEfVD4ATaa8JIxFKPrLb-mymg7V_FUA7h_P60vQL6QO4FtwMYxGwLCmDs4goGrrz3PBgodcKyr7p49Lh19vhlLkhP7EBVLYf2cDxYfY5Ljv_61leae0K_4EoYROEnC0F1LWYYivF7y3iNCisjQfqPH3AwSaWcGLND4V8EtNJYCphtIx7ycUWphmeDRtLdiXGGMCah_No_DNTIc_D9OEjbYjXoRuxcy_sX5aGUSYHCzTpeyVDJfbWql005Mnw06Wuwbd8T&sai=AMfl-YTfCJRo3p7Jqo422g6UHC9Rsdc4I1Hb77Q58VRYy3ndPGTCMoyEk5rNIrl1h0RaYYoZHZ9zN9imL8NfAX_qYUOFOXbw5kITmDFGzD5D18WyECvuO0_waxH00E3llg&sig=Cg0ArKJSzKf4HePHJfwCEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 Jan 2024 18:49:37 GMT
createjs.min.js
s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/libs/1.0.0/ Frame 7CC4 		236 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/libs/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 21:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63907
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:33:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 21:56:15 GMT
placeAnAd_tribpub_320x50.js
s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/ Frame 7CC4 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b601fc83035bbc889da1cc25a00d9717b4c6b86dedf63bfd8ef872450d3b1f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5540
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:33:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 16:26:20 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame C580 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
event-stream
k.p-n.io/ 		0
126 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=uNLCCm8o5TTAvGr56m24wQ93i6Yy82aJgLgI&ver=6.4.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.9.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-9-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 10 Jan 2024 18:49:38 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
placeAnAd_tribpub_320x50_atlas_NP_1.jpg
s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/images/ Frame C3A3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/images/placeAnAd_tribpub_320x50_atlas_NP_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5abfd52cf58b0b3bfefc1cdc4b51b091c1a830e416ccd851e0b2fcbb10eeb5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:40:04 GMT
x-content-type-options
nosniff
age
36573
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8787
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:33:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 08:40:04 GMT
placeAnAd_tribpub_728x90_atlas_NP_1.jpg
s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/images/ Frame EF40 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/images/placeAnAd_tribpub_728x90_atlas_NP_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09ac8650e400016b275b963c12b0a042ff04675b504a19d0b2f14a6f3cd2d492
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638200085045/728x90_2/placeAnAd_tribpub_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 00:10:56 GMT
x-content-type-options
nosniff
age
67121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12725
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:34:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 00:10:56 GMT
placeAnAd_tribpub_300x250_atlas_NP_1.jpg
s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/images/ Frame AAF7 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/images/placeAnAd_tribpub_300x250_atlas_NP_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdc5b950edb503a10369bdc8b31c4dc68f9d5105877caa006e8ae67ad6bfd841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638200026280/300x250_2/placeAnAd_tribpub_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 10:10:41 GMT
x-content-type-options
nosniff
age
31136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18048
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:33:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 10:10:41 GMT
sync
capi.connatix.com/core/ Frame D0FE 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/sync
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407037/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9391d9a518bf6589403b19fb3305d4cd3d174a9bfe8760646e0eb78e1397a718

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719dc0faa3a06-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
story
capi.connatix.com/core/ Frame D0FE 		183 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=407037&cid=38d5daa3-18ac-4ee1-a905-373c67622f25
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407037/connatix.playspace.js?cid=38d5daa3-18ac-4ee1-a905-373c67622f25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850fe631757ce28bcbec2d85c7edc706af8202730e1cdce7d163bce436534db5

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719dc1fd73a06-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 677B 		2 KB
976 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
984889
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
br
content-length
938
content-type
text/html; charset=UTF-8
date
Sat, 30 Dec 2023 09:14:49 GMT
etag
W/"fc893948c3efc689b5b19d8a77958e23"
last-modified
Wed, 13 Dec 2023 20:28:30 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1702499310379960
x-goog-hash
crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2408
x-guploader-uploadid
ABPtcPp-aR5WYA7uAiqn-F82taR_hTymVx3_8Q-io38dH9QL1PikqKZ_8KRtbE1IPD0kOQdMXXdVD_RdoIq5Kn2I7M9HdQ
event-stream
k.p-n.io/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=uNLCCm8o5TTAvGr56m24wQ93i6Yy82aJgLgI&ver=6.4.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.9.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-9-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 10 Jan 2024 18:49:38 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
placeAnAd_tribpub_320x50_atlas_P_1.png
s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/images/ Frame 7CC4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/images/placeAnAd_tribpub_320x50_atlas_P_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/libs/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c387f4ae62271d1ce8cf3971d3916de18fdf3d98a3dc589f6ae545e97053680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:09:59 GMT
x-content-type-options
nosniff
age
38379
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2514
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:33:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 08:09:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9FE5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4ewSbluEbepddX9C9yZheD15TJLwhUnlOuI7wSqr0lO_WRg4KtwFK5sFK4OjK1hhXGTyE-IpGYBfVLSPdaV7C5X1X221yhgmdBMrHubPkcXEbKY5NGVdU8850hc7ShatujKxptQENksUH82-PYuhMjWob4_5vuKhpNto67eO4BS5MPtC1jz2fIQU06kqFgyBtJ4Xhm6r1XgWDGwXxQ8RSD4WjK1ZlAtP_O-13UnqlF3qlS4g69W-XPS0LuF8B6PHhfHjgr6VqslxDBxY7MarHI4Suk6Ilq5yDfGI4XXPTAuung0isEBu-yYMwG0vx7qQDe6_gFBS17oCb_K6XpvDhD0vSHEo_HBNblwAPw7z95Hl2yI-k9NabIg1deg3bviHUxLjE5vnZNn46jiQcCsYr19Msmw&sai=AMfl-YQztNsPsqCjZBMkNs__2F9hINpK36dlQWfvE2lsuTx9mfE5OOg76sS6cabZIZ8onIytS8Dc5XUDqBGo9ZwiRzSNmE8ltMG9anD9Xjh6tKh7g9HKKmdiNFx2mmwBbg&sig=Cg0ArKJSzJQkHnAQr5iLEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 Jan 2024 18:49:38 GMT
placeAnAd_tribpub_320x50_atlas_NP_1.jpg
s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/images/ Frame 7CC4 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/images/placeAnAd_tribpub_320x50_atlas_NP_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/libs/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::94 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5abfd52cf58b0b3bfefc1cdc4b51b091c1a830e416ccd851e0b2fcbb10eeb5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/dfp/262976/647662736/1638199981195/320x50_2/placeAnAd_tribpub_320x50.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:40:04 GMT
x-content-type-options
nosniff
age
36574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8787
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 15:33:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 08:40:04 GMT
insights.bin
ins.connatix.com/69a53966-5fac-4df0-ba93-2036fd5714d0/9a477649-a415-4b03-849b-6f10d7ae0ad6/ Frame D0FE 		684 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/69a53966-5fac-4df0-ba93-2036fd5714d0/9a477649-a415-4b03-849b-6f10d7ae0ad6/insights.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407037/connatix.playspace.js?cid=38d5daa3-18ac-4ee1-a905-373c67622f25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae0db7e5284643b7ff2ba5fc3036503ed8eb0132419ea0cfb59e3ba8c9de77e8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 07:20:05 GMT
server
cloudflare
etag
W/"7d4daaabeb27a2c9f926d43e65cf793e"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary
Accept-Encoding
cf-ray
843719de5c7339ff-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 09 Jan 2025 18:49:38 GMT
blockedDomains_5.bin
lit.connatix.com/7d423eb6-dd12-46dd-a98d-b521e68a5053/ Frame D0FE 		54 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lit.connatix.com/7d423eb6-dd12-46dd-a98d-b521e68a5053/blockedDomains_5.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407037/connatix.playspace.js?cid=38d5daa3-18ac-4ee1-a905-373c67622f25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8326beb9639a522a44364f3635e2bafb7e5efba5bc67113b80a742d54346d4e6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Aug 2023 20:07:50 GMT
server
cloudflare
etag
W/"73dc23be34d84af1397ddc8ff368d301"
access-control-max-age
86400
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
843719de495936cd-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 09 Jan 2025 18:49:38 GMT
insights.bin
ins.connatix.com/816381ade7d7d6b0e27897bb6d33bdd4/ Frame D0FE 		396 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/816381ade7d7d6b0e27897bb6d33bdd4/insights.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407037/connatix.playspace.js?cid=38d5daa3-18ac-4ee1-a905-373c67622f25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50a4b9ed414598a072cdc70c4048e340f96622dcb9c5d76ed9eac4c5b713b582

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 11:23:15 GMT
server
cloudflare
etag
W/"7040f3c8d8f77f2422fe7977018e9a8e"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary
Accept-Encoding
cf-ray
843719de5c7539ff-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 09 Jan 2025 18:49:38 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0
  • https://cks.connatix.com/cks?pid=17&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Index&api-tier=2&uid=ZZ7mvfLvy4iNzLBqwBi9BQAA%263842
139 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=17&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Index&api-tier=2&uid=ZZ7mvfLvy4iNzLBqwBi9BQAA%263842
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a874d4baedf8012a28f39973cf60501ff8fd2edaf06799879f02c0b97aaf7f44

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719ded9cc39e9-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgZ7SmZNWfE61Dhwm8DISO7qJ6X7kLlBO7G81LZTkWEYsdmJtfkDsFx7tZE8T8YtbVmMvizRGHurrgoB7bL8aM7T82LV2jbxHwdq6Qj3JAlN6CAQOCXFU8pSBJzdxNNLrTivoZuM"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cks.connatix.com/cks?pid=17&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Index&api-tier=2&uid=ZZ7mvfLvy4iNzLBqwBi9BQAA%263842
cache-control
no-cache
cf-ray
843719ddfe8436a5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&g...
  • https://cks.connatix.com/cks?pid=15&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Beeswax&api-tier=2&uid=AABA9U7LPc0AABNRgylERA&gdpr=0
132 B
151 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=15&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Beeswax&api-tier=2&uid=AABA9U7LPc0AABNRgylERA&gdpr=0
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ec33fe1a55557837ed9ae8a1c08a24694a8f605563a2b44329604544fe4f24

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719dee9df39e9-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=15&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Beeswax&api-tier=2&uid=AABA9U7LPc0AABNRgylERA&gdpr=0
Date
Wed, 10 Jan 2024 18:49:38 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
  • https://cks.connatix.com/cks?pid=19&uid=e59d3934-868a-4c3e-9652-c62263f9455b&ttl=1707504578
146 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=e59d3934-868a-4c3e-9652-c62263f9455b&ttl=1707504578
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a62837522be0aaecc196da9464490ab11893914232c08e3e49043338e63b9c70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719def9e539e9-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=19&uid=e59d3934-868a-4c3e-9652-c62263f9455b&ttl=1707504578
date
Wed, 10 Jan 2024 18:49:38 GMT
server
Kestrel
content-length
213
cks
cks.connatix.com/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DAmobee%26api-tier%3D2%26uid%3D%23USER_ID%23&gdpr=0
  • https://cks.connatix.com/cks?pid=21&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Amobee&api-tier=2&uid=8061612558496674094
129 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=21&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Amobee&api-tier=2&uid=8061612558496674094
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e14812dd6accc09fbd065714085c9d365107f9e2c0e370fec955671961037b2d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719def9ee39e9-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=21&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Amobee&api-tier=2&uid=8061612558496674094
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cks
cks.connatix.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=25&ev=0ff19b8c3ec9405985ece597fc17608a&pname=TripleLift&api-tier=2&uid=4121083549846426384162
132 B
148 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=25&ev=0ff19b8c3ec9405985ece597fc17608a&pname=TripleLift&api-tier=2&uid=4121083549846426384162
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59eb7131355b65f8b06446462b283c93b6497bbb85d29588af986bce31c6ae36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719def9f039e9-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=25&ev=0ff19b8c3ec9405985ece597fc17608a&pname=TripleLift&api-tier=2&uid=4121083549846426384162
date
Wed, 10 Jan 2024 18:49:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DAppNexus%26api-tier%3D2%26uid%3D%24UID=&gdpr=0
  • https://cks.connatix.com/cks?pid=6&ev=0ff19b8c3ec9405985ece597fc17608a&pname=AppNexus&api-tier=2&uid=2840245782802064973=&gdpr=0
129 B
148 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=6&ev=0ff19b8c3ec9405985ece597fc17608a&pname=AppNexus&api-tier=2&uid=2840245782802064973=&gdpr=0
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9efe8dd25e2490ca020da238d099c436aec029c3da807da7942ea8afc715f792

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719def9f339e9-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:38 GMT
an-x-request-uuid
3cbe127a-5fec-403b-b12b-ab907b4a20ea
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cks.connatix.com/cks?pid=6&ev=0ff19b8c3ec9405985ece597fc17608a&pname=AppNexus&api-tier=2&uid=2840245782802064973=&gdpr=0
x-proxy-origin
96.9.249.36; 96.9.249.36; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
capi.connatix.com/us/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&gdpr=0
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2069.89%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=4371284184
  • https://sync.1rx.io/usersync3/mediamathtest/2069.89/52cc659e-e6c2-4c00-9e2c-38b9737d5434?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpuid%3DRX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005%26pI...
  • https://capi.connatix.com/us/pixel?puid=RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005&pId=44
82 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/us/pixel?puid=RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005&pId=44
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
843719e1db5a3a06-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://capi.connatix.com/us/pixel?puid=RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005&pId=44
date
Wed, 10 Jan 2024 18:49:38 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4c6d19350ff44d6897e9bae0f270cbb5005
content-type
text/html
pixel
capi.connatix.com/us/
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=6&gdpr=0&gdpr_consent=null
  • https://capi.connatix.com/us/pixel?puid=6633317921081862514&pId=40&gdpr=0&gdpr_consent=
82 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/us/pixel?puid=6633317921081862514&pId=40&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
843719defdf13a06-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://capi.connatix.com/us/pixel?puid=6633317921081862514&pId=40&gdpr=0&gdpr_consent=
date
Wed, 10 Jan 2024 18:49:38 GMT
content-length
0
/
hde.tynt.com/deb/ Frame 231E
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D0ff19b8c3ec9405985ece597fc17608a%26DemandPartnerN...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D0ff19b8c3ec9405985ece597fc17608a%26DemandPartnerName%3D_3...
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D0ff19b8c3ec9405985ece597fc17608a%26DemandPartnerName%3D_...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D0ff19b8c3ec9405985ece597fc17608a%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1711
content-type
text/html
date
Wed, 10 Jan 2024 18:49:38 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 10 Jan 2024 18:49:37 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D0ff19b8c3ec9405985ece597fc17608a%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 81CB 		16 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D0ff19b8c3ec9405985ece597fc17608a%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.109.13 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-109-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43664
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 10 Jan 2024 18:49:38 GMT
expires
Thu, 11 Jan 2024 06:57:22 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cks
cks.connatix.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DPulsePoint%26api-tier%3D2%26uid%3D%...
  • https://cks.connatix.com/cks?pid=13&ev=0ff19b8c3ec9405985ece597fc17608a&pname=PulsePoint&api-tier=2&uid=TP3jY7tnqGRv
122 B
143 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=13&ev=0ff19b8c3ec9405985ece597fc17608a&pname=PulsePoint&api-tier=2&uid=TP3jY7tnqGRv
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c33c0ff44951ae93f1af0cd10cbc52b478bbed78db846f9acabed0cbfcd132a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719def9f639e9-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cks.connatix.com/cks?pid=13&ev=0ff19b8c3ec9405985ece597fc17608a&pname=PulsePoint&api-tier=2&uid=TP3jY7tnqGRv
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-nfrhc
expires
-1
cks
cks.connatix.com/
Redirect Chain
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DCrimtan%26api-tier%3D2%26uid%3D%5Buser_id%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=28&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Crimtan&api-tier=2&uid=6b0a10a5b0024b0aadb08ef67422feeb
142 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=28&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Crimtan&api-tier=2&uid=6b0a10a5b0024b0aadb08ef67422feeb
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de146d98220d3694e1198932967155dccd7042c7b2039fbe1362524aa5a98d3c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719e028653a06-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:38 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cks.connatix.com/cks?pid=28&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Crimtan&api-tier=2&uid=6b0a10a5b0024b0aadb08ef67422feeb
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DLoopMe%26api-tier%3D2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
  • https://cks.connatix.com/cks?pid=18&ev=0ff19b8c3ec9405985ece597fc17608a&pname=LoopMe&api-tier=2&uid=a8980298-017c-4b63-8990-637b41d892ee&pubid=11186&gdpr=0
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=18&ev=0ff19b8c3ec9405985ece597fc17608a&pname=LoopMe&api-tier=2&uid=a8980298-017c-4b63-8990-637b41d892ee&pubid=11186&gdpr=0
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b309b9cdea1d3e0bd8774d8313ef71c0bcdc6dc7f35638b4a006353e2bedba6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719e10a023a06-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=18&ev=0ff19b8c3ec9405985ece597fc17608a&pname=LoopMe&api-tier=2&uid=a8980298-017c-4b63-8990-637b41d892ee&pubid=11186&gdpr=0
date
Wed, 10 Jan 2024 18:49:38 GMT
server
_
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId...
  • https://cks.connatix.com/cks?pid=9&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Centro&api-tier=2&uid=83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553&gdpr=0
159 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=9&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Centro&api-tier=2&uid=83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553&gdpr=0
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b47be3f31e7d4d074dee198f6e8f521b26194e60c562a426d7033e5154df7db3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719def9f739e9-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:38 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cks.connatix.com/cks?pid=9&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Centro&api-tier=2&uid=83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553&gdpr=0
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DYieldMo%26api-tier%3D2%26uid%3D%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=39&ev=0ff19b8c3ec9405985ece597fc17608a&pname=YieldMo&api-tier=2&uid=VEeM___OOM_hTP3txScq&gdpr=0
130 B
148 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=39&ev=0ff19b8c3ec9405985ece597fc17608a&pname=YieldMo&api-tier=2&uid=VEeM___OOM_hTP3txScq&gdpr=0
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df1d0522be2659d56a0b3ec1a750b2bd31770f0aae802ee8181b029b5101d96b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719def9fa39e9-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:38 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cks.connatix.com/cks?pid=39&ev=0ff19b8c3ec9405985ece597fc17608a&pname=YieldMo&api-tier=2&uid=VEeM___OOM_hTP3txScq&gdpr=0
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=0ff19b8c3ec9405985ece597fc17608a&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DTel...
  • https://cks.connatix.com/cks?pid=5&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Telaria&api-tier=2&uid=008410ddebd446a4b181f6db24908d78
141 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=5&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Telaria&api-tier=2&uid=008410ddebd446a4b181f6db24908d78
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
582245e639a1e9144cb14c1e636216eab3a01667407741e95e6b85b0048c2ae0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719e028613a06-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=5&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Telaria&api-tier=2&uid=008410ddebd446a4b181f6db24908d78
date
Wed, 10 Jan 2024 18:49:38 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
us
capi.connatix.com/core/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=28745898956b3019f07ebd41b5237fbb&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
0
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=28745898956b3019f07ebd41b5237fbb&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719defdf33a06-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 18:49:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=28745898956b3019f07ebd41b5237fbb&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1704912578279047-177
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 5E08 		532 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d0ff19b8c3ec9405985ece597fc17608a%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.courant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.courant.com/
content-length
532
content-type
text/html
date
Wed, 10 Jan 2024 18:49:38 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
sync.min.js
tags.crwdcntrl.net/lt/c/17331/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.91.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-91-83.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 11:08:39 GMT
content-encoding
gzip
via
1.1 72fcd81c14e3eb0facf41fedad65e9e4.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jan 2024 10:55:10 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P1
age
27665
x-amz-server-side-encryption
AES256
etag
W/"24dc2bbea0cff17e96e133440043ddb8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
UrMuse5L5c-5wdrQz3LGgRMqvdZP5ZdT8sFgxrGJLlyfUW0NiQxUlQ==
cks
cks.connatix.com/
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr...
  • https://cks.connatix.com/cks?pid=1&ev=0ff19b8c3ec9405985ece597fc17608a&pname=SundaySky&api-tier=2&uid=d6.6769bbccd8c647bd923a5a61cd52dbd2
144 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=1&ev=0ff19b8c3ec9405985ece597fc17608a&pname=SundaySky&api-tier=2&uid=d6.6769bbccd8c647bd923a5a61cd52dbd2
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26cc6c2e760ea5faac378fe6e9c98a4b333282fcb032a040f57744c04a7a8d07

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719e13a603a06-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=1&ev=0ff19b8c3ec9405985ece597fc17608a&pname=SundaySky&api-tier=2&uid=d6.6769bbccd8c647bd923a5a61cd52dbd2
date
Wed, 10 Jan 2024 18:49:38 GMT
x-content-type-options
nosniff
content-length
0
x-frame-options
DENY
cks
cks.connatix.com/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DResetDigital%26api-tier%3D2%26uid%3D%24USER_I...
  • https://cks.connatix.com/cks?pid=35&ev=0ff19b8c3ec9405985ece597fc17608a&pname=ResetDigital&api-tier=2&uid=00000127E0EC63B0
126 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=35&ev=0ff19b8c3ec9405985ece597fc17608a&pname=ResetDigital&api-tier=2&uid=00000127E0EC63B0
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9018ba8b4f58dcd9ad90f6b5c48816c04c344ef9a218afb297acee49f5d3b561

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719e038723a06-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=35&ev=0ff19b8c3ec9405985ece597fc17608a&pname=ResetDigital&api-tier=2&uid=00000127E0EC63B0
date
Wed, 10 Jan 2024 18:49:38 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
content-type
text/html
cks
cks.connatix.com/
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DSonobi%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=43&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Sonobi&api-tier=2&uid=6da7a73d-c934-4847-ac54-caabe4abbf80
146 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=43&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Sonobi&api-tier=2&uid=6da7a73d-c934-4847-ac54-caabe4abbf80
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1baad3404a4c035f705e76e6c25f7186a977fb843bcc530b80338ccd4cdf18de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719def9fc39e9-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:38 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-150
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cks.connatix.com/cks?pid=43&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Sonobi&api-tier=2&uid=6da7a73d-c934-4847-ac54-caabe4abbf80
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3d0ff19b8c3ec9405985ece597fc17608a%26pname%3...
  • https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=58ae8b8f-0bc8-4085-bd8f-708b5e638f6c&gdpr=0&gdpr_consent=null
146 B
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=58ae8b8f-0bc8-4085-bd8f-708b5e638f6c&gdpr=0&gdpr_consent=null
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9feaa73605fe7ca15b3526fe1c2efd38898717c22af6ebf6a6c32854b91cb443

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719defa0139e9-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=58ae8b8f-0bc8-4085-bd8f-708b5e638f6c&gdpr=0&gdpr_consent=null
date
Wed, 10 Jan 2024 18:49:38 GMT
content-length
0
psync
xsync.iqzone.com/ 		42 B
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xsync.iqzone.com/psync?t=s&e=376&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D42%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DIqZone%26api-tier%3D2%26uid%3D%25USER_ID%25&gdpr=0
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
142.234.204.77 Edison, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 18:49:38 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,POST,PUT,HEAD,DELETE,OPTIONS, GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Access-Control-Allow-Headers
content-Type,x-requested-with, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cks
cks.connatix.com/
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D0ff19b8c3ec94...
  • https://cks.connatix.com/cks?pid=29&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Adelphic&api-tier=2&uid=eb1d2174-4993-4a4f-b612-9f916f5fd710
146 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=29&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Adelphic&api-tier=2&uid=eb1d2174-4993-4a4f-b612-9f916f5fd710
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdbbe41260e53742b767fb83fc0dad0a64fb216634e5c9b5cb8e2461ca1afb80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719df0a2639e9-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

Location
https://cks.connatix.com/cks?pid=29&ev=0ff19b8c3ec9405985ece597fc17608a&pname=Adelphic&api-tier=2&uid=eb1d2174-4993-4a4f-b612-9f916f5fd710
Date
Wed, 10 Jan 2024 18:49:38 GMT
Connection
keep-alive
X-CI-RTID
9cd3f0dc-818d-423c-bd41-8c5223fd11e6
Content-Length
177
Content-Type
text/html; charset=utf-8
us
capi.connatix.com/core/ Frame D0FE
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d0ff19b8c...
  • https://capi.connatix.com/core/us?DemandPartner=8&UserId=0ff19b8c3ec9405985ece597fc17608a&DemandPartnerName=OpenX&tier=2&DemandPartnerUserId=42ab2b36-f17d-4f5e-8275-370190d39002
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=8&UserId=0ff19b8c3ec9405985ece597fc17608a&DemandPartnerName=OpenX&tier=2&DemandPartnerUserId=42ab2b36-f17d-4f5e-8275-370190d39002
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843719defded3a06-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://capi.connatix.com/core/us?DemandPartner=8&UserId=0ff19b8c3ec9405985ece597fc17608a&DemandPartnerName=OpenX&tier=2&DemandPartnerUserId=42ab2b36-f17d-4f5e-8275-370190d39002
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us
capi.connatix.com/core/ Frame D0FE
Redirect Chain
  • https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D31%26UserId%3D0ff19b8c3ec9405985ece597fc17608a%26DemandPartnerName%3DMediaNet%26tier...
  • https://capi.connatix.com/core/us?DemandPartner=31&UserId=0ff19b8c3ec9405985ece597fc17608a&DemandPartnerName=MediaNet&tier=2&DemandPartnerUserId=3479141726634070000V10
0
0
712202.gif
id.rlcdn.com/ Frame D0FE 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/712202.gif?cparams=0ff19b8c3ec9405985ece597fc17608a&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel
cm.g.doubleclick.net/ Frame D0FE
Redirect Chain
  • https://capi.connatix.com/us/google/pixel?tier=2&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=MGZmMTliOGMzZWM5NDA1OTg1ZWNlNTk3ZmMxNzYwOGE&extra1=0ff19b8c3ec9405985ece597fc17608a&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix....
0
0
1a1c07e870d45c05896c3f9e9973d4b4.gif
sync.colossusssp.com/ Frame D0FE 		0
0
cksync.php
contextual.media.net/ Frame 5E08 		0
0
us
capi.connatix.com/core/ Frame 5E08
Redirect Chain
  • https://cks.connatix.com/cks?pid=24&ev=0ff19b8c3ec9405985ece597fc17608a&pname=IronSource&api-tier=2&uid=j4R8jLgzCj_s&direct=1
  • https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=j4R8jLgzCj_s&UserId=&tier=2
0
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame D0FE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=372401555&pcid=0ff19b8c3ec9405985ece597fc17608a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:234f:600:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:38 GMT
via
1.1 1ecd507992d571d2f586f5b218388a24.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P3
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
lts1-keNZWpm7dJqMZ_R9o38tkbCvKi2uLUWNRd1V8eMu-WPPgNeyQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
81549
i.liadm.com/s/ Frame D0FE 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/81549?bidder_id=246480&bidder_uuid=0ff19b8c3ec9405985ece597fc17608a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.71.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-71-126.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 18:49:38 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
8
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef73ff186bebd1b05009d9ead4258055b09d9571670ac00726bb2c583ed8ef14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29619
x-xss-protection
0
server
cafe
etag
470 / 19732 / 31080240 / config-hash: 18310344931514748835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 18:49:38 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D0FE 		0
0
9a477649-a415-4b03-849b-6f10d7ae0ad6.bin
vid.connatix.com/pid-28d4ae3b-2c3a-4a6e-9aa7-52a2ca2f7324/69a53966-5fac-4df0-ba93-2036fd5714d0/ Frame D0FE 		0
0
/
onetag-sys.com/usync/ Frame 58D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d0ff19b8c3ec9405985ece597fc17608a%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
activeview
pagead2.googlesyndication.com/pcs/ Frame BB72 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A0E4 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 26EF 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 758E 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5FC7 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9FE5 		0
0
iev
csm.va.us.criteo.net/ Frame A5CE 		0
0
iev
csm.va.us.criteo.net/ Frame EB83 		0
0
connatix.omsdk.service-web-1.4.9.js
cds.connatix.com/p/plugins/ 		0
0
1x1-pixel.png
ams-depr-public.s3.amazonaws.com/ 		68 B
435 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ams-depr-public.s3.amazonaws.com/1x1-pixel.png?fn=removeDomElement&publisher=www.courant.com
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.19.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 18:49:39 GMT
Last-Modified
Tue, 27 Oct 2020 15:04:29 GMT
Server
AmazonS3
x-amz-request-id
BA1CRTYK2MVBY9A4
ETag
"91e42db1c66c0b276abf6234dc50b2eb"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
68
x-amz-id-2
hrdR12n6rQ1iBvSXqsO6BAEOOxVJ4Gtv5NiRnT/KRjZb7HZEQgmFtkQFzyAGOv9Ej183q1K80eU1KJS0io2O1g==
connatix.omsdk.session.client-1.4.9.js
cds.connatix.com/p/plugins/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/connatix.omsdk.session.client-1.4.9.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0a84d43913f46215e1da913b01e7774e2a352056e8d6bfb49fe05eb550f4f9

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
x-amz-version-id
Eq9aEfSq9rV68Xsb_6_4vUUQri5Qtb5I
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Dec 2023 13:21:41 GMT
server
cloudflare
etag
W/"7a2b67d291194120bdb151db914943e7"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
843719e0e9d83a06-YYZ
access-control-allow-headers
range
expires
Thu, 09 Jan 2025 18:49:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401030101&jk=1915419649376422&bg=!6Oul66TNAAaumcC-jpk7ADQBe5WfOBp8STyNciRnt1-0WDv6PHt7WwR8XUgZVCJrBqQDZsCOBlvsDWlyTq8dlZKk77yWAgAABQJSAAAAA2gBBwoAdlY6prr-XzwjEt9vxlFFW23OunNI_Lfp8frbvxRrEfbOQKjh5nYb6fm_gyYASr2j8T-_4-adlJjd3HuZLkDfQd3zsagvrdUWL1l8vYovfkVM13tgs0oDD5z0bNl6Y5RQTs5mq1bCGwH4uWi1dqfLzKZ3Wo1v2AKZAsV0izfZOurmls-84uE2VD0Pi53EfMfYuDh4pHvBUFEaGXu7T-iU7AF4jezgVhdqyZ_cFOzdaLf94tusCMOIRa_CAmd6ybzjXkwrs0LyRRJtZEgq6-EzfBz9G55GQruYazpvaRFDttPchesXj_Qxxktduida4TxHoQc_pt-f75Vv72kHlDaVE-S6wU3Jk0lyOAQpSwkj91zTsWDs-d1LbZFI-dpZ_RrgLNVFIbHJUOqj-A9HVdn3uP2VTDd8eDT3vygeku90So_WdBtCNPtj-BGZdQiXPG4dFDY68UlQelvZw4bpr6qlLZqa0JIfe1g9Aq3ql3nob8raOeFaqqwkGs-Wqqssokk7TtlsubVMwwcfAyoQxuvATwR8iu6X0-yRA4oS9eeKFUynu9b_3OdP4nFWoUg0aYLWRRkDALzF-Y2cfREaUn6WYXgxvcjMIk7kYRu6txipmAhd_DKtLwURM5yia8Dv2orEwUOUdMQ-KQtgMyedOLbv1okzYQWCHZ9ZtZNd4DPyAUogc-g4Lfqbu23q8d6CCQRnYzY7iGIxRFKhLnR4HhGjhylH8fXNGBAlxKBQGB-hSXqPDxBP39L4UqDalKCWaGgrQADVzFOdkDIOOGiw8r2GdVpGZ48aCyG77A5Jva4RGAEPQl80jsYw4JwSp3UbAMcs4NFD9b2ornmn_SGO8T6V5dJDoEZZV7xhqm264jRZ9zOI7bQLqWCVs93HO9wwA3nwGC6qfQ6K_cg0Y8gvr2-FfCW1AhEbpn5k3mN-bwAKo_KTvIYzD1WACEoQgk9vuqTpkdDDzg9r2qcFoAQG9NkehvXW1As5xxaKvrqj4E8Pnmzi9_kGqs9TiUFOV39CUmKFjoyc4dDOson6fSWexSNjrfL6f5_6hB6hxKoCPquywXAFWt63OCO1yhG0n_Iw1Gze3pU3LNSH6U7Nf-TQqm1O
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
c
ids.cdnwidget.com/ 		448 B
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=165184131&GCS2=ZDczYzg1YmMtODFmYS00NWZiLThiMzItNTllOWM2ZDA3NzcxLmxvY2Fs&pe=false&wsid=2054&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A2054%2C%22loadID%22%3A%22HKKoWzV9UgPfWeT%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A50%2C%22IDStageStart%22%3A50%2C%22obsReqview%22%3A282%2C%22obsReqdata%22%3A415%2C%22obsReqpage%22%3A420%2C%22netComplete%22%3A431%2C%22IDStagePrefire%22%3A431%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A-10%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%223217281597318133101%22%2C%22visitid%22%3A%221704912578073970%22%7D
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:56e0:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
f3ecc41cc46892c7183f8afb694e2545dedff5de1a8be896cb7933a46284fb5e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:38 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.courant.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
448
map
bcp.crwdcntrl.net/6/ 		235 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.169.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-169-119.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9d44fa24bd0c7d7f9ea2ba265fab3b4b0edeb23cd8cee21a2d2b78254a1f27d6

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.courant.com
cache-control
no-cache
x-server
10.40.8.120
access-control-allow-credentials
true
content-length
235
expires
0
lookup
pd.cdnwidget.com/ 		49 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pd.cdnwidget.com/lookup?deviceID=2am8pjv4xZlxG37Y4XogUBnvRGL&bxwid=2054&bxdid=3217281597318133101&visitID=1704912578073970&enableUID2=false
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.130.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.130.149.34.bc.googleusercontent.com
Software
/
Resource Hash
771196c556ce9fe2914aa0d336cf0f11fbd579c7cdd52e8436b19e0fffdd783b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Jan 2024 18:49:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
application/json
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VSKJTSMTNP&gtm=45je4180v9120195009&_p=1704912566728&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cid=221492105.1704912568&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1704912568&sct=1&seg=0&dl=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&dt=CT%20man%20sentenced%20for%20downloading%20child%20abuse%20videos%20from%20dark%20web&_s=3&tfd=13179
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSKJTSMTNP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.courant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=7&tvcfg=wp&f_privb=0&tid=9ebac58a-d163-4e0f-b04e-53b346acf5c2&pid=78f3be2b-9b3a-4088-93e5-710cfea25081&dtm=1704912579120&qnm=_matherq&visible=1&tabid=0bd28c7e-7fc1-40f9-888b-5055caf6efa0&url=https%3A%2F%2Fwww.courant.com%2F2024%2F01%2F10%2Fct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web%2F&vp=1600x1200&ds=1600x1200&tofa=1704912569&vid=1&lvidt=1704912569&duid=0125e05d-c832-4067-8aa6-f6f328896171&fp=2592814021&cid=ma89701&mrk=197837617&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcwNDkxMjU2NTc0MyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiI1MC40bWIiLCJoZWFwVCI6IjcyLjJtYiIsImZzdFBhaW50IjoiMTAwMCIsImZldGNoUyI6IjEiLCJkb21haW5TIjoiNyIsImRvbWFpbkUiOiI3IiwiY29ublMiOiI3IiwiY29ubkUiOiI2MCIsInNzbFMiOiIzMiIsInJlcXVTIjoiNjAiLCJyZXNwUyI6Ijg2IiwicmVzcEUiOiIxMjgiLCJkb21Mb2FkIjoiOTIiLCJkb21JbnRlciI6IjE0NDQiLCJkb21Mb2FkUyI6IjE0NTQiLCJkb21Mb2FkRSI6IjE0NjAiLCJkb21DbXBsdCI6IjQ3NDciLCJsb2FkUyI6IjQ3NDciLCJsb2FkRSI6IjQ3ODQifX0
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.84.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-84-171.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 10 Jan 2024 18:49:39 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
hash.gif
pix.cdnwidget.com/
Redirect Chain
  • https://pix.cdnwidget.com/redirect?CID=2am8pmX5hRTXg9VATqe7OWROtEh&DID=2am8pjv4xZlxG37Y4XogUBnvRGL&v=&iv=&deviceid=3217281597318133101&visitid=1704912578073970&wsid=2054&apikey=2^HIykD
  • https://pippio.com/api/sync?pid=5749
  • https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
68 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Server
34.149.254.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.254.149.34.bc.googleusercontent.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:49:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

date
Wed, 10 Jan 2024 18:49:39 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
graph
idr.cdnwidget.com/ 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idr.cdnwidget.com/graph?cookieID=2am8pmX5hRTXg9VATqe7OWROtEh&deviceID=2am8pjv4xZlxG37Y4XogUBnvRGL&bxdid=3217281597318133101&bxvid=1704912578073970&bxwid=2054&gm=true&apikey=2^HIykD&loadID=HKKoWzV9UgPfWeT
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.130.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.130.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Jan 2024 18:49:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
id_sync
events.bouncex.net/track.gif/ 		42 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/id_sync?id_sync:id_type=sid&id_sync:id_source=graph&soft_id=2am8pjv4xZlxG37Y4XogUBnvRGL&source=web&agent=cjs&deviceid=3217281597318133101&visitid=1704912578073970&websiteid=2054&pageviewid=undefined&sequenceid=undefined
Requested by
Host: www.courant.com
URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.courant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 18:49:39 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
7998548d3f
bam.nr-data.net/events/1/ 		24 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/7998548d3f?a=764630297&v=1.249.0&to=Ml0BbUEAXENYUBBfWAsXIlpHCF1eFkANWFAJXQ%3D%3D&rst=15123&ck=0&s=0&ref=https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 10 Jan 2024 18:49:40 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.courant.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-nyc-kteb1890034-NYC
perf
ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/ 		0
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/perf?tvi48=9598&tvi50=14585&route=US%3ACH%3AV&lti=deflated
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.courant.com
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.138 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://www.courant.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Wed, 10 Jan 2024 18:49:48 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		479 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.138 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b82e140f1d83ec20d923395304e802c3af971c519ea3a42b0c76687d08a34280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
F2D2243F-66DE-4510-9775-2B5F45544262
strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 18:49:48 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
479
perf
ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/ 		0
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/perf?tvi48=9598&tvi50=14585&route=US%3ACH%3AV&lti=deflated
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.courant.com
pragma
no-cache
date
Wed, 10 Jan 2024 18:49:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
tattle.api.osano.com/ 		0
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tattle.api.osano.com/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.110.102 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 10 Jan 2024 18:49:56 GMT
x-amzn-requestid
9a4ac610-6d8b-517e-ab6e-9808849f2a3b
apigw-requestid
RVkBSilfIAMEVIg=
/
tattle.api.osano.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tattle.api.osano.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.110.102 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.courant.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
accept,authorization,content-length,content-type,origin,x-requested-with
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
apigw-requestid
RVkBSjpvoAMEVpQ=
date
Wed, 10 Jan 2024 18:49:56 GMT
perf
ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/ 		0
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/tribunedigital-thecourant/log/3/perf?tvi48=9598&tvi50=14585&route=US%3ACH%3AV&lti=deflated
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.courant.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.courant.com
pragma
no-cache
date
Wed, 10 Jan 2024 18:50:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
capi.connatix.com
URL
https://capi.connatix.com/core/us?DemandPartner=31&UserId=0ff19b8c3ec9405985ece597fc17608a&DemandPartnerName=MediaNet&tier=2&DemandPartnerUserId=3479141726634070000V10
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=MGZmMTliOGMzZWM5NDA1OTg1ZWNlNTk3ZmMxNzYwOGE&extra1=0ff19b8c3ec9405985ece597fc17608a&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=0ff19b8c3ec9405985ece597fc17608a&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D34%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DColossus%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Domain
capi.connatix.com
URL
https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=j4R8jLgzCj_s&UserId=&tier=2
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-28d4ae3b-2c3a-4a6e-9aa7-52a2ca2f7324/69a53966-5fac-4df0-ba93-2036fd5714d0/9a477649-a415-4b03-849b-6f10d7ae0ad6.bin
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6pdRHmdZUpHVj4hnY75hAZSdvMGgWNnQ6Mi4qmOqWC-wRusKCZknjzis6po7uDOAEDUxNLLFTrkus2KEuN0OW3fQbtKK5HjcLifH6i64ila6TEUd34cYPFZ-ULCEZGIwHGzDg_UTFJH8Hu_c1FfWXJRdU&sig=Cg0ArKJSzJU6Q2qUlOmgEAE&id=lidartos&mcvt=0&p=79,3075,129,3395&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=30&adk=218008034&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704912573557&rpt=4188&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9qEffhbXqjZu5mT0qdKJ3wMkty75hRzPeXhmclvfEKVkcP4wE-q_37HqQCX9k6pda7QMKVPbvhq7g1X7RVuvH56xr7bm8-QnYQiJjit_oSSrwg9lrTKqQTo2G7qy9vCVR6XYY5pl6z5AamHFtrQz3op-p&sig=Cg0ArKJSzF5BXQ9Kg4zbEAE&id=lidartos&mcvt=0&p=224,1360,225,1361&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=1912517975&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704912573569&rpt=1905&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujR_Y8D5jr29ETQ53YKPn1C7jeiUb5KIZntx7N6TTQ8ZVuGqKruiLK6vb2BXe44tuufK9qVpiBx6y7QgY97moL2dq4nMabTYztEoBn3BKHorp0YpbY71yErPxTEDmEQVie-Q19pGu8gXKLxgPkidkDjNLo&sig=Cg0ArKJSzIoJ5sr1IuR3EAE&id=lidartos&mcvt=0&p=290,1636,380,2364&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=30&adk=3210662930&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704912573676&rpt=4079&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUmiZi056WzT8nGmeNrkXiqFKfqQCSBGOra33vmNDr3WEKgWCZipbuueZe5yyDUVGhWjrsC5jpFqd0qLkKlKHdC475HgtdYpsLNEEDDz2FbSxwMUSF4BQqZY6mvoDBAMgTvy5iKchs2ts77_ya-YKSYlc_&sig=Cg0ArKJSzHIccK9QybiCEAE&id=lidartos&mcvt=0&p=2551,1597,2551,1597&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=4242141643&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704912573690&rpt=1874&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurLHwxaEMhDVK30dpvQSDp-RCPLvjJ-zBZkJWOqHIOXQqP0E-NEiLWIFkVOlESer-07lMWNIldHJeCt2kmEWEp5fpBaooBXECtINabhpLU1GGWI5KvnXXIcnF5LA-PfKI-bggXcR5ly7NEKPjwT50NrufH&sig=Cg0ArKJSzPMV9FdzHYolEAE&id=lidartos&mcvt=0&p=706,2337,956,2637&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=30&adk=1753997600&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704912573783&rpt=3982&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6pdRHmdZUpHVj4hnY75hAZSdvMGgWNnQ6Mi4qmOqWC-wRusKCZknjzis6po7uDOAEDUxNLLFTrkus2KEuN0OW3fQbtKK5HjcLifH6i64ila6TEUd34cYPFZ-ULCEZGIwHGzDg_UTFJH8Hu_c1FfWXJRdU&sig=Cg0ArKJSzJU6Q2qUlOmgEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=30&adk=218008034&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704912574330&rpt=3700&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
csm.va.us.criteo.net
URL
https://csm.va.us.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~2132
Domain
csm.va.us.criteo.net
URL
https://csm.va.us.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.FragmentData.publishertag.Bundle.Origin.3~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~361
Domain
cds.connatix.com
URL
https://cds.connatix.com/p/plugins/connatix.omsdk.service-web-1.4.9.js

Verdicts & Comments Add Verdict or Comment

671 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| NREUM object| webpackChunk:NRBA-1.249.0.PROD object| newrelic object| scriptHelpers function| loadCSS object| _wpemojiSettings function| Osano function| __gpp function| __tcfapi function| __uspapi function| $ function| jQuery object| htlbid number| MNG_SSO_TOOLS_GLOBAL_START_TIME object| MG2 string| loaderVersion string| loaderBuild object| MG2Loader object| engageLibrary function| createAuth0Client function| Auth0Client object| authentication_config object| regeneratorRuntime function| simpleEmailValidation function| validatePhoneNumber object| MNGAuthentication boolean| disableAuth0AuthFlow function| backToStory object| blueConicPreListeners function| BCClass object| blueConicClient object| article_config function| cnx object| _taboola object| PushlySDK function| pushly function| analyticsEvent function| analyticsSocial function| analyticsVPV function| analyticsClearVPV function| analyticsForm object| dataLayer function| closeMobileAdhesionAd function| keyboardHandler object| runtime object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes object| wp function| sprintf function| vsprintf object| wpParselyHooks object| PARSELY function| _typeof boolean| dfmCanRunAds object| webpackChunkknowlton function| Headroom function| Hammer boolean| htlbidLoaded object| pbjsChunk object| pbjs object| _pbjsGlobals function| HTLBIDLoader object| googletag object| apstag object| appInsights object| bc_json184 object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| _stq object| sharing_js_options undefined| windowOpen function| st_go function| linktracker_init object| wpcom string| GoogleAnalyticsObject function| ga number| comscoreID object| litHtmlVersions function| atsDirectPass object| _rmxd object| AI object| Microsoft function| __extends function| _endsWith object| twemoji object| gaplugins object| gaGlobal object| gaData object| LI object| __li__evt_bus number| vwoNlrInterval function| InteractionTypeImpl number| __mobxInstanceCount undefined| __mobxGlobals object| liQ object| liQ_instances object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| _bcp function| RuleService object| justDetectAdblock function| jwt_decode function| md5 function| BlueConicMetaDataService object| bcConnectionUtil function| BlueConicDataLayerUtility undefined| tracker object| nxtBundle object| webpackJsonpnxtBundle function| setImmediate function| clearImmediate object| NxtInner object| Connext object| CnnXt function| onYouTubeIframeAPIReady object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_543580 object| bc_json185 object| _mather object| _mg2q object| _matherq object| tid string| p1332014244 string| p1332014299 number| p1332014300 function| p1332014358 function| oAddDVTag_ function| oGetPageStats_ function| p1332014329 function| oGetSlotRenderedLineItemIdByDivId_ function| p1332014324 function| p1332014321 function| oDeleteHardcodeRefresh_ function| oRefreshHardcode_ function| p1332014318 function| oProdKPageViews_ function| oCheckDump_ function| oCheckProdK_ function| p1332014301 function| p1332014297 function| p1332014354 function| p1332014295 function| p1332014307 function| p1332014304 function| p1332014302 function| p1332014278 function| p1332014283 function| p1332014269 function| p1332014268 function| p1332014266 function| p1332014259 function| oEnableNullChecklistener_ function| p1332014311 function| p1332014250 function| oPageUnload function| p1332014179 function| p1332014184 function| oSetDataParam function| p1332014303 number| p1332014169 string| p1332014170 object| p1332014171 object| p1332014172 boolean| p1332014173 number| p1332014175 number| p1332014176 object| p1332014197 string| p1332014239 number| p1332014180 object| p1332014247 string| p1332014215 string| p1332014216 object| p1332014253 number| p1332014254 boolean| p1332014258 number| p1332014260 boolean| p1332014262 boolean| p1332014312 boolean| p1332014287 boolean| p1332014314 boolean| oObserverChanges_ boolean| p1332014313 boolean| p1332014315 boolean| oAudienceListenerEnabled_ object| p1332014264 string| oDevice string| p1332014352 number| p1332014355 string| oParentHostname_ string| oParentPathname_ boolean| p1332014265 boolean| p1332014267 number| p1332014282 boolean| p1332014284 number| p1332014285 object| p1332014274 object| oAdSlots_ object| otkjs boolean| p1332014305 boolean| p1332014306 object| optimeraInsights string| p1332014316 object| oLoadedAdImpressionDivs_ object| oTrackSlots_ object| p1332014327 object| p1332014328 boolean| oEnableInfiniteScrollUrls_ boolean| p1332014323 object| p1332014326 object| p1332014330 string| oHasStnVideo_ object| p1332014353 boolean| oActivateK_ object| oRPMCids_ object| oRPMHosts_ string| oUniqueId_ object| oDumpedDivs_ object| p1332014357 string| p1332014360 boolean| p1332014359 string| p1332014224 function| p1332014177 string| p1332014178 boolean| oVisibileState_ number| oVisibileChangedState_ boolean| p1332014246 boolean| p1332014226 object| p1332014225 number| p1332014228 undefined| p1332014332 undefined| p1332014333 object| opbjs object| oaudLibjs object| ovpjs number| p1332014227 object| bc_json186 object| bc_json187 object| p1332014252 object| hadron boolean| __halo_loaded__ object| MG2DL function| _____WB$wombat$assign$function_____ function| __WB_pmw object| gPartners object| au object| default_gsi object| _F_toggles function| _33AcrossPpidMappingsProvider object| _aps boolean| apstagLOADED object| Vt9e6x function| Vt9e6C object| xop object| -jy03rsvsqo0 object| klj6b6gpqm8 object| ggeac object| headertag object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad object| TRC object| _tblConsole string| pm_pgtp undefined| msg undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| closure_lm_674723 object| qdbb5G2 function| qdbb5G3 function| xblocker object| b7lV4f function| b7lV4k object| xblacklist undefined| google_measure_js_timing object| Criteo object| apscustom boolean| htlbidStarted object| oDv number| p1332014181 object| prodKObj string| oUrl_ function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id boolean| plHookRanOnce object| TRCImpl number| taboola_view_id object| optimera object| ox_esp object| _33across number| p1332014182 number| oIndex4_ number| p1332014196 boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| PublisherCommonId object| criteo_pubtag object| criteo_identitytag_147 object| Criteo_identitytag_147 object| ID5 object| __id5_instances function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ch object| _pm_mcg object| signal_decrypted number| google_unique_id object| atsdetectionmodule object| atsenvelopemodule object| ats object| GoogleGcLKhOms string| nam object| list object| placementData object| criteo_syncframe_state boolean| DFPMessageEnabled object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| bouncex function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| tbopt object| webpackChunksmart_tag object| cnx_player_usr_storage object| bxgraph object| cnx_usr_storage function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| lotame_sync_17331 function| cnxProxyTask object| cnxPlugins object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| google_image_requests function| sync17331_aa function| sync17331_c undefined| sync17331_d undefined| sync17331_ba undefined| sync17331_e function| sync17331_f object| sync17331_h function| sync17331_ca function| sync17331_j function| sync17331_da object| sync17331_ object| sync17331_ga object| sync17331_v object| sync17331_oa object| sync17331_xa object| sync17331_ya function| sync17331_a function| sync17331_b function| sync17331_g function| sync17331_i function| sync17331_k function| sync17331_l function| sync17331_m function| sync17331_n function| sync17331_o function| sync17331_p function| sync17331_q function| sync17331_r function| sync17331_fa function| sync17331_ea function| sync17331_s function| sync17331_t function| sync17331_u function| sync17331_w function| sync17331_ha function| sync17331_ia function| sync17331_y function| sync17331_ja function| sync17331_z function| sync17331_A function| sync17331_x function| sync17331_B function| sync17331_ka function| sync17331_C function| sync17331_D function| sync17331_E function| sync17331_F function| sync17331_G function| sync17331_H function| sync17331_I function| sync17331_J function| sync17331_K function| sync17331_L function| sync17331_la function| sync17331_ma function| sync17331_na function| sync17331_M function| sync17331_N function| sync17331_pa function| sync17331_O function| sync17331_qa function| sync17331_ra function| sync17331_sa function| sync17331_P function| sync17331_ta function| sync17331_ua function| sync17331_va function| sync17331_wa function| sync17331_Q function| sync17331_R function| sync17331_za function| sync17331_S function| sync17331_T function| sync17331_U function| sync17331_V function| sync17331_Aa function| sync17331_W function| sync17331_X function| sync17331_Y function| sync17331_Z function| sync17331__ function| sync17331_0 function| sync17331_Ea function| sync17331_Ba function| sync17331_1 function| sync17331_Da function| sync17331_Ca function| sync17331_2 function| sync17331_3 function| sync17331_4 function| sync17331_5 function| sync17331_Ga function| sync17331_Ha function| sync17331_Ja function| sync17331_Fa function| sync17331_7 function| sync17331_Ia function| sync17331_La function| sync17331_Ka function| sync17331_8 function| sync17331_6 function| sync17331_9 function| sync17331_Ma function| sync17331_Na function| sync17331_Oa function| sync17331_Pa function| sync17331_$ function| sync17331_Qa function| sync17331_Ra function| sync17331_Sa function| sync17331_Ta number| measureInterval function| cnxAddEventListener

265 Cookies

Domain/Path Name / Value
www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web Name:
Value: test
.taboola.com/tribunedigital-thecourant/ Name: taboola_session_id
Value: v2_46515c81dac9afa7b12f7171db34009e_8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b_1704912571_1704912571_CNawjgYQsco9GMGa1aXPMSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGjT8qDQscv7qdcBcAE
p030.courant.com/DG/DEFAULT Name: BCSessionID
Value: d5d42d49-ce66-4d62-b0d4-f2fa3d1bb44f
tribune.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: d5d42d49-ce66-4d62-b0d4-f2fa3d1bb44f
.liadm.com/j Name: lidid
Value: d9fc29f8-9205-4381-8193-9cc15417a9ac
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARD4FgoJCP____8HEIIX
i6.liadm.com/s Name: _li_ss
Value: CgA
.courant.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/%22%2C%22sref%22:%22%22%2C%22sts%22:1704912566943%2C%22slts%22:0}
.courant.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=0483862c2d22edf36d8f93b8a0880d66%22%2C%22session_count%22:1%2C%22last_session_ts%22:1704912566943}
.scorecardresearch.com/ Name: UID
Value: 1680ce5cea1fdc827b930601704912567
www.courant.com/ Name: ai_user
Value: 7R8YJ|2024-01-10T18:49:27.612Z
.courant.com/ Name: _gid
Value: GA1.2.674424301.1704912568
tribune.blueconic.net/ Name: AWSALBCORS
Value: jGK9aW29rUicoCoYWG9XxB5VsX+F5+ckkaXeiYTMWeQXKc4unc5YcdgY26Lljmk2wPAbvdIdPnXfDA39EV39Zov99D+2pFY2xr0NdWqXUtYGXQA9yX81sfrsd0zT
.courant.com/ Name: _gat_UA-40841508-27
Value: 1
.liadm.com/ Name: lidid
Value: d9fc29f8-9205-4381-8193-9cc15417a9ac
.www.courant.com/ Name: _pnvl_82aJgLgI
Value: false
.courant.com/ Name: _ml_ses
Value: *
.courant.com/ Name: ajs_user_id
Value: null
.courant.com/ Name: ajs_group_id
Value: null
.courant.com/ Name: ajs_anonymous_id
Value: %2270b197b4-e904-49fa-984f-ee06e6d17cdd%22
.courant.com/ Name: _lc2_fpi
Value: 7ec4591d5365--01hktbah7rppte2ftz3x4kr2kc
.reson8.com/ Name: RCID2
Value: 258BADB85DEC79A6D02A2FBD26BC2C35
.courant.com/ Name: anonDeviceId
Value: d31f947a5a356281c3dc72cb52881a68
.courant.com/ Name: nxt_last_visit
Value: 1704912569945
www.courant.com/ Name: ai_session
Value: TiiW+|1704912570294.8|1704912570294.8
.courant.com/ Name: _ga
Value: GA1.2.221492105.1704912568
.courant.com/ Name: _au_1d
Value: AU1D-0100-001704912571-IUWK4PT3-C13G
.courant.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE3MDQ5MTI1NzEsInR0ZCI6MTcwNDkxMjU3MSwicHViIjoxNzA0OTEyNTcxLCJydWIiOjE3MDQ5MTI1NzEsInRhcGFkIjoxNzA0OTEyNTcxLCJhZHgiOjE3MDQ5MTI1NzEsImdvbyI6MTcwNDkxMjU3MSwiYmVlcyI6MTcwNDkxMjU3MSwiYWRvIjoxNzA0OTEyNTcxLCJvcGVueCI6MTcwNDkxMjU3MX0%3D
.courant.com/ Name: osano_consentmanager_uuid
Value: 55aa6d9c-dd55-40d4-9ed6-e0b959195a12
.courant.com/ Name: osano_consentmanager
Value: qh6JECMFnC1Wx99RpLjksfNNK_SAMy4PNvlR8fJs0aSJ3izq95hzHmm1fE1BSUpS5rHBlIhoWWhPZJrxpWzG1kj_J8eGB_qKxn2gK8Fk5dhpOPCCIwyj0SNgV8KZTBXOfbE77qsU0XbTu46xeivl4YzibBmK1e-RGQ2SvesE7BFTxKMXDzUj4qFgbM6f9BCJ4oidFGgbM0A5xHqn6XlV4iBWjn7q2gJyuACfPtcmv39KJWc7doEiSlKexTTK_UU496hPoCqS5Uwiyt01bRD6rjBVaQ2furTkBGjkfbRL3YIDIZdY30CQo9czxOioXPvof2qTH2VEWvBxQb5Ig4Csk0IfCwQtO0ZiXqHZB8A79TkLDCLTWzj5siJ465iol9GwrZB3mwHwDheLvJpqTdO280NCw3nBxT5QR9VRqeYbQIEhDxpZbFFOS_QwBR9YIT6qmdQQB5bozbU-13g4cIU3cmnct4Bq7pCg3Hud_rM0xpkFED2mhcCcZuAU_b0CXILZ2q1hPWl-lerGkGS3BgM_uYjl_tnUy7vWxqW_del2z_hkvvMNLF68zPwyWc_jmX4CJ7CA95wkSYrLzi42pIBRsG8tohjwTl6gNj8TINnS8zDFqDyuPPsC1WiG1Pa4YcEBuAQlh47uGx0sVaYyYvyKlCR-GOQLSxs3y0b3eCNuSNHLqesbp_0m9bFttqgh1m-vaBsLWAd7HVbxVnQ_oAEL387_CQQ4NgLqSKUqyVxl2OtswhsPhAnhuGhlLm8geevyUlkgaVkkMKBwDFCuT7oWk1XuSiDeQpSXnUxurLEEoXg=
www.courant.com/ Name: BCSessionID
Value: d5d42d49-ce66-4d62-b0d4-f2fa3d1bb44f
.courant.com/ Name: _li_dcdm_c
Value: .courant.com
.www.courant.com/ Name: _li_dcdm_c
Value: .www.courant.com
.www.courant.com/ Name: _lc2_fpi
Value: 836d203cdfdf--01hktbafpnzq95262nvqwrjkng
.www.courant.com/ Name: _lc2_fpi_meta
Value: {%22w%22:1704912568021}
.www.courant.com/ Name: pushly.user_puuid_82aJgLgI
Value: 1WiHLNWDBBRvY6vF8ZXnOM1h7NaOhkP5
.www.courant.com/ Name: _li_ss
Value: ChMKBgjdARD4FgoJCP____8HEIIX
.tapad.com/ Name: TapAd_TS
Value: 1704912570692
.tapad.com/ Name: TapAd_DID
Value: 9f598662-327e-406c-a623-1639fcaad77f
.adsrvr.org/ Name: TDID
Value: e59d3934-868a-4c3e-9652-c62263f9455b
.doubleclick.net/ Name: IDE
Value: AHWqTUmkkGiYdlzVLmou6oto0LDfSV-1TUWVZj8CaYnICANVBfalQa9P5lxa8nHNqkk
.demdex.net/ Name: demdex
Value: 86184965195569105544419199670438777659
.adnxs.com/ Name: uuid2
Value: 2840245782802064973
.courant.com/ Name: _gcl_au
Value: 1.1.962047876.1704912570
.www.courant.com/ Name: _gcl_au
Value: 1.1.962047876.1704912570
www.courant.com/ Name: _gcl_au
Value: 1.1.962047876.1704912570
.rubiconproject.com/ Name: khaos
Value: LR84XAX2-1U-C4IM
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BC1540B7-931D-4457-8971-3EF62F259356
.dpm.demdex.net/ Name: dpm
Value: 86184965195569105544419199670438777659
.bidr.io/ Name: bito
Value: AABA9U7LPc0AABNRgylERA
.bidr.io/ Name: bitoIsSecure
Value: ok
.33across.com/ Name: check
Value: true
.openx.net/ Name: i
Value: 5d3d64c8-f166-4d46-96b2-5cd5607fc881|1704912571
.www.courant.com/ Name: _li_ss_meta
Value: {%22w%22:1704912571056%2C%22e%22:1707504571056}
cdn.taboola.com/ Name: abLdr
Value: 15
www.courant.com/ Name: ntv_as_us_privacy
Value: 1---
.rkdms.com/ Name: sessionid
Value: h-9fa6cf3236364c49a63ff0a58c0fd5a4_t-1704912571
.postrelease.com/ Name: visitor
Value: eb40c878-b497-49e2-8c8a-cc10ab178441
.postrelease.com/ Name: status
Value: 0
www.courant.com/ Name: ntvSession
Value: {"id":3831454,"placementID":1202563,"lastInteraction":1704912571746,"sessionStart":1704912571746,"sessionEndDate":1704967200000,"experiment":""}
www.courant.com/ Name: _ntv_uid
Value: eb40c878-b497-49e2-8c8a-cc10ab178441
.postrelease.com/ Name: ver
Value: 1
.kargo.com/ Name: ktcid
Value: bd62cc2c-bb15-0aa5-1446-149d4f7084b7
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: tluid
Value: 4121083549846426384162
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 35a8a89518098fb09faa2dc0ab63d980
.courant.com/ Name: _cc_id
Value: 35a8a89518098fb09faa2dc0ab63d980
.openx.net/ Name: univ_id
Value: 537072971|e59d3934-868a-4c3e-9652-c62263f9455b|1704912572070765
.yahoo.com/ Name: A3
Value: d=AQABBLzmnmUCENSaixeNU9x4d8uwjacSnj8FEgEBAQE4oGWoZQAAAAAA_eMAAA&S=AQAAArrWS6U8iThU_GRz14zSaUg
.amazon-adsystem.com/ Name: ad-id
Value: A3Hn6T2QGkpMv4ZaZfXm6eo
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
www.courant.com/ Name: _lr_geo_location_state
Value: NY
www.courant.com/ Name: _lr_geo_location
Value: US
p030.courant.com/ Name: AWSALB
Value: OaiIO5Y8OEHXtmOFiOdigPI8KpT3CAao/WDlebQnZL1/4K5vPl9rdQkKKH3O8VW3XXEhqlqJq8LfOKPV+tC9pznFj/Ej0dLJNkuHxsQ11V0e6dxpWrjr7Fa/JaMf
p030.courant.com/ Name: AWSALBCORS
Value: OaiIO5Y8OEHXtmOFiOdigPI8KpT3CAao/WDlebQnZL1/4K5vPl9rdQkKKH3O8VW3XXEhqlqJq8LfOKPV+tC9pznFj/Ej0dLJNkuHxsQ11V0e6dxpWrjr7Fa/JaMf
.taboola.com/ Name: t_gid
Value: 8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b
.taboola.com/ Name: t_pt_gid
Value: 8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
www.courant.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D8f109d5a-ba97-4812-8a24-1f8487e0fb56-tuctc986c3b
.openx.net/ Name: pd
Value: v2|1704912571.1|vPvMgakWgy.iKbwhEgKg2
.smartadserver.com/ Name: pid
Value: 6633317921081862514
.smaato.net/ Name: SCM
Value: 580acb6756
.smaato.net/ Name: SCMaps
Value: 580acb6756
.gumgum.com/ Name: vst
Value: u_9a3ca466-c429-4f79-bc91-994aa02d8112
.bidswitch.net/ Name: tuuid
Value: d7b6ceef-32a6-4550-85eb-960683662294
.bidswitch.net/ Name: c
Value: 1704912572
.bidswitch.net/ Name: tuuid_lu
Value: 1704912572
.sharethrough.com/ Name: stx_user_id
Value: 58ae8b8f-0bc8-4085-bd8f-708b5e638f6c
.ads.yieldmo.com/ Name: re_sync
Value: pp%3D1184807%7Cunl%3D1184807%7Cc%3D1184807%7Ctapad%3D1184807%7Cdv360%3D1184807
.yellowblue.io/ Name: wrvUserID
Value: j4R8jLgzCj_s
.media.net/ Name: visitor-id
Value: 3479141726634070000V10
.lijit.com/ Name: ljt_reader
Value: H-CpjPZHkAIsI4hfTom0aT2C
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrI0V7IyNDcwMzQyMjQ30lEyQuVamKJJQ5SbmhqaG4P4lijqawGEOA%2F8
.go.sonobi.com/ Name: __uis
Value: 6da7a73d-c934-4847-ac54-caabe4abbf80
.smaato.net/ Name: SCMs
Value: 580acb6756
.criteo.com/ Name: uid
Value: 8cb235f6-5897-4ec0-8d5c-d9793ac95fbd
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.ads.yieldmo.com/ Name: ptrc
Value: CAESEPfdWGHbMne1TMJa8_Nhc5E
.pswec.com/ Name: tuuid
Value: 5c7168c7-a845-4574-8b71-00b970ed52f5
.pswec.com/ Name: c
Value: 1704912573
.pswec.com/ Name: tuuid_lu
Value: 1704912573
.rlcdn.com/ Name: pxrc
Value: CL3N+6wGEgUI6AcQABIFCOhHEAA=
.simpli.fi/ Name: suid
Value: B67B9CB5FAEF4990AE46B66C7A6FC2E9
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZ7mvQANhnk-tQBU
.contextweb.com/ Name: V
Value: TP3jY7tnqGRv
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 88b70fe7f924f311
.turn.com/ Name: uid
Value: 8061612558496674094
.lijit.com/ Name: _ljtrtb_2
Value: B67B9CB5FAEF4990AE46B66C7A6FC2E9
.ads.yieldmo.com/ Name: ptrpp
Value: TP3jY7tnqGRv
.ads.stickyadstv.com/ Name: UID
Value: 28745898956b3019f07ebd41b5237fbb
.courant.com/ Name: __gads
Value: ID=506fc7777242df3b:T=1704912572:RT=1704912572:S=ALNI_MZ8Gaka985hFbwTDPA41VrRD-L7Rg
.courant.com/ Name: __gpi
Value: UID=00000db60a434777:T=1704912572:RT=1704912572:S=ALNI_MZpurniMNNC894zD-FS1_MMfFsgZQ
.advertising.com/ Name: A3
Value: d=AQABBL3mnmUCEG9UO7UDSKiW_ya0tGmYY9MFEgEBAQE4oGWoZdxH0iMA_eMAAA&S=AQAAAsNPW_pHk4tdAh6GLdHRujg
.pippio.com/ Name: did
Value: zoKipqLtN5ZuUek8
.pippio.com/ Name: didts
Value: 1704912573
.pippio.com/ Name: nnls
Value:
.casalemedia.com/ Name: CMID
Value: ZZ7mvfLvy4iNzLBqwBi9BQAA
.casalemedia.com/ Name: CMPS
Value: 3842
.casalemedia.com/ Name: CMPRO
Value: 3842
.lijit.com/ Name: _ljtrtb_92
Value: 2840245782802064973
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005%22%7D
.sitescout.com/ Name: ssi
Value: 83ec0f5d-6490-466f-8a5d-b24b1546d1ff#1704912573509
.deepintent.com/ Name: CDIUSER
Value: di_43f4896b9c164b82b4130
.33across.com/ Name: 33x_ps
Value: u%3D212415999423087%3As1%3D1704912573536%3Ats%3D1704912573536
.undertone.com/ Name: UTID
Value: c3500ba5a4e24251934753a7f22368d0
.undertone.com/ Name: UTID_ENC
Value: bk9mjmk7uy6yw7754ibfxb1e8
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6527f3db-4c3a-579f-7d49-b39c1b3411ce.T0FkHuJtQ3qDhOj0oGiLDGfVaxpjgHkDVx08%2FRi0TUE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6527f3db-4c3a-579f-7d49-b39c1b3411ce.T0FkHuJtQ3qDhOj0oGiLDGfVaxpjgHkDVx08%2FRi0TUE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZSfz20w6V599SbOcGzQRzmAJ-SQ.aY710%2FsN2gW93pdY1YL%2Faq%2B55fawOaTb2NGFykBYw1k
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZSfz20w6V599SbOcGzQRzmAJ-SQ.aY710%2FsN2gW93pdY1YL%2Faq%2B55fawOaTb2NGFykBYw1k
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIA6aZ4vuCx2nBAKR05hNlGSINleMY6S2JA3HlkyY6e_XEHwYBCC9zfusBjABOgRvD7diQgSj1bCf.fjs1G5x7IvJDWbHYq4aT5xnm%2FgNiO3ylRBCMqqrLsE8
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIA6aZ4vuCx2nBAKR05hNlGSINleMY6S2JA3HlkyY6e_XEHwYBCC9zfusBjABOgRvD7diQgSj1bCf.fjs1G5x7IvJDWbHYq4aT5xnm%2FgNiO3ylRBCMqqrLsE8
.ipredictive.com/ Name: cu
Value: eb1d2174-4993-4a4f-b612-9f916f5fd710|1704912573568
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 3604464877181281496
.media.net/ Name: data-ris
Value: {{APID}}~~25
.zemanta.com/ Name: zuid
Value: LFwXsVv6eeBiPOgTffud
.creativecdn.com/ Name: u
Value: RJzhFx5MqPD12X8k2U2a
.creativecdn.com/ Name: g
Value: RJzhFx5MqPD12X8k2U2a_1704912573700
.creativecdn.com/ Name: ts
Value: 1704912573
.csync.loopme.me/ Name: viewer_token
Value: a8980298-017c-4b63-8990-637b41d892ee
.undertone.com/ Name: UID_EXT_46
Value: e59d3934-868a-4c3e-9652-c62263f9455b
.lijit.com/ Name: _ljtrtb_97
Value: RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTcwNDkxMjU3MzgzNSwiNyI6MTcwNDkxMjU3MzgzNSwiODAiOjE3MDQ5MTI1NzM4MzV9
.undertone.com/ Name: UID_EXT_56
Value: y-B752TM1E2uFSR3odvahsE_Y754mx.GQVtIfjJcc-~A
.undertone.com/ Name: UID_EXT_39
Value: c5fc3cb6-584e-4ed2-a6e1-8bfaf3f4db2e
.undertone.com/ Name: UID_EXT_53
Value: BC1540B7-931D-4457-8971-3EF62F259356
.undertone.com/ Name: UID_EXT_47
Value: LR84XAX2-1U-C4IM
.lijit.com/ Name: _ljtrtb_27
Value: e59d3934-868a-4c3e-9652-c62263f9455b
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEOFZrYImsMuGPy0PAZmovUU&KRTB&23025-CAESEOFZrYImsMuGPy0PAZmovUU&KRTB&23386-CAESEOFZrYImsMuGPy0PAZmovUU
.linkedin.com/ Name: li_sugr
Value: 338573fe-9dae-45a8-b59e-faffa86a83d8
.linkedin.com/ Name: bcookie
Value: "v=2&838253a1-13ee-404c-8a93-b5c83962fc89"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3098:u=1:x=1:i=1704912573:t=1704998973:v=2:sig=AQEhkgaEhV80sfo_nxC-wfLHJBe-GQdV"
.courant.com/ Name: _ga_VSKJTSMTNP
Value: GS1.1.1704912568.1.0.1704912573.55.0.0
.lijit.com/ Name: _ljtrtb_85
Value: AABA9U7LPc0AABNRgylERA
.socdm.com/ Name: SOC
Value: ZZ7mvcCo5sAAAAfS.3IAAAAA
.undertone.com/ Name: UID_EXT_54
Value: 83ec0f5d-6490-466f-8a5d-b24b1546d1ff-659ee6bd-5553
.courant.com/ Name: nxt_upd_ac_TRIBUNE_600CONFIG_PROD
Value: 1
.courant.com/ Name: nxt_TRIBUNE_600CONFIG_PROD
Value: {%222%22:{%22104256%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:1704912575012%2C%22far%22:0%2C%22frp%22:[]}%2C%22104258%22:{%22ac%22:0%2C%22ac_d%22:0%2C%22s%22:1704912574954%2C%22far%22:0%2C%22frp%22:[]}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:%22104256%22}}
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2g3u:18za~2g3u:1969~2g3u:18z9~2g3u:18z8~2g3u"
.adgrx.com/ Name: ADGRX_UID
Value: 001896fe-afe9-11ee-8ce6-6e5169de39ab
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:B67B9CB5FAEF4990AE46B66C7A6FC2E9&KRTB&23486-uid:B67B9CB5FAEF4990AE46B66C7A6FC2E9&KRTB&23489-uid:B67B9CB5FAEF4990AE46B66C7A6FC2E9&KRTB&23539-uid:B67B9CB5FAEF4990AE46B66C7A6FC2E9
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-e59d3934-868a-4c3e-9652-c62263f9455b&KRTB&22918-e59d3934-868a-4c3e-9652-c62263f9455b&KRTB&22926-e59d3934-868a-4c3e-9652-c62263f9455b&KRTB&23031-e59d3934-868a-4c3e-9652-c62263f9455b
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-001896fe-afe9-11ee-8ce6-6e5169de39ab&KRTB&23275-001896fe-afe9-11ee-8ce6-6e5169de39ab
.primis.tech/ Name: csuuid
Value: 659ee6c013117
.lijit.com/ Name: _ljtrtb_80
Value: LR84XAX2-1U-C4IM
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!258-2!258-3!258
.connatix.com/ Name: cnx_userId
Value: 0ff19b8c3ec9405985ece597fc17608a
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: a41f7b77-ffaa-4fd1-a1b3-4be5dafb8a87
.prebid.a-mo.net/ Name: sd_amuid2
Value: a41f7b77-ffaa-4fd1-a1b3-4be5dafb8a87
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: PDdHuMmCCp
.id5-sync.com/ Name: id5
Value: d05df2a6-215f-7de1-b8b5-3d873c3729a5#1704912575675#2
.intentiq.com/ Name: intentIQCDate
Value: 1704912576475
.intentiq.com/ Name: ASDT
Value: 0
www.courant.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22e59d3934-868a-4c3e-9652-c62263f9455b%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-10T18%3A49%3A35%22%7D
www.courant.com/ Name: pbjs-unifiedid_cst
Value: VyxHLMwsHQ%3D%3D
.rubiconproject.com/ Name: audit
Value: 1|gvovUwoeWirm40ogEgi2wu9uCPL3FNrkL9XGd98/pGThj9K5Ghav9Ve30J9n2MGRthrMKEJ00L1BK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPM4tSiX8FEmZ5f4LD+LjDq52LKvEOHOU7NlN6Stf6XuxzY7yoJVHQ3jeJRBGYIPH7q5ngH95WvEWZFJylDktBOU=
.criteo.com/ Name: partitioned_bundle
Value: PBMxLV9ENzllSEhnNzkwNksxcmhuUWxoTHJIbnVReXhZVTBuNTlLajh1NDN0YldoSEwwNUs2VzU0Tm5oN2FxclBwTldQZDRqdWtrMkYzOSUyRkNkdm1qVURhRzhrek4wWDhMS3BNYVo4MndxOU54aUtjbFpDZVhHcHpldSUyQk1BZ0xZcENWM0JFSGZXa0V3WHRlZiUyRlVkYzIyJTJCbEd4ODIxRHR6MDFkNGI5SFM1N1VoSmElMkZwcWpBNjAlMkZDRFA5OHB1Z0dkaiUyQlVKVQ
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
.pubmatic.com/ Name: DPSync3
Value: 1706054400%3A261_260_259_263_201_262%7C1704931200%3A248%7C1705449600%3A265
.pubmatic.com/ Name: SyncRTB3
Value: 1706054400%3A71_104_22_13_54_166_231_21_220_3_250_165%7C1705449600%3A15_223
.go.sonobi.com/ Name: HAPLB8G
Value: s86150|ZZ7mx
.courant.com/ Name: cto_bundle
Value: diDytF9ENzllSEhnNzkwNksxcmhuUWxoTHJIbnVReXhZVTBuNTlLajh1NDN0YldoSEwwNUs2VzU0Tm5oN2FxclBwTldQZDRqdWtrMkYzOSUyRkNkdm1qVURhRzhrek4wWDhMS3BNYVo4MndxOU54aUtjbFpDZVhHcHpldSUyQk1BZ0xZcENWM0I3dFdjNUFNTDNmODBXZW5lJTJGbVgwWkElM0QlM0Q
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240110%22%2C%22141%22%3A%2220240110%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_43f4896b9c164b82b4130
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-eb1d2174-4993-4a4f-b612-9f916f5fd710&KRTB&23011-eb1d2174-4993-4a4f-b612-9f916f5fd710&KRTB&23355-eb1d2174-4993-4a4f-b612-9f916f5fd710
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2840245782802064973&KRTB&23339-2840245782802064973
.www.courant.com/ Name: _pnlspid_82aJgLgI
Value: 23358
.pubmatic.com/ Name: SPugT
Value: 1704912577
.bfmio.com/ Name: __187_cid
Value: BC1540B7-931D-4457-8971-3EF62F259356
.bfmio.com/ Name: __io_cid
Value: 5e92bd5106917ecc7de628f8e286ce9fbfd5dc4a
.thrtle.com/ Name: mc
Value: eyJpZCI6IjljNTg5ZTA1LTg5MTYtNDU5ZS1iNDlmLTkzNGI0Y2Y3YTc0MCIsImwiOjE3MDQ5MTI1Nzc4NzksInQiOjF9
.courant.com/ Name: bounceClientVisit2054v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgO6kB0AxgPYCuATgIYB2ClVAtkbgAy4AsRbgEYiQ7kQoIAtO2ZSUAUxZKKCgCZSAZlTpS1VYkzBUGagJZMA5lIRxaKZmpRSqmqRThmwGhgCMailIAbmZqClTOmnQcegx0ANZSxAq+RCAANCB0MCAgAL5AA
.www.courant.com/ Name: _pnss_82aJgLgI
Value: dismissed
.www.courant.com/ Name: _pnpdm_82aJgLgI
Value: true
.dotomi.com/ Name: DotomiTest
Value: 40ab0a63f9301006
.technoratimedia.com/ Name: tads_uidp_16
Value: 1547975003335
.technoratimedia.com/ Name: tads_uidp_37
Value: 50493cbe-5792-36b9-b025-f984862706e2
.technoratimedia.com/ Name: tads_uidp_44
Value: LR84DQEQ-Q-B8XZ
.technoratimedia.com/ Name: tads_uidp_45
Value: A6016292-7C09-4AAF-B0D3-62E359EF2284
.technoratimedia.com/ Name: tads_uidp_46
Value: 6978285154548365069
.technoratimedia.com/ Name: tads_uidp_48
Value: d25fe073-ef08-44b5-936e-519782a87488
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAMpUJLW9giKgMlGKzGAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: eacee323-447e-4601-b422-14bb6bc99e37
.technoratimedia.com/ Name: tads_uidp_61
Value: 212415411859636
.technoratimedia.com/ Name: tads_uidp_62
Value: 3479132576573238000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: NLSOCPdkRkBCYD9FH1_H6R9zzk9qFAJK
.technoratimedia.com/ Name: tads_uidp_7
Value: a7e2bc0e-75bf-4fdc-b1ad-45cfdd51ea6e
.technoratimedia.com/ Name: tads_uidp_70
Value: 1674043991941-957306093047-001464-009-005972
.technoratimedia.com/ Name: tads_uidp_73
Value: AABA9U7LPc0AABNRgylERA
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-ababd675-5a2e-43f3-b244-3c5fc9c9a312-005
.technoratimedia.com/ Name: tads_uidp_77
Value: 0whcatDuS6IoWHHA7rkphw5U3bGTSOo67KOzPHAhooE
.technoratimedia.com/ Name: tads_uidp_79
Value: 0269865a-d997-4d65-aef8-ba1b35fe8e7e
.technoratimedia.com/ Name: tads_uidp_80
Value: y-d9e2vElE2uFe8RYzGozk_RjgxRMyhFCm~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZZ7jKYke1xCHfgoq2wWtgwAA&3878
.technoratimedia.com/ Name: tads_uidp_83
Value: ELWDeiSWkKiw
.technoratimedia.com/ Name: tads_uidp_88
Value: 3452323746432445551053
.technoratimedia.com/ Name: tads_uidp_90
Value: 62420b2c-93b6-4958-86ee-d0a539a95879
.technoratimedia.com/ Name: tads_uidp_91
Value: 6493335838109300398brt76151639261561881074b6
.technoratimedia.com/ Name: tads_uid
Value: 5E15D2A62FC44EC58D52C87AC88A86C7
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230719045631+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1693142250488
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAFsVly7E00ZwNopi8YAAAAAAA&KRTB&22713-AAAFsVly7E00ZwNopi8YAAAAAAA&KRTB&22715-AAAFsVly7E00ZwNopi8YAAAAAAA&KRTB&23519-AAAFsVly7E00ZwNopi8YAAAAAAA
www.courant.com/ Name: cnx_userId
Value: 0ff19b8c3ec9405985ece597fc17608a
.smartadserver.com/ Name: csync
Value: 127:AABA9U7LPc0AABNRgylERA
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwiQr8GZ3YXJPBAFEhsKDHNoYXJldGhyb3VnaBILCKiA-a3dhck8EAUSEgoDYWFtEgsIrsbnx92FyTwQBRIWCgdydWJpY29uEgsI0Jy_yN2FyTwQBRgBIAEoAjILCOSH9Iz0hck8EAU4AVoHZ2FwemFpZGAC
.adnxs.com/ Name: XANDR_PANID
Value: 7ZRlI07ZsOwuKvTD4LTDj9do-71LnbuSfR9hBvXCm0Tlz091pgGWi6uiJxSXRuIMrp1hnycFvl5aE1SqOteVMxL8bYKhTNak_hdme3TSPxw.
.yieldmo.com/ Name: yieldmo_id
Value: VEeM___OOM_hTP3txScq%7C1704844800000%7C3448175699815583603
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1p1p|7bq.0.1|7Xz.0.1|7TZ.0.1|7dN.0.AABA9U7LPc0AABNRgylERA|8i8.0.1
.tremorhub.com/ Name: tvid
Value: 008410ddebd446a4b181f6db24908d78
.tremorhub.com/ Name: tv_UISCX
Value: 0ff19b8c3ec9405985ece597fc17608a
.ctnsnet.com/ Name: cid_6b0a10a5b0024b0aadb08ef67422feeb
Value: 1
.tynt.com/ Name: uid
Value: k3eNWWWe5sIHOLzCBgtv3A==
.rlcdn.com/ Name: rlas3
Value: rSCbvz8eDmP0p9GnPK+HTaV/8wPSLX1vMsroVClCRCQ=
.resetdigital.co/ Name: ckbk
Value: 00000127E0EC63B0
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABA9U7LPc0AABNRgylERA
.pubmatic.com/ Name: PugT
Value: 1704873557
.sundaysky.com/ Name: sskyu
Value: d6.6769bbccd8c647bd923a5a61cd52dbd2
.sundaysky.com/ Name: sskyCreationTime
Value: 1704912578397
.iqzone.com/ Name: xuid
Value: 44910e5a-e976-4e53-9b86-ac5614038a9f
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1704912578460%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1704912578460%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1704912578460%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1704912578460%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1704912578460%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1704912578460%7D%5D
.mathtag.com/ Name: uuid
Value: 52cc659e-e6c2-4c00-9e2c-38b9737d5434
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVMHpIUUZBIzE1Mzg2XzAmVTB6SFFsbg
.intentiq.com/ Name: IQMID
Value: 1123634155#1704912578499
.intentiq.com/ Name: IQPData
Value: 1123634155#1704912578498#0#1704912576473
.colossusssp.com/ Name: gtm_usr
Value: 3c51ad05-d468-45fc-933b-0e80c916c752
.colossusssp.com/ Name: lmg_r
Value: 74
.lijit.com/ Name: ljtrtb
Value: eJwVjUsKwzAMRO%2FidQWKLMlWd3ZIoJCWEghkm5%2B76QVK6d3r7IaZN7yvI3d1WUO2Nkufup7NMHWsWbUNSfuWOnMXR6Fyh9juzTNEjQvw5g8wFYJNidQXY5G1shErO4yR5zQTNBO0fLvX3k4XRUZiCZEiEipb8OdF6pRSTjaF4blhjY%2Fx9Xl3YzqPp3ycq1H3xrwAlsLAu0awcBisy4GFAm7rWjcU9%2FsD8FMy0g%3D%3D
.lijit.com/ Name: _ljtrtb_58
Value: BC1540B7-931D-4457-8971-3EF62F259356
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005%22%2C%22nxtrdr%22%3Afalse%7D
.sundaysky.com/ Name: sskya
Value: "e2N4Ont0czoiNDZ0OGFxIix0OiJuaSJ9fQ=="
.id5-sync.com/ Name: 3pi
Value: 434#1704912577626#-360080923|264#1704912577242#1535356691#e59d3934-868a-4c3e-9652-c62263f9455b|441#1704912577409#210483008#u_9a3ca466-c429-4f79-bc91-994aa02d8112|1242#1704912578745#-974402255|203#1704912578152#-2031267970#8cb235f6-5897-4ec0-8d5c-d9793ac95fbd|108#1704912576736#1080593627|796#1704912577032#-801679761|429#1704912578416#-1016071164#BC1540B7-931D-4457-8971-3EF62F259356
.courant.com/ Name: panoramaId_expiry
Value: 1704998978803
.courant.com/ Name: panoramaId
Value: dc55e7891048b9382d0400d01985a9fb927adc41fce6b09a7218edbbd79d4fa5
.courant.com/ Name: panoramaIdType
Value: panoDevice
.cdnwidget.com/ Name: __3idcontext
Value: {"cookieID":"2am8pmX5hRTXg9VATqe7OWROtEh","deviceID":"2am8pjv4xZlxG37Y4XogUBnvRGL","iv":"","v":""}
.courant.com/ Name: _ml_id
Value: 0125e05d-c832-4067-8aa6-f6f328896171.1704912569.1.1704912579.1704912569
.pippio.com/ Name: pxrc
Value: CL3N+6wGEgUI9ywQBhIGCIK9KxAA

20 Console Messages

Source Level URL
Text
network error URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/undefined
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://p.ad.gt/api/v1/p/694
Message:
Unrecognized feature: 'attribution-reporting'.
security warning URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.courant.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.courant.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.courant.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.courant.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.courant.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20BC1540B7-931D-4457-8971-3EF62F259356&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://htlbid.com/v3/courant.com/htlbid.js?ver=6.4.2(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.courant.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
javascript warning URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/connatix.omsdk.service-web-1.4.9.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/connatix.omsdk.service-web-1.4.9.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/connatix.omsdk.session.client-1.4.9.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/connatix.omsdk.session.client-1.4.9.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Message:
Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=6633317921081862514&pId=40&gdpr=0&gdpr_consent=' because its MIME type ('image/gif') is not executable.
security error URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Message:
Refused to execute script from 'https://xsync.iqzone.com/psync?t=s&e=376&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D42%26ev%3D0ff19b8c3ec9405985ece597fc17608a%26pname%3DIqZone%26api-tier%3D2%26uid%3D%25USER_ID%25&gdpr=0' because its MIME type ('image/gif') is not executable.
security error URL: https://www.courant.com/2024/01/10/ct-man-sentenced-for-downloading-thousands-of-child-abuse-videos-from-dark-web/
Message:
Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=RX-4c6d1935-0ff4-4d68-97e9-bae0f270cbb5-005&pId=44' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

83cbf6ee93ea4bc66cad2a507083db23.safeframe.googlesyndication.com
a.ad.gt
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
ajax.googleapis.com
ams-depr-public.s3.amazonaws.com
ams-pageview-public.s3.amazonaws.com
analytics.google.com
ap.lijit.com
api-mg2.db-ip.com
api.rlcdn.com
assets.bounceexchange.com
ats-wrapper.privacymanager.io
az416426.vo.msecnd.net
b-code.liadm.com
b1sync.zemanta.com
bam.nr-data.net
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
capi.connatix.com
cd.connatix.com
cdn-ima.33across.com
cdn.auth0.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.mircheigeshoa.com
cdn.o1ych4jb.com
cdn.p-n.io
cdn.parsely.com
cdn.pranmcpkx.com
cdn.resonate.com
cdn.taboola.com
cdn.undertone.com
cdnjs.cloudflare.com
cds.connatix.com
cds.taboola.com
ce.lijit.com
ch-trc-events.taboola.com
cks.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
cmp.osano.com
config.aps.amazon-adsystem.com
connatix-supply-partners.tremorhub.com
consent.api.osano.com
contextual.media.net
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.media.net
cs.yellowblue.io
csm.va.us.criteo.net
csync.loopme.me
d15kdpgjg3unno.cloudfront.net
d1y4ng3lozj2yp.cloudfront.net
d24zb9qreavi2u.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
data.adsrvr.org
data.cdnbasket.net
dc.services.visualstudio.com
de.tynt.com
direct.adsrvr.org
dis.criteo.com
dis.eu.criteo.com
dpm.demdex.net
ds.reson8.com
dyv1bugovvq1g.cloudfront.net
eb2.3lift.com
embed.sendtonews.com
embedcdn.sendtonews.com
esp.rtbhouse.com
eus.rubiconproject.com
events.bouncex.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb.yellowblue.io
hde.tynt.com
htlb.casalemedia.com
htlbid.com
i.ctnsnet.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id.rlcdn.com
id.sv.rkdms.com
id5-sync.com
idr.cdnwidget.com
ids.ad.gt
ids.cdnwidget.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
ins.connatix.com
invstatic101.creativecdn.com
jadserve.postrelease.com
js-agent.newrelic.com
js-sec.indexww.com
js.matheranalytics.com
k.p-n.io
krk2.kargo.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
lexicon.33across.com
lit.connatix.com
live.primis.tech
loader-cdn.azureedge.net
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.ad.gt
p030.courant.com
p1.parsely.com
page.cdnbasket.net
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
pd.cdnwidget.com
pippio.com
pips.taboola.com
pix.cdnwidget.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pixels.ad.gt
player-files.remixd.com
player.sendtonews.com
playlist.stnvideo.com
pm-widget.taboola.com
polyfill.io
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prod-dfm-proxy-connext.azurewebsites.net
pubcast-files.remixd.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rtb.gumgum.com
s.ad.smaato.net
s.amazon-adsystem.com
s.ntv.io
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.gravatar.com
securepubads.g.doubleclick.net
session.courant.com
simage2.pubmatic.com
simage4.pubmatic.com
sli.courant.com
sqs.us-east-1.amazonaws.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
t.pswec.com
tag.bounceexchange.com
tagan.adlightning.com
tags.crwdcntrl.net
tags.remixd.com
tattle.api.osano.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
tribune.blueconic.net
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usersync.gumgum.com
usr.undertone.com
vid.connatix.com
view.cdnbasket.net
vop.sundaysky.com
www.courant.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
x.bidswitch.net
xsync.iqzone.com
capi.connatix.com
cds.connatix.com
cm.g.doubleclick.net
contextual.media.net
csm.va.us.criteo.net
imasdk.googleapis.com
pagead2.googlesyndication.com
sync.colossusssp.com
vid.connatix.com
104.18.13.242
104.18.35.167
104.18.36.155
104.18.41.104
104.18.8.110
104.26.5.15
104.36.115.113
107.178.250.234
107.178.254.65
107.23.224.83
108.156.120.77
108.156.91.30
108.156.91.83
13.226.22.119
13.226.23.87
13.249.85.33
13.249.85.53
13.249.85.71
13.32.166.127
13.85.16.224
135.148.2.56
141.226.124.48
141.226.224.32
141.95.98.65
142.234.204.77
147.75.195.77
15.197.193.217
151.101.129.44
151.101.130.49
151.101.65.44
151.101.66.137
159.203.147.11
162.19.138.118
162.247.243.29
162.248.18.37
169.197.150.7
172.253.115.155
172.64.146.152
172.64.149.180
172.64.151.101
173.231.184.20
178.250.1.9
18.160.200.115
18.160.200.129
18.172.122.101
18.172.128.118
18.172.134.74
18.205.77.188
18.207.71.126
185.167.164.49
185.184.8.90
192.0.66.166
192.0.76.3
198.148.27.131
199.250.161.129
20.42.73.138
2001:4860:4802:32::181
207.198.113.88
211.120.53.205
216.200.232.253
216.22.16.69
23.205.2.235
23.212.249.146
23.220.109.13
23.55.204.22
23.55.205.215
23.56.220.66
23.7.17.42
23.7.29.146
23.83.76.84
2600:1901:0:56e0::
2600:1f18:4e9:5a07:8d75:79f2:fdf1:69ff
2600:1f18:612b:4200:a2e1:966e:301b:d0c0
2600:1f18:730:b130:27a3:c3ef:6b7a:ff25
2600:1f18:ed:550e:f339:4051:d8d6:6b16
2600:9000:203a:7600:1:a3fa:7cc0:93a1
2600:9000:203a:ac00:1b:5138:8a40:93a1
2600:9000:204d:d200:1f:2473:9080:93a1
2600:9000:2211:1a00:11:b309:9100:21
2600:9000:234f:600:1b:6b7d:2300:93a1
2600:9000:24bd:ca00:5:82fd:2500:21
2600:9000:24d4:d000:8:8845:1500:93a1
2600:9000:2509:e200:3:b7e:8940:93a1
2600:9000:2616:800:10:474e:104a:2961
2600:9000:2617:600:1a:5235:f980:93a1
2602:803:c002:300::98
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:2800:11f:17a5:191a:18d5:537:22f9
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:3556
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700::6811:190e
2606:ae80:1450:15::1720
2607:f350:3:2569:0:10:0:200c
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c07::93
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::61
2607:f8b0:4004:c09::8a
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c0b::94
2607:f8b0:4004:c0b::9a
2607:f8b0:4004:c17::54
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c1b::84
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:1ec:21::14
2a04:4e42:200::282
2a04:4e42:400::485
2a04:fa87:fffe::c000:4902
3.162.174.107
3.162.174.127
3.162.174.56
3.162.174.66
3.162.174.8
3.215.169.119
3.218.14.70
3.219.85.253
3.220.199.186
3.225.218.10
3.229.110.102
3.239.232.53
3.5.19.11
34.102.146.192
34.102.148.158
34.111.113.62
34.111.8.32
34.117.20.67
34.120.135.53
34.120.155.137
34.120.253.250
34.149.130.207
34.149.254.212
34.203.113.223
34.206.237.173
34.206.99.162
34.226.253.159
34.230.147.211
34.234.194.189
34.236.89.98
34.96.70.87
34.98.126.122
34.98.72.95
35.186.193.173
35.190.38.143
35.190.39.111
35.211.178.172
35.214.196.22
35.236.220.17
35.244.154.8
35.244.159.8
35.244.193.51
40.76.134.238
44.210.34.0
44.212.108.213
44.217.105.65
50.31.142.223
51.222.39.185
52.202.66.82
52.204.246.173
52.206.9.43
52.207.45.55
52.217.34.60
52.223.22.214
52.23.7.200
52.46.151.131
52.6.225.135
52.6.62.160
52.7.200.174
52.85.247.29
52.86.45.239
54.144.144.142
54.196.247.2
54.208.84.171
54.218.144.235
54.230.18.13
54.239.33.158
54.90.34.250
63.251.28.133
63.251.86.51
67.202.105.22
67.202.105.31
67.202.105.32
68.67.178.10
69.173.151.100
69.194.240.13
74.119.119.139
74.119.119.150
8.28.7.82
8.28.7.83
8.28.7.84
8.43.72.98
99.84.168.45
00c6ba2670e9e330abbfed4d811a6d49a7ea86105fc9d59a8936a5a2af17e15a
01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880
03345267fab315487d8a669ae6c3640a4a5e5a3c5ec941cc3d2a9ea227d00d14
03aabb73c030ff20d2305e55bf0efb077a40a20d418105df4324b44e7a4b5937
0415bbe14ee5e29c3e534384c0e2e1db2c9af68ed386043e8efced271ecf5a1f
0522785f79d80191cdd156ede93d74aa99eeb68a8f595fba53a4eacd729964f2
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
069e90146f2cb9ce71331f05f526c9bfe94a9a9f48a06852218745d511d2f702
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07378cb9079fe865c12da0f27effd6163adae9ce1ef5e177a527e35b9f093b12
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
0874eeee48290f8f793734937ac14734684ec3c2225ab35a47bcd3587543841b
08843959f236cd145955f76ad34567784505ecfbfe89a443b8f7adf47db65bfe
093143c69ab4e2445966c6f11ead651578eb5f27d41bf6b4223bdafb7e2b8ece
09ac8650e400016b275b963c12b0a042ff04675b504a19d0b2f14a6f3cd2d492
0b1e5547c87f1110c16ba9c64bf89b8cc34ddf1ec20f2e549ea7db8c48565fb9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c46d3b5218424bc0cb4c868abfc21fbcee6fab184289a77928bce49ac3d5ba8
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e23a02ec53cec92a2d5d0f19591674dbb26d74dec30f7f512a3cfe094a98e6d
0e6c67baceef07100c041e7e2ec5caae82d97c5d395b71e5f1140d6d13052602
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2
11b81a77b7809238b43ce7755743fc499d1d5dcca1959938956bd03d59f492a0
123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
1496e19cbae1f57865ce25d8d72caadd2195fabb9d9f19d18a10849c370371e1
1620d622e7e3b44ae8a6aa6f4404053b07da77097a5a358ec148156630ee2d1f
16fbace4b4f556e75cbee6ae291373b9f5c644f72b1e378b6331dae389199bf5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18df8a9eb313a3910f5b3782f22d5436d6416b4df4d5ab20e1fab4dfe518e883
1b520193b57823da77ff57fe4dae5e17bbd7f147e4c52fb876f94691b9fcbf65
1baad3404a4c035f705e76e6c25f7186a977fb843bcc530b80338ccd4cdf18de
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d477e221f73b44db4606152b4fba5974a5452c8e53c98fa870acfd63bf42fd1
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903
1e64afc7583841e3516550cef644b1788566f2f853f680b7bb682230d7981acd
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
24ae07aef0c960e5a87f147f375aade1dfd5f55ad61dd09d759b2d27d7058db2
26cc6c2e760ea5faac378fe6e9c98a4b333282fcb032a040f57744c04a7a8d07
292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026
2b6731e45d4014e5708d0d0f3bb15e8897c9987e301cbaf0ce5ff1bc96f0ffc9
2c680585f7539239f507f97c7fb26dbfa6587912dc02ac0a3304fd44ed0e71d7
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2daf4f648f61913798a435e8a7de48bc507cef6d1beef4a05e314dad8db6f4bf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fb3dda374e0197636f49796340538033da845369ff9b3161b105f075d702ad5
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
32636e6901ad478ab9064ab9c74f895ef6c0d36f796c444c40627cd980d78dc5
32736c030de4000ef195ed90f6e80818eb304eb837dbdc34117b56c3153b1439
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9
32debe5989f645e2e9948ecd51cf6ec713893d4e9a95e4d01898c866df1b3942
32eeceb7992d1d7f50412360f479919c1862b39ae5cf3fd7624526c4292922ce
3487c295cefd526561b2ffe3615c5056d74210cf1f18218ea4bf6855005a0d45
3695aa98cdae7224177c6f3a99837e5593aa3a5ea882d2ddccd6f00e51bf04ff
36ae00807b9321a00cee98b48bc1158b36adc499781eb7c53c091c1264a8d645
36dac7012372f0b0c74a33ec040db81109d15ee8a99c4922402e56a86737640b
36df88557f5d9520a8518f1c63c31203a81e8ca3936296cd7fedce2da7fb622c
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a4322febc8f4a183363f5ed72274960fc758cb017eef16d59c19a62b665c27b
3a67fe1e3752a0a0fa3db75543bb7eaa6acc2e9627f903967e93225e205eb987
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3bd72ab0a106f85ffff184fb630448b2aa66aafe4ef26f0dc15b5adb6c5187d9
3c387f4ae62271d1ce8cf3971d3916de18fdf3d98a3dc589f6ae545e97053680
3cd9e7e200e5f13fa3479e118c3c92f904c8b7b176072dffadc63a2ec8ccd9ef
3d07da29fdb2f8cfe16f01172705fc3c4031d805a55f694079dd9157670e7646
3dddc9ec1713ed777eb9873d6911e812e11344360a7945ed6206ab09e1948b40
3e5f7b15b4626f58c746bb1c774cd1dcf13c170450ec007cc09b57434e55a84d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ffe5d9de90ea416fa84370945927a8d761ec097f8546fe0abf6dabdaa62d472
402eedb543989ee3d347a3479df01579be2b60dade1d2fe5777817559d5c29c1
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
455c7ef154d40349b8a46a6d56eea2b032d21e19dadf5a73a8e2094148d24073
461f9f536c4dc41886fb453be7068b893e2817524bc24587fc0449c65aacec75
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a
4b1be43951bab8e2e558a816a04d0279b3631cc5645604e5383787c880297031
4b7e9421acd34313d0eaf82df46d005784a3a69ba818fc6343e966b8d94c2411
4c20337987f2f6d33510878c4ec379c5b2d893e354be16ccda1da9814f7750ae
4e009335c5bfbd3d8ac854d6d92c2a527abc5c5135195ee8058af2608415c673
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea4e8f1fafaf11db13cc93a53ee9176b88caec72c6535cf1d9f5b707d047943
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
4fcf6a7a615492516668f62f952e53ecec812ef6b71f21c039d9c28e7f6113d0
5038a1e528a859eafbbfebd9619ff9450af4ab50122d33f12cbb3f311b8dd0f0
50a4b9ed414598a072cdc70c4048e340f96622dcb9c5d76ed9eac4c5b713b582
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
52182d794d15f75107a4cf597de66fc79a2cb17687894529ed08690c04b8284c
52e61f42ac0b39dbe4f76c932de0bd91e1a0452403128c402694c789680a003f
5366d088e0529050c113aed3e87d4b81f1b894afec96efb88b0fcf4bfbbd85e2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55266120f7e57670e6a3b9be9a3e87a044aa72332d658f714704b5ebbbf6e8b2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5686bcb387468aa4aee44c7777977fb187f48cd6c324171647e2342ebfac423b
56eed25183cdafeccfe798945a039d2b9ae3a84adf91548b58fa2684f30bc8fc
57298ae9c2168c3f86b4f4e67b9b6a222ce706ed3c8191f391c03d37760d253e
573d17471db486e8c1db97968103afd30442952396917f633312ab4b0fc2bcf3
5757f49e783830cc9fc1f2d675544f1a315c69952d203ea1331d3a55ac46d230
582245e639a1e9144cb14c1e636216eab3a01667407741e95e6b85b0048c2ae0
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58738994be2d0f281f8b26f0ade4bfb5bbcfedcaa195416f20bfc0c68fd6ea69
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
59eb7131355b65f8b06446462b283c93b6497bbb85d29588af986bce31c6ae36
5a279f09619c0564f394333bad7eed4ff0bcb434c0c90a78360ae4c340a194c5
5a349ad08db15df266703b65ecf5066d761196f6d5591419ca8023f5c1281ae5
5ce0cb7f558c1aca9c6e94c7d85d76db859218132923c039b7ef7b38a29f8dfd
5f06c1d8c9b27ca63b3ad1ba28ad9aa8e4b3ab782fd1c0f19800d955a2d2bb61
5fd411901dd57257a53928db21bd5656edef5d9849dba59317af45c4344362df
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60499ce6eb992a481d4f365fd0f06a192391e01f31e6d552cbfd9fe4bea04e84
60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e7a66cf4d717120e843939ff7351a6cbf28270d549816079cdbcf98eb36277
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6601b206acdccacd3067e7669616dfa30fe6b2d8f484944093919599f9c8fd96
66c00229a8c609026dac353950c2206d6e8929543c94ff7b3d48033c988ea946
67de64b0a01212cacfca8d0f1f6f38defc686477313f2fb9e0e19e05d0647fcd
67e008725aa8746ecd8345824387a61ab5cafde36db1164fc4de8d05406bc9df
68ee4a5fe8c6445381f8bf7b546813a19edb6e8bd1d824b9aa15f117d7033f74
69312fa5de75b7829094405d2a23f8e61a0caff3905f64edc725a04e7eb2546d
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
69e30805defbf34fa451a87b0d7c41026d31d627fcb0cc8a2b63a8fd87d08888
6a7da3949039bd533ce7182633a6068e2c515972511a8b1272ae8330e4f00e6b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c33c0ff44951ae93f1af0cd10cbc52b478bbed78db846f9acabed0cbfcd132a
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6cc5851758ac9f463cdc2fc3f76298fe17e16d607788e6e2bf486f19288413eb
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6dd0b215548237e7eb534e9864e92f2fd663872540d0239a964632e9b5a5320b
6e0a84d43913f46215e1da913b01e7774e2a352056e8d6bfb49fe05eb550f4f9
6ef1aa2d1945fd9fb1bd4eb00c603d868f89477a33e9ec2ef7c7035c5a16df31
71e1a06d13bea786011fa2c23f050fd7f089132058147df71e55e24436af739e
74df6a6e6baba23c158bc44b03c0e68cd743edffbf10942864e70e1414936b48
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
771196c556ce9fe2914aa0d336cf0f11fbd579c7cdd52e8436b19e0fffdd783b
780c6bbb6af26bfd0e7fe7d36eab7dd6cfe905656061f72763a54719834afef0
78f8f8f0813254a9c234ef6d928172e3dc13b583cf8443e360f03d6d230ddf5e
793b1e3ce4434890057ad13bbeb745a152ca517e5fb962266b2679fd161d4f35
7a9bdd8acb40c1466ae7e97dce64199c43d90a59a580b87186d9d740ea6f37c9
7b309b9cdea1d3e0bd8774d8313ef71c0bcdc6dc7f35638b4a006353e2bedba6
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c51552210cf46e54bf684795ac5ac9b03af17e73f0c96fbf03a798ecb56e49e
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7d2a0320ddcdb3e97798125f918113ef7d369db6063fc57d8a366e61844376e8
7d6b2e34f8baa2cbb0d0352ba4401894ca78bd0e98a8f0259798be00d3f9f4ec
7e307697090c78320ecd6ee0a812eafa5127d82afd68defbca427848114cb45d
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
818b515528e75d20a6c1714a3b808a2877a724d51c984a0bd9e8c244ce9ce3d8
81c26e14d1dacf07fd903fd0eba5301fd52742c82599b01c03186d613568f1c2
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
827a7bdcfec65087214da88754738d26e2e4cc3197df6d45f0fa749d59d6b7d6
8326beb9639a522a44364f3635e2bafb7e5efba5bc67113b80a742d54346d4e6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8372b3929cd4032b0c46dae9aa05358bc4718a4759f1ad370878ec86e6d5d694
850fe631757ce28bcbec2d85c7edc706af8202730e1cdce7d163bce436534db5
851e83a1bff19c3c6a990477cd9208a81d831ba562665123015569d5e2166cb1
855db21e0ff9d91973fbc966e1c0ed25a4a1d47a9cc66bae3726cd5d3b5f89f3
85976c05de46ce57ed5573e315c75d3377b11c946683a4ee81d6092a59032f34
85bd54411cc6b42dbbb2a3dc5c6edf046b8a20407b25a4398a50c810ba1b66a4
86ea2504eeeb204e6b67ce6ada63fbb3f7e3b8c7c43fbb614d69732afc779604
878548ccb699d4d47f036ced300780bae1cb3f75abb5af276db3589f800575a3
883c4686a61f14b8dfa2f869d37f3ee76d0538b6be2bf21ead92c7e2b9f8dcbb
89a0ddaa4fc2c3c3007953431933ccb96eec303ece5db61f8b87670009e0e7be
89e51de50c6bc21cb57d841e518ac69485b491c53fd2ec2935f8d27bb437184a
8a4f35250016b2ed22899c8d576324d5a20712c6e6e67c4e5b343c33e12b3d89
8afdf0d993b64fe372c02c667be231619e911388f157386a2b37c4d2cf8a55a5
8bbbc008564b18f50877933f83ac8d8fe2349fbcc17a382d8e298e48d7d7b18f
8bd6af2d953e076cb3e255e0c2328e020c672632302230f9896e07b2ba01ca65
8d130970d99e20621bad642fa8de324ea17ae14ec77954bf08b5e89ef1a6c1bb
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57
9000ac6e87387641c9ef778db9586e320bf451e28815384c5e72b689876bcc90
9018ba8b4f58dcd9ad90f6b5c48816c04c344ef9a218afb297acee49f5d3b561
90a9938b5a68884921034666da1d361080ff707ee0a6a8b1d70fafddc1a989b9
918a419c970e210046edf189b9a7827b27e65013325a8ce2793624d762ba3ca3
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5
91c5d4ccb996df1b6deb471c5ac0b7d98c0c3ad1a316cea3e59cee647b25e615
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
932be4013261d954ff7be48bc9d1521a4e3bb8905a7e19ef97663f26659d6144
933ff38629199ba200d23e1a3afda3ca9cae06352169926a4609942ab4d3742b
9391d9a518bf6589403b19fb3305d4cd3d174a9bfe8760646e0eb78e1397a718
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94c55858cb6c9ee771f2c9551e9e76554b1121921bb8606f56872f839db47767
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108
95939450f8c567ef60c00c6f817a675884ba6a9b03d6721c5af3f91d3023dbab
9846c98d92f9ede0abb2db68013d613791db3ccdb486451de1432034b563fb77
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9abacaa4fff6052a41a9e5ca2093c6c49127b41da73ea74b6ee2709b16f0d87d
9b0bf98bed79910e14a1595b645d9a1d095fae0a6fb3e9f23f82c7bdb2150cb2
9b3b142b29f36e8a1d4872537290ec86455fa515c30d45a5baad938c1ac5e024
9b47d87a7fe583a81f426bf087695c17b541265945da90966e10c018b3f70be0
9bec4810857c8523bd1c6966212260eabb19826bb94394bb19856f7dd92b1c32
9d44fa24bd0c7d7f9ea2ba265fab3b4b0edeb23cd8cee21a2d2b78254a1f27d6
9e0683a3fc736ff6dea3a70a0b84e6d7963d41505d45406e5ad494c9f762c6e7
9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc
9e4814535de0c5c17a0f79704d21e93926818ba866289f28a9396b8900bae7c1
9efe8dd25e2490ca020da238d099c436aec029c3da807da7942ea8afc715f792
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
9feaa73605fe7ca15b3526fe1c2efd38898717c22af6ebf6a6c32854b91cb443
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a223b84fa3777992db58301194a1e69b24da79ee6fea005c2e17cc6fef49452d
a427ed185d88f3532615503efeec9c1afc35cb984aeda357b789701d152747d0
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a453ade31af0118629c4b7686eaae4e4248a1768b707e033d8d0f4eaf177c01a
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a5967883c65d3ba40dad64176a4c6abbb541ae08e20b34f01190468199e1ccff
a62837522be0aaecc196da9464490ab11893914232c08e3e49043338e63b9c70
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af
a82d7a3c71671c9e0c5efa83cd0baad4365cf4c27215b232366f781fe56ff561
a8468608faf727a5af1a589c5813abcbb79df1b725194d2e67e5a31250ae2262
a874d4baedf8012a28f39973cf60501ff8fd2edaf06799879f02c0b97aaf7f44
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
a914258132c8bf91a9d82195d7886607de62f68149e09a739cad27d7584cb275
a9a368704e49925fbc2638781948983006a4a98e14344539d3b3df3cf9b34778
a9f77905a277874aa71ba7148c88f9ae1e7b26f8aa6632cfa5d0145670f78217
aa953f4d52f4da871ada41158b62e9e84fbfb39580965fea146df4de95aaddee
ab06d2e71e5ded9c6b0948014bd0afb70d9d93f2f8a6fae80734bbebf726f2e1
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae0db7e5284643b7ff2ba5fc3036503ed8eb0132419ea0cfb59e3ba8c9de77e8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0cafd16bf0a7c3f7217d764a4d01f1394bc19052eb6b2cef6ff6800ef7e9459
b10a0e1942c796ddd404c5c3648d5512653c3c16a4f84eb4d347d2d7fabc8aad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c58d0e2b460f02dabd0ae9e68e4a6fcea518d668b8fcab1787471a3b8ad1ae
b2d92ad1421f32593d627928ff12252b2ee4e1ba93b22667286e3f73c0a963bd
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b3a9ee5ee7afb679967d4d0a515021115927eec85cba79e8e0e8986b2224039c
b46fa63adfa0830344c71b16cb1109f87f7c75768294832c2b65a01a21c43711
b47be3f31e7d4d074dee198f6e8f521b26194e60c562a426d7033e5154df7db3
b601fc83035bbc889da1cc25a00d9717b4c6b86dedf63bfd8ef872450d3b1f70
b679d317e3ae5451eb2daf9443baec7388527417985cd724fa3c228f88a5af2c
b78095213882a04fa62a8b756f8f51707dd05975c09efdc66f19ccd88e36acf6
b82e140f1d83ec20d923395304e802c3af971c519ea3a42b0c76687d08a34280
b972e38f419e555604a644d02e020913aa6c4b73ef58f23aefc9a23202e18d8e
b9b255031ea3667a75c31a52b4608aae035fbb22b72e257a29a4fb1f84db1a10
b9f892139e697bb9ea1db18fdec0a6ec24e17e388e833963adfcc783bb110d4f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc7e4884872b2c9125acbab25a32fc8fe44309174f4e40fc57345f634e790e3c
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bdc5b950edb503a10369bdc8b31c4dc68f9d5105877caa006e8ae67ad6bfd841
bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e3024c8a6340ec2e2b7893f2e2bfe38bdf408efdc2574777c042b515ccd1bd
c329ba99041e98b390b22b93ac9bbe95cc709312ce4b7df7d1e0a4e915dd3b84
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4b19f053d886a3d653df62c0f59695c9654dca1bdbe4498b2083a927c3e8ff2
c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7
c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
ca8edd84575cece2729fc29af7a81907d962da5d810ce7c077477dba5af5b21d
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93
cd7afa97f171703623b8c274a3158c96d0f5bd8028956ba1eab5a592b2a1776d
cf2376b276cc094c06a9365bb20f289b665f6712f0bb2ce1e3200d41f1936da0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00afe3d2b0a8d1c8d36a4059464c681095e8438658d34512810d7294ff1c10d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d14a9076e5d50dcf7b1f7ea3ebadcfe4bd5b53d78b2e36ffd2b53eb7464cf3a2
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d37545bbfbab30b44e51e630172af7d5d8a717afe66642b3e8eba0f6e1666872
d3e6adbda65d2903f09a41c14896d338479636be883f23fd9c22cfdecdadcd26
d3f9c1b18692ba66a5a1a0a1b5bbf55b2fcee53f016f7d23662ee4688c7c5837
d5abfd52cf58b0b3bfefc1cdc4b51b091c1a830e416ccd851e0b2fcbb10eeb5a
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7b5d2a2631bcf87565380eba73fc1931d85a491d55399c5485c1f06bcb74d4e
d7dd57012cb48aa8da82d5a92bf86e7e956c7087ed54abe5e212609f10b73908
d9d85b620d254c1d17e8e8a7141a73e66288924dbe03c7f4acd3cb07d4110d70
d9e057fabfeefd905697e28192598d51e244a2f91caa08593ff51d120628c108
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
db474dcae6035d74edd4ebc274e72dfd03922a986af20695b13e292c817b78c7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de146d98220d3694e1198932967155dccd7042c7b2039fbe1362524aa5a98d3c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df1d0522be2659d56a0b3ec1a750b2bd31770f0aae802ee8181b029b5101d96b
df3bd2b5ba1953de83dfadb867bd652bc7e5c9d15d31345661f0d9543c634f59
e0ec33fe1a55557837ed9ae8a1c08a24694a8f605563a2b44329604544fe4f24
e14812dd6accc09fbd065714085c9d365107f9e2c0e370fec955671961037b2d
e15506e299da3d4a8ca095007fae20286400cb4993c333f0bff4360cc1fe2cca
e190dd0ccce3b4292395cbd20dbfd61c30c5778080ba3b60826f159e0f596e45
e1e2592db562f5578780b2ce32990214fd69f443d0b823267ead98cf799d7da7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4699bcee6722a3a482407adaa52c56ec8b7186b6932f16a444bde12f6e5b25e
e52358452a907af9b2763e9c34115c487af6926f2db906f6e36213b761765ccd
e5b7e1e66753e7c368a96cf158827f10f2dcd0710b951cd60902854a5ea802f2
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9f03a7ff32a451ae6f519e934f9e3f5c4d0a322cbbb3730dae348a37913cb99
eab6233096b857ecda13c7f64b1cee3378457faa09df4db474f765029f2fe921
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743
ee60cc71705bd448308bef6967e0ff1ee9ff7f7ed33bb10be2b8c2f324f1651b
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
eec2cd1094a6238af60f038e8f42ee2e90b115afd360a765d49a2dcd1d532336
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef73ff186bebd1b05009d9ead4258055b09d9571670ac00726bb2c583ed8ef14
efd23a33116788c37d11a29b1f43152f729d720bf1d2a909d65237348b8c00bc
f35a7a3eb28e1da39e87276b8f75d6203b808e26b63218ffb0be3fd62e0de605
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3ecc41cc46892c7183f8afb694e2545dedff5de1a8be896cb7933a46284fb5e
f4e378b9cd1b46f9f999338c1aac1f1fd7932427a2fbe6e183822ce7f4a46cdf
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7609ef556e5ffde43d3481cc9eeac45a404f40051f064c509f1b41d64ca12f7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8dbf30fedf7215cc1db8ccdf95705cfc4ab1afe1951ef1d4a5aec32ac601d74
f974407e736c2f1809e95ac89c28d1ee6e1f36f13c55c358f71902b4b87ea9ae
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb3476d8077009f208e56a7789625e657d1f652bcfa2c3c4acd7874d9c0b4a38
fca1b23045b6c777d30be22aea1e625ed8240bbc298886c7f3c1fce209ebbac2
fdbbe41260e53742b767fb83fc0dad0a64fb216634e5c9b5cb8e2461ca1afb80
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1
feb0e7f17014201ea9124f23e3f63965411385abf0103fc682595d0674087a0c
feb16b2155b0e928d6b042e2f51bdae41580afd66888402dc1ec151cea6690d9