urlscan.io logo urlscan.io
SecurityTrails logo

www.oann.com Open in urlscan Pro
2600:1f1c:adc:8703:1672:d163:3a9e:5b14  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Submission: On March 06 via api from SA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 70 IPs in 9 countries across 77 domains to perform 210 HTTP transactions. The main IP is 2600:1f1c:adc:8703:1672:d163:3a9e:5b14, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is www.oann.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 17th 2020. Valid for: 2 years.
This is the only time www.oann.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2600:1f1c:adc... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
27 2600:9000:20d... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:20d... 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 65.9.23.145 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 68.183.31.14 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 151.139.241.28 33438 (HIGHWINDS2)
18 172.67.39.17 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3 104.117.200.100 16625 (AKAMAI-AS)
1 208.100.17.183 32748 (STEADFAST)
2 7 104.108.145.8 16625 (AKAMAI-AS)
1 51.38.120.206 16276 (OVH)
5 11 185.33.223.178 29990 (ASN-APPNEX)
6 6 213.19.147.151 26120 (RHYTHMONE)
3 7 54.228.114.223 16509 (AMAZON-02)
2 67.202.110.21 32748 (STEADFAST)
1 1 70.42.32.191 22075 (AS-OUTBRAIN)
1 178.162.133.149 60781 (LEASEWEB-...)
1 52.19.239.39 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 52.28.239.147 16509 (AMAZON-02)
6 6 3.126.56.137 16509 (AMAZON-02)
2 2 216.52.2.19 29791 (VOXEL-DOT...)
6 6 185.64.189.216 62713 (AS-PUBMATIC)
10 12 142.250.185.66 15169 (GOOGLE)
2 8 185.64.189.110 62713 (AS-PUBMATIC)
2 4 185.64.190.81 62713 (AS-PUBMATIC)
1 1 88.214.193.83 46636 (NATCOWEB)
1 1 193.0.160.128 54312 (ROCKETFUEL)
2 2 185.94.180.125 35220 (SPOTX-AMS)
1 2 54.239.17.112 16509 (AMAZON-02)
1 192.132.33.46 18568 (BIDTELLECT)
2 2a00:1288:110... 34010 (YAHOO-IRD)
4 4 2620:116:800d... 16509 (AMAZON-02)
1 2 54.85.167.1 14618 (AMAZON-AES)
1 69.173.144.165 26667 (RUBICONPR...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
4 193.122.130.38 31898 (ORACLE-BM...)
2 178.250.2.146 44788 (ASN-CRITE...)
2 185.86.139.95 201081 (SMARTADSE...)
2 52.45.248.59 14618 (AMAZON-AES)
12 35.244.159.8 15169 (GOOGLE)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 18.198.115.155 16509 (AMAZON-02)
4 151.139.128.11 20446 (HIGHWINDS3)
7 52.51.76.107 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
2 34.95.69.49 15169 (GOOGLE)
1 34.120.133.55 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 104.108.144.214 16625 (AKAMAI-AS)
2 104.108.144.200 16625 (AKAMAI-AS)
2 152.199.22.191 15133 (EDGECAST)
2 185.64.189.115 62713 (AS-PUBMATIC)
4 4 185.29.135.233 30419 (MEDIAMATH...)
6 7 37.157.4.25 198622 (ADFORM)
1 178.250.0.163 44788 (ASN-CRITE...)
2 2 213.155.156.167 1299 (TELIANET ...)
1 52.215.8.160 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 16 185.64.190.80 62713 (AS-PUBMATIC)
1 1 87.98.128.108 16276 (OVH)
6 6 18.195.193.185 16509 (AMAZON-02)
1 173.231.180.197 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 2 199.232.137.44 54113 (FASTLY)
2 2 18.185.192.106 16509 (AMAZON-02)
1 2 35.227.248.159 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.106 62713 (AS-PUBMATIC)
1 2 169.50.137.190 36351 (SOFTLAYER)
1 1 2001:678:cb4:... 56396 (TURN)
2 2 35.210.178.101 15169 (GOOGLE)
2 2 151.101.114.49 54113 (FASTLY)
1 1 66.155.71.149 13768 (COGECO-PEER1)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 185.33.221.87 29990 (ASN-APPNEX)
1 1 34.250.193.151 16509 (AMAZON-02)
1 1 34.225.236.62 14618 (AMAZON-AES)
8 68.232.35.16 15133 (EDGECAST)
2 185.64.189.114 62713 (AS-PUBMATIC)
1 2 51.210.112.63 16276 (OVH)
2 2 18.198.126.47 16509 (AMAZON-02)
210 70
3    2600:1f1c:adc:8703:1672:d163:3a9e:5b14 (San Jose, United States)

ASN16509 (AMAZON-02, US)
www.oann.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
27    2600:9000:20d7:2c00:9:da2a:f240:21 (United States)

ASN16509 (AMAZON-02, US)
dzm0ugdauank9.cloudfront.net
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:20d7:f000:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
3    2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    65.9.23.145 (Orlando, United States)

ASN16509 (AMAZON-02, US)
d2pggiv3o55wnc.cloudfront.net
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
served-by.pixfuture.com
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
1    2606:4700:20::681a:5da (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.poll-maker.com
4    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.139.241.28 (United States)

ASN33438 (HIGHWINDS2, US)
cdn1.lockerdomecdn.com
18    172.67.39.17 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2606:4700:20::681a:a9c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pixfuture.com
3    104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
1    208.100.17.183 (United States)

ASN32748 (STEADFAST, US)
PTR: ip183.208-100-17.static.steadfastdns.net
de.tynt.com
7    104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
11    185.33.223.178 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
6    213.19.147.151 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
7    54.228.114.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-114-223.eu-west-1.compute.amazonaws.com
match.adsrvr.org
2    67.202.110.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-110.static.steadfastdns.net
ssc-cms.33across.com
1    70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    52.19.239.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
s.cpx.to
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    52.28.239.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-239-147.eu-central-1.compute.amazonaws.com
pixel.advertising.com
6    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
6    185.64.189.216 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
12    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
8    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
4    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    88.214.193.83 (United Kingdom)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
4    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    54.85.167.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
um2.eqads.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
pixfuture.technoratimedia.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    52.45.248.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ssc.33across.com
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
pixfuture2-d.openx.net
eu-u.openx.net
us-u.openx.net
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    18.198.115.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
btlr.sharethrough.com
4    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
assets.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
7    52.51.76.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
trends.revcontent.com
1    2600:9000:2156:4400:19:f03c:7200:21 (United States)

ASN16509 (AMAZON-02, US)
d1bvk193qme2fc.cloudfront.net
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
2    2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
4    104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    104.108.144.200 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-200.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    185.29.135.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
7    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.167 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
1    52.215.8.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
16    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    87.98.128.108 (France)

ASN16276 (OVH, FR)
green.erne.co
6    18.195.193.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
2    18.185.192.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.190.106 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    35.210.178.101 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
a.volvelle.tech
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    185.33.221.87 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
1    34.250.193.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
1    34.225.236.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
8    68.232.35.16 (United States)

ASN15133 (EDGECAST, US)
ec-ns.sascdn.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: ns3174889.ip-51-210-112.eu
pixel.onaudience.com
2    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loada.exelator.com
Apex Domain
Subdomains		 Transfer
45 pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
simage4.pubmatic.com
87 KB
30 cloudfront.net
dzm0ugdauank9.cloudfront.net
d2pggiv3o55wnc.cloudfront.net
d1bvk193qme2fc.cloudfront.net
699 KB
18 infolinks.com
resources.infolinks.com
router.infolinks.com
274 KB
14 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
45 KB
13 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
2 KB
12 openx.net
pixfuture2-d.openx.net
eu-u.openx.net
us-u.openx.net
3 KB
11 revcontent.com
assets.revcontent.com
trends.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
130 KB
8 sascdn.com
ec-ns.sascdn.com
26 KB
8 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
6 KB
7 adform.net
c1.adform.net
2 KB
7 adsrvr.org
match.adsrvr.org
3 KB
7 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8 KB
7 pixfuture.com
served-by.pixfuture.com
cdn.pixfuture.com
129 KB
6 bidswitch.net
x.bidswitch.net
2 KB
6 technoratimedia.com
pixfuture.technoratimedia.com
ad-cdn.technoratimedia.com
11 KB
5 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
2 KB
4 mathtag.com
sync.mathtag.com
2 KB
4 smartadserver.com
prg.smartadserver.com
csync.smartadserver.com
3 KB
4 quantserve.com
pixel.quantserve.com
2 KB
4 33across.com
ssc-cms.33across.com
ssc.33across.com
1 KB
4 1rx.io
sync.1rx.io
3 KB
4 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
4 gstatic.com
fonts.gstatic.com
127 KB
3 facebook.net
connect.facebook.net
64 KB
3 googleapis.com
fonts.googleapis.com
2 KB
3 oann.com
www.oann.com
244 KB
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
733 B
2 everesttech.net
sync-tm.everesttech.net
631 B
2 volvelle.tech
a.volvelle.tech
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 fiftyt.com
visitor.fiftyt.com
843 B
2 semasio.net
uipglob.semasio.net
1 KB
2 tapad.com
pixel.tapad.com
616 B
2 w55c.net
pm.w55c.net
2 KB
2 taboola.com
trc.taboola.com
match.taboola.com
558 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 clean.gg
i.clean.gg
104 B
2 eqads.com
um2.eqads.com
563 B
2 amazon-adsystem.com
s.amazon-adsystem.com
928 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 lijit.com
ap.lijit.com
1 KB
2 advertising.com
pixel.advertising.com
674 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 jwplatform.com
content.jwplatform.com
2 googletagmanager.com
www.googletagmanager.com
67 KB
1 ipredictive.com
sync.ipredictive.com
522 B
1 gumgum.com
rtb.gumgum.com
336 B
1 playground.xyz
ads.playground.xyz
488 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 turn.com
ad.turn.com
518 B
1 zeotap.com
mwzeom.zeotap.com
386 B
1 contextweb.com
bh.contextweb.com
461 B
1 adgrx.com
cm.adgrx.com
408 B
1 erne.co
green.erne.co
326 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 bidr.io
match.prod.bidr.io
430 B
1 rlcdn.com
api.rlcdn.com
326 B
1 sharethrough.com
btlr.sharethrough.com
112 B
1 bttrack.com
bttrack.com
380 B
1 rfihub.com
p.rfihub.com
721 B
1 ck-ie.com
us.ck-ie.com
482 B
1 adkernel.com
dsp.adkernel.com
233 B
1 cpx.to
s.cpx.to
945 B
1 sonobi.com
sync.go.sonobi.com
474 B
1 zemanta.com
b1sync.zemanta.com
288 B
1 onetag-sys.com
onetag-sys.com
818 B
1 tynt.com
de.tynt.com
289 B
1 googlesyndication.com
pagead2.googlesyndication.com
50 KB
1 lockerdomecdn.com
cdn1.lockerdomecdn.com
1 KB
1 poll-maker.com
scripts.poll-maker.com
2 KB
1 onesignal.com
cdn.onesignal.com
3 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
6 KB
210 77
Domain Requested by
27 dzm0ugdauank9.cloudfront.net www.oann.com
16 simage2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
15 router.infolinks.com resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
12 cm.g.doubleclick.net 10 redirects eu-u.openx.net
11 ib.adnxs.com 5 redirects cdn.pixfuture.com
acdn.adnxs.com
8 ec-ns.sascdn.com csync.smartadserver.com
8 image2.pubmatic.com 2 redirects image6.pubmatic.com
ads.pubmatic.com
7 c1.adform.net 6 redirects image6.pubmatic.com
7 trends.revcontent.com assets.revcontent.com
d1bvk193qme2fc.cloudfront.net
7 match.adsrvr.org 3 redirects ssum-sec.casalemedia.com
cdn.pixfuture.com
eu-u.openx.net
6 x.bidswitch.net 6 redirects
6 eu-u.openx.net cdn.pixfuture.com
eu-u.openx.net
6 image8.pubmatic.com 6 redirects
6 ups.analytics.yahoo.com 6 redirects
5 served-by.pixfuture.com www.oann.com
cdn.pixfuture.com
4 us-u.openx.net eu-u.openx.net
4 sync.mathtag.com 4 redirects
4 ads.pubmatic.com cdn.pixfuture.com
ads.pubmatic.com
4 pixfuture.technoratimedia.com cdn.pixfuture.com
4 pixel.quantserve.com 4 redirects
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
4 image4.pubmatic.com 2 redirects ads.pubmatic.com
4 sync.1rx.io 4 redirects
4 fonts.gstatic.com fonts.googleapis.com
3 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
ssum-sec.casalemedia.com
3 resources.infolinks.com www.googletagmanager.com
www.oann.com
resources.infolinks.com
3 connect.facebook.net www.oann.com
connect.facebook.net
3 fonts.googleapis.com www.oann.com
3 www.oann.com www.oann.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 simage4.pubmatic.com ads.pubmatic.com
2 sync-tm.everesttech.net 2 redirects
2 a.volvelle.tech 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 pixel.tapad.com 1 redirects image6.pubmatic.com
2 pm.w55c.net 2 redirects
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 ad-cdn.technoratimedia.com cdn.pixfuture.com
2 acdn.adnxs.com cdn.pixfuture.com
2 csync.smartadserver.com cdn.pixfuture.com
2 i.clean.gg d1bvk193qme2fc.cloudfront.net
2 hbopenbid.pubmatic.com cdn.pixfuture.com
2 pixfuture2-d.openx.net cdn.pixfuture.com
2 ssc.33across.com cdn.pixfuture.com
2 prg.smartadserver.com cdn.pixfuture.com
2 mug.criteo.com www.oann.com
2 gum.criteo.com 1 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 sync.search.spotxchange.com 2 redirects
2 ap.lijit.com 2 redirects
2 pixel.advertising.com 2 redirects
2 ssc-cms.33across.com router.infolinks.com
cdn.pixfuture.com
2 sync.targeting.unrulymedia.com 2 redirects
2 eus.rubiconproject.com router.infolinks.com
eus.rubiconproject.com
2 cdn.pixfuture.com served-by.pixfuture.com
cdn.pixfuture.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 d2pggiv3o55wnc.cloudfront.net www.oann.com
2 content.jwplatform.com www.oann.com
2 www.googletagmanager.com www.oann.com
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel-sync.sitescout.com 1 redirects
1 ad.turn.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 match.taboola.com image6.pubmatic.com
1 trc.taboola.com 1 redirects
1 bh.contextweb.com 1 redirects
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com image6.pubmatic.com
1 green.erne.co 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 match.prod.bidr.io image6.pubmatic.com
1 dis.criteo.com image6.pubmatic.com
1 api.rlcdn.com cdn.pixfuture.com
1 images.revcontent.com
1 cdn.revcontent.com
1 img.revcontent.com
1 d1bvk193qme2fc.cloudfront.net assets.revcontent.com
1 assets.revcontent.com cdn.pixfuture.com
1 btlr.sharethrough.com cdn.pixfuture.com
1 token.rubiconproject.com eus.rubiconproject.com
1 bttrack.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 us.ck-ie.com 1 redirects
1 dsp.adkernel.com router.infolinks.com
1 s.cpx.to router.infolinks.com
1 sync.go.sonobi.com router.infolinks.com
1 b1sync.zemanta.com 1 redirects
1 onetag-sys.com router.infolinks.com
1 de.tynt.com router.infolinks.com
1 secure-assets.rubiconproject.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 cdn1.lockerdomecdn.com www.googletagmanager.com
1 scripts.poll-maker.com www.oann.com
1 cdn.onesignal.com www.oann.com
1 maxcdn.bootstrapcdn.com www.oann.com
210 109

This site contains links to these domains. Also see Links.

Domain
store.oann.com
klowdtv.com
www.iheart.com
Subject Issuer Validity Valid
www.herringnetwork.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-17 -
2022-10-19		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
jwplayer.com
Amazon		 2021-01-29 -
2022-02-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA		 2019-12-03 -
2021-12-02		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
cdn1.lockerdomecdn.com
Go Daddy Secure Certificate Authority - G2		 2019-03-06 -
2021-05-05		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-05 -
2022-01-18		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
onetag-sys.com
R3		 2021-02-10 -
2021-05-11		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-02-09		 a year crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-19 -
2021-04-13		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
um3.eqads.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-03 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
assets.revcontent.com
R3		 2021-01-14 -
2021-04-14		 3 months crt.sh
revcontent.com
Amazon		 2020-07-08 -
2021-08-08		 a year crt.sh
i.clean.gg
GTS CA 1D2		 2021-02-18 -
2021-05-19		 3 months crt.sh
img.revcontent.com
R3		 2021-01-15 -
2021-04-15		 3 months crt.sh
cdn.revcontent.com
R3		 2021-01-16 -
2021-04-16		 3 months crt.sh
images.revcontent.com
R3		 2021-01-14 -
2021-04-14		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2020-01-02 -
2021-04-02		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.semasio.net
Sectigo ECC Domain Validation Secure Server CA		 2020-03-09 -
2021-03-27		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2020-05-08 -
2022-05-25		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.onaudience.com
Certyfikat SSL		 2020-05-28 -
2021-05-28		 a year crt.sh

This page contains 33 frames:

Primary Page: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Frame ID: 67AB21720D47245113F4B7E0E2798551
Requests: 77 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Frame ID: DBAE1EB540FDE7F05E9BF9131662DA34
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Frame ID: 101D4D3B72E18B32FA0F38FE086C75AF
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: 55E0DCC9A1933CC61B53AD06AC364E4C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Frame ID: 8639EBD592AC23771D956EB8B878016B
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 1E8EFF6496D43D466B67F14B6AE1A9CC
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 3B53C7AAC8C651C22BA936246C5D8556
Requests: 2 HTTP requests in this frame

Frame: https://assets.revcontent.com/master/delivery.js
Frame ID: B4C1FBA732E357F948D892F5553C9971
Requests: 17 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3663&dcid=6&iscname=false&cname=
Frame ID: E083424DB777F7513F5A3978A7870EF2
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2E18DEDF51D5A2361998E09C4697F3E3
Requests: 25 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B9147FF3981B038D9900ED8F87DBDDC3
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BA12E64DF2CFEE703F3442447914E656
Requests: 6 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: 742E0382CEF17B9ED8AFBB7D446EB651
Requests: 7 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.26.0
Frame ID: 92C0B6462C2900E444935BE4BEE0F6E1
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: D589386FF50FDE7F299C652FD926215B
Requests: 7 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.26.0
Frame ID: F197B73D7A91CCD9557B49AD2AAD5D4D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 88EB3832F61F7BB9C83F57CB5D35FF9D
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 78F7708B487C345E09C0276DA337A413
Requests: 1 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3663&dcid=6&iscname=false&cname=
Frame ID: A994924AC2073A0AEB25041F15B07435
Requests: 5 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0D6EF7169C5A249DDBBFE465C2FD9FC1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8770980778055199659
Frame ID: 4A12753AEAC12430197FDF40C634E593
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: 7E5ED9ED9EBAF324672FC32ED963F4DC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936442749358831766
Frame ID: 1B4F7BB5F66459C5D883BF52F04BEF31
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=CfIi0ib4yPwO8SITkT27WbMM
Frame ID: 106D3FB030800103EBCCFCAA010A56DB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003
Frame ID: 40BB7F337284EF914CF81565782450D5
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: A395E92365EB8C00C8339A6A53D5E0D6
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 88B16122890A885CBE560AFB18FBB42C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Nrompvf8Zmyu&pid=557219
Frame ID: 2703FD5CAA9844601D9F1CC0BC2BB5ED
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c057a006-cab5-4f3b-8d01-cb12d679a0c6-tuct73cb76e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 17E17F9531B03560775ADE977305208C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:oHyNQ6z81Liry65&gdpr=0&gdpr_consent=
Frame ID: 0203382814924FC559623B0A0499FD01
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 072CE50219897B504FE4CCA3913A771C
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
Frame ID: 5DEAF4206CCB554EDA5C7DD59236495A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EDD05FAF8FD0404CA146BB0044AEF5C4
Frame ID: AA2749D40195966C9E53C63F0E8C68E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

210
Requests

100 %
HTTPS

23 %
IPv6

77
Domains

109
Subdomains

70
IPs

9
Countries

2010 kB
Transfer

4034 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=infolinks&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Request Chain 58
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Request Chain 60
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=7457235993791174996
Request Chain 61
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5386363205 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5386363205 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/b38316c3-be8c-4be2-9d02-3a9e5fc27f23 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003
Request Chain 63
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=
Request Chain 65
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.oann.com%252Fn-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines%252F&pid=12306&adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.oann.com%25252Fn-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.oann.com%2Fn-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines%2F&pid=12306&adnxs_uid=9009367346844400815
Request Chain 67
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP38a2ee60-7e4f-11eb-bc23-02ae808367ac HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP38a2ee60-7e4f-11eb-bc23-02ae808367ac&verify=true HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-KQfh4.V1l2bk.NRHtjrarmIFlF7iSL2W~UP38a2ee60-7e4f-11eb-bc23-02ae808367ac
Request Chain 68
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=3acca5fb689bb2c977cd6d9b
Request Chain 69
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzMxNEZDRTAtNjU3Mi00QTJDLTgyQzYtNDdBMjAxMTA1QzND&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04 HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
Request Chain 70
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkE5NEVCMEQtMThGRS00RUM2LUJBQjktNkJBMTg2NUU0QjA0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04 HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
Request Chain 71
  • https://us.ck-ie.com/nfol263.gif?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fbizzc-usync%3Fuid%3D%7B%24PARTNER_UID%7D HTTP 302
  • https://router.infolinks.com/dyn/bizzc-usync?uid=91a78059df4af410b204bab20c69af25c820bdddeb6952159a5a4c5b25e3d7fa
Request Chain 73
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=1871316018058183234
Request Chain 74
  • https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=38c4f5e0-7e4f-11eb-90e3-11482f422c06 HTTP 302
  • https://router.infolinks.com/dyn/sx-usync?uid=38c4f5ab-7e4f-11eb-90e3-11482f422c06
Request Chain 75
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-W1Pd1sZ1l2ac4xKoTDOMRyPw3HU4mMXkTjPekhE-
Request Chain 79
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEIDQRlXybrOqBPBtiEXyKec&google_cver=1
Request Chain 81
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YEMx7A1ODSOl1F0nUEgKkgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAZjBDp28RJWtCvXRvZgILM&google_cver=1
Request Chain 82
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB&dcc=t
Request Chain 84
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB
Request Chain 85
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=zHBegslxD9LXdA6FwnhHiZl1U4XXdg7Um3CaAB33
Request Chain 87
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 92
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.oann.com%2F&domain=www.oann.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=TLQ0jHxXM0NjNER0Yms1cnlycHpvMkY1UWVZNVQ3NXdEaXd4ZzVvMnNxd1VDRi8xb2YyWGd6TnA0WVhrQ3gvdGRteGkvNmYwWjZiZUp1Y2VKZ2tLQmlJL2ZNVVlyYzFCZFpUS2x3S0IwNEd1bDZLMmtSY1lBeWMweUxnalpjdkRyTkV5ZmlSakZsbUtyTzQwOGRCNlVJcWExOGF0S0FFVEwyMDhaNlp3YnZ3TjdRZlJzbFJKbVJVYU1jOWJudzlkVGwvaGZkY2VXdlR4L09xVE9KMVQrUFpVSGJmRzJGV1M3UGx0dHRlY2Q0ZURneUNNPXw&cppv=2
Request Chain 144
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e4496043-31ee-4100-b918-0c340b92bde8
Request Chain 145
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=QbgFwUS5VJFavFXGT7AcyhS9CMZavlWXFrgN4Y3U
Request Chain 146
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4348896498972511524
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4e0NqfuZ5Q0pPJ-ritLw4&google_cver=1
Request Chain 151
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8770980778055199659
Request Chain 153
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936442749358831766
Request Chain 154
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=CfIi0ib4yPwO8SITkT27WbMM
Request Chain 155
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003&rndcb=1777789656 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003&rndcb=1777789656 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=e83be185-29e8-4bd8-9dac-c62d1e1821b8&google_hm=ZTgzYmUxODUtMjllOC00YmQ4LTlkYWMtYzYyZDFlMTgyMWI4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEC7XTVgWpi2U-6nS0SWkdsk&google_cver=1&ssp=adconductor&bsw_param=e83be185-29e8-4bd8-9dac-c62d1e1821b8 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/e83be185-29e8-4bd8-9dac-c62d1e1821b8?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003
Request Chain 157
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 158
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Nrompvf8Zmyu&pid=557219
Request Chain 159
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c057a006-cab5-4f3b-8d01-cb12d679a0c6-tuct73cb76e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 160
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:oHyNQ6z81Liry65&gdpr=0&gdpr_consent=
Request Chain 161
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 162
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=apTrDRj-Tsa6uWuhhl5LBA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 164
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 165
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&addseg=19,36,42
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMokC1n7aEsCUILunGaFBp4&google_cver=1
Request Chain 168
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1871625874875868808
Request Chain 169
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&gdpr=0&gdpr_consent=
Request Chain 170
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b38316c3-be8c-4be2-9d02-3a9e5fc27f23
Request Chain 171
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7457235993791174996&gdpr=0&gdpr_consent=
Request Chain 172
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KKMo4T11l2Je7y_PzDoIyGe04f9EZu8-&gdpr=0&gdpr_consent=
Request Chain 174
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4385927054558514200&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 175
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj
Request Chain 176
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=27fd4f95-1735-4c57-8617-c99d6e09b2b0&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e83be185-29e8-4bd8-9dac-c62d1e1821b8&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 177
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YEMx7gAAAKN7_Szr HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEMx7gAAAKN7_Szr&gdpr=0&gdpr_consent=&_test=YEMx7gAAAKN7_Szr
Request Chain 178
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 180
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4a21f60b-16d4-410d-aab4-fa15184aefd2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 181
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7457235993791174996
Request Chain 182
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_21e849ae-acc5-4f45-bd2e-336df2d408a4
Request Chain 183
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=3ad18dbe-7e4f-11eb-be16-578c85b85361&gdpr=0&gdpr_consent=
Request Chain 184
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ebc36043-31ee-4500-ab36-50253b7dc5a3
Request Chain 185
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=QbgFwUS5VJFavFXGT7AcyhS9CMZavlWXFrgN4Y3U
Request Chain 186
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1521188977413173293
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4e0NqfuZ5Q0pPJ-ritLw4&google_cver=1
Request Chain 205
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EDD05FAF8FD0404CA146BB0044AEF5C4
Request Chain 206
  • https://pixel.onaudience.com/?partner=214&mapped=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b1294efe3991b4910e7752b3bc1003e5
Request Chain 207
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=052f6043-31ee-4500-ad4a-18d9c7e8c427

210 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/ 		67 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:adc:8703:1672:d163:3a9e:5b14 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 / PHP/7.4.5
Resource Hash
bd9b92f43d70e4ce63895eeff5050a60c23d68c04db3e1bd01bcee7e1d4f5ba0

Request headers

:method
GET
:authority
www.oann.com
:scheme
https
:path
/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:27 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALBTG=TcS59urRbUVbagdaqyLghx9MJpyCGgMMdi5EP5NGZeGnFPpRFxUCXq0T9idt9yqRoCrdKm4g3yoNHr5t+kqB5nYsb+FmoSx7auQv0QmDRbO7CC3BaTMdmdD/PFyg7NZ2dLWn9OH4CnR0OIPiFGf0j1avPF6i/zLNx61IHubGYL9FO3y4W34=; Expires=Sat, 13 Mar 2021 07:40:27 GMT; Path=/ AWSALBTGCORS=TcS59urRbUVbagdaqyLghx9MJpyCGgMMdi5EP5NGZeGnFPpRFxUCXq0T9idt9yqRoCrdKm4g3yoNHr5t+kqB5nYsb+FmoSx7auQv0QmDRbO7CC3BaTMdmdD/PFyg7NZ2dLWn9OH4CnR0OIPiFGf0j1avPF6i/zLNx61IHubGYL9FO3y4W34=; Expires=Sat, 13 Mar 2021 07:40:27 GMT; Path=/; SameSite=None; Secure AWSALB=jYCKXpBZf0ZFxy8AGC39uBTa6fBeGSok5mc+EeQEOhfmtP3xyH2XbaUD6dB8G0r4SA7M2McnW3SE6Xmug4C2ZXrKxUirssL/ZKh4TjUGFh957swj2pZg82cXWPcj; Expires=Sat, 13 Mar 2021 07:40:27 GMT; Path=/ AWSALBCORS=jYCKXpBZf0ZFxy8AGC39uBTa6fBeGSok5mc+EeQEOhfmtP3xyH2XbaUD6dB8G0r4SA7M2McnW3SE6Xmug4C2ZXrKxUirssL/ZKh4TjUGFh957swj2pZg82cXWPcj; Expires=Sat, 13 Mar 2021 07:40:27 GMT; Path=/; SameSite=None; Secure
server
Apache/2.4.46 () PHP/7.4.5
x-powered-by
PHP/7.4.5
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://www.oann.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-98105905-1
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19b6c387b48027f8f914bfa76c6152255e3bebde3f4344444d04e9af2c572f18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39451
x-xss-protection
0
last-modified
Sat, 06 Mar 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Mar 2021 07:40:27 GMT
style.min.css
dzm0ugdauank9.cloudfront.net/wp-includes/css/dist/block-library/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:30:09 GMT
content-encoding
gzip
age
799818
x-cache
Hit from cloudfront
content-length
7855
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Dec 2020 04:42:30 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"c8e9-5b79304af5420-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
dpEnrJfvPFM8ek0QD82G4rRfojhF-MyzAsBG1UWOyqAFwT2iYdaGcA==
expires
Fri, 25 Feb 2022 01:30:09 GMT
wpa-style.css
dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/css/wpa-style.css?ver=5.6.2
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
2878b0331a62abfe17a83b7f7bfcfdaa940aa542eac35eff3f9d19af68bdb9a0

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:30:09 GMT
content-encoding
gzip
age
799818
x-cache
Hit from cloudfront
content-length
842
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Feb 2021 00:23:43 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"a46-5badc4c91ac60-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
OpGoqJ2FDTdgyePTjkFmEbXBxMHb-8RDPUxMvlhDEhMBMF8SpVuwCA==
expires
Fri, 25 Feb 2022 01:30:09 GMT
frontend.min.css
dzm0ugdauank9.cloudfront.net/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.min.css?ver=6.6.2
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.11 /
Resource Hash
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:56:56 GMT
content-encoding
gzip
age
798211
x-cache
Hit from cloudfront
content-length
820
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 22:53:51 GMT
server
Apache/2.4.46 () PHP/7.4.11
etag
"1c68-5bc08cac2d258-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
5rPaeOrH-xAre3t0V9r-fvKqurCkZQHMh04T7GK7iKGegHXQBfpDuA==
expires
Fri, 25 Feb 2022 01:56:56 GMT
style.css
dzm0ugdauank9.cloudfront.net/wp-content/themes/mh_newsdesk/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/themes/mh_newsdesk/style.css?ver=1.0.2
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.11 /
Resource Hash
d82efa509f154d1fdc5cb2e1c357964aca8cd3cba871ed300aef074bfe955115

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:30:09 GMT
content-encoding
gzip
age
799818
x-cache
Hit from cloudfront
content-length
7881
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Feb 2021 00:45:08 GMT
server
Apache/2.4.46 () PHP/7.4.11
etag
"8f2d-5badc9924fd98-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
tws23Pv6xCcoDJt7ID3IEjYySDOXX4GCqRZShfrAM0hjPha6OL5QGg==
expires
Fri, 25 Feb 2022 01:30:09 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
149647
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5442
cf-request-id
08a814182e0000d6dd4003f000000001
timing-allow-origin
*
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
server
cloudflare
etag
"1544639719"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62b9efa04b2ad6dd-FRA
css
fonts.googleapis.com/ 		10 KB
872 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif:300,400,400italic,600,700|Oswald:300,400,400italic,600,700
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9479d4a7e784576b492462479316c21df3c761c36c67a99320d3684b10716c0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 06 Mar 2021 07:10:43 GMT
server
ESF
date
Sat, 06 Mar 2021 07:40:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Mar 2021 07:40:27 GMT
frontend-gtag.min.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=6.6.2
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
0a1fc524469c189ab3ef5bb0fd741d4ca4b9397535b88666e87b412fb78cb4f1

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:56:56 GMT
content-encoding
gzip
age
798211
x-cache
Hit from cloudfront
content-length
2796
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 22:53:51 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"2399-5bc08cac61648-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
2VnoiVpQsDcs5TL4Ayorr6tc4whEx7Lna9sNfyIIva1vw6tZgacfZw==
expires
Fri, 25 Feb 2022 01:56:56 GMT
jquery.min.js
dzm0ugdauank9.cloudfront.net/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.11 /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:30:09 GMT
content-encoding
gzip
age
799818
x-cache
Hit from cloudfront
content-length
30916
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Dec 2020 04:42:36 GMT
server
Apache/2.4.46 () PHP/7.4.11
etag
"15d98-5b793051205c0-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
Ril7EiZ3tarkO5sixELExYYneQn-A-EKbdQj6jUlmOIAc5c2sGSA3Q==
expires
Fri, 25 Feb 2022 01:30:09 GMT
jquery-migrate.min.js
dzm0ugdauank9.cloudfront.net/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.11 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:30:09 GMT
content-encoding
gzip
age
799818
x-cache
Hit from cloudfront
content-length
4169
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Dec 2020 04:42:36 GMT
server
Apache/2.4.46 () PHP/7.4.11
etag
"2bd8-5b7930512b970-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
e4eT0VgVeUctWK2cRKpsUtjYEOAKeEeVWaQKvEFR1ukLj7lCg7N9jA==
expires
Fri, 25 Feb 2022 01:30:09 GMT
gtm4wp-form-move-tracker.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/duracelltomi-google-tag-manager/js/ 		1 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.11.6
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:30:09 GMT
content-encoding
gzip
age
799818
x-cache
Hit from cloudfront
content-length
335
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Nov 2020 18:10:15 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"5cf-5b4ca1b29dc78-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
CsJT2YScUL8T-pHVrGWzKIxDvRkrVNVu6gNbQKZFdL4M-0Q-dOIZ0w==
expires
Fri, 25 Feb 2022 01:30:09 GMT
scripts.js
dzm0ugdauank9.cloudfront.net/wp-content/themes/mh_newsdesk/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/themes/mh_newsdesk/js/scripts.js?ver=5.6.2
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.11 /
Resource Hash
2f325ae6eba35146be280cb1b42f68dda3d172bc2e0213ac9c35c4452dad1317

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:09:56 GMT
content-encoding
gzip
age
801031
x-cache
Hit from cloudfront
content-length
5811
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jun 2020 14:47:31 GMT
server
Apache/2.4.46 () PHP/7.4.11
etag
"3a3c-5a7d00a549200-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
3ixzEbrQ1NmaD0ABZ26jT4C2wkNBqd3r78zV8-IZBZyfMZv30nLw4g==
expires
Fri, 25 Feb 2022 01:09:56 GMT
qfycdXMQ-fQdxgz20.js
content.jwplatform.com/players/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/players/qfycdXMQ-fQdxgz20.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:f000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:25 GMT
content-encoding
gzip
server
openresty
age
2
x-cache
Error from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
ZAG50-C1
content-length
240
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-amz-cf-id
jGIa9ZTG64I5fX31CHCT3W54_NHjDYBSw73OUAuXvv5boUL-G1eUDw==
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bf03ee51bc597e3bc10b8aa8f07d1a68139e08bb26adc5be4466e6480b5fe3d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.oann.com
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
hQvdB+AAeE74d2BYUW1ZRA==
cross-origin-resource-policy
cross-origin
expires
Sat, 06 Mar 2021 07:51:30 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
x-fb-rlafr
0
x-fb-debug
/6QQJRgeVyLaC9R1FYKujF+GLTOS6oagexFhp4TjqD4jj8W3KYVonYcM8aEhSzMhKm2d7HdVih4NwWq8DvxIAQ==
x-fb-trip-id
917726464
x-fb-content-md5
82da84759bb91cd24cd98f616fd8a291
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 06 Mar 2021 07:40:27 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag
"67ee3ed6d79725082e5d6e744f522819"
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
OANtoplogo.jpg
d2pggiv3o55wnc.cloudfront.net/oann/wp-content/uploads/2019/10/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2pggiv3o55wnc.cloudfront.net/oann/wp-content/uploads/2019/10/OANtoplogo.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.23.145 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c6fd8717d86c8dfe9a40fdc7b86770c0581553efebc75894fa8cf9f2bc501d6

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Sep 2020 00:42:06 GMT
Via
1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 03 Oct 2019 22:57:13 GMT
Server
AmazonS3
Age
13676302
ETag
"6ded9aebb726b3af88e73cf871822bac"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
56130
X-Amz-Cf-Id
XG8XqCPbHRV4PbplAxI8hvr1hwWotHuMpMXqZm_WKrLotxUorf1AeQ==
Expires
Fri, 02 Oct 2020 22:57:12 GMT
KlowdTV-top-banner-2.jpg
www.oann.com/images/ 		74 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oann.com/images/KlowdTV-top-banner-2.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:adc:8703:1672:d163:3a9e:5b14 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
bde02ae501da9b3a9d23abd317e2d6730aa840c244fb7bb25b9a6774528ede44

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:27 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 05 Jan 2021 17:32:06 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"129f6-5b82a95df2a28"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
76278
expires
Sun, 06 Mar 2022 07:40:27 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98105905-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
5871
date
Sat, 06 Mar 2021 06:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sat, 06 Mar 2021 08:02:36 GMT
headerbid.js
served-by.pixfuture.com/www/delivery/ 		973 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
d490f2efc64637640a21c5282a89dd22344e58974641bc7bbbfa4c7e4dc8648e

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:40:28 GMT
Last-Modified
Tue, 02 Mar 2021 20:36:48 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"603ea1e0-3cd"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800, public, no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
973
Expires
Mon, 08 Mar 2021 07:40:28 GMT
howtohelp2.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/02/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/02/howtohelp2.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.11 /
Resource Hash
4d709a0ccf31245d508c57e5af7011c52f2f43cb75a55a9c9b53e371a3485066

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:51:49 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
age
798518
x-cache
Hit from cloudfront
content-length
60169
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 16:09:49 GMT
server
Apache/2.4.46 () PHP/7.4.11
etag
"eb09-5bc0325d7d5b8"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
RBRmvKhcL-UWn3pAdZUqSquPoXo4PssWsyHRoToEpKpwC0okpaRObw==
expires
Fri, 25 Feb 2022 01:51:49 GMT
ListenToOAN.jpg
www.oann.com/images/pdcst/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oann.com/images/pdcst/ListenToOAN.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:adc:8703:1672:d163:3a9e:5b14 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
c96c898bbbc607a70dbc662fea01d51db64b45771b963f7713ba67cd2f3d8472

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:27 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Jan 2021 22:01:05 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"18be2-5b856938ea290"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
101346
expires
Sun, 06 Mar 2022 07:40:27 GMT
longdesc.button.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/longdesc.button.js?ver=1.0
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
17acf490bf92b3021e7d0de1c552218a0b4423bffabefa072fea63f35cbb89db

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:11:35 GMT
content-encoding
gzip
age
800932
x-cache
Hit from cloudfront
content-length
744
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Feb 2021 00:23:43 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"9bf-5badc4c935a10-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
tPrY3LF1xxXCnUZO1tME_KQwII_4urtsZX77K46IbbU66e3mtwYK0w==
expires
Fri, 25 Feb 2022 01:11:35 GMT
current-menu-item.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/ 		138 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/current-menu-item.js?ver=1.0
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
b97e05411def19f898ee5b52a8241d47780894133d4176dbafd074fbc9f90af6

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:11:34 GMT
content-encoding
gzip
age
800932
x-cache
Hit from cloudfront
content-length
121
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Feb 2021 00:23:43 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"8a-5badc4c93d710-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
D7jcVt3bGwcmw8QmSMpDtsuEbG2dcIZV-qCdQmu1OChjLfO_Um4Zrg==
expires
Fri, 25 Feb 2022 01:11:34 GMT
wp-embed.min.js
dzm0ugdauank9.cloudfront.net/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-includes/js/wp-embed.min.js?ver=5.6.2
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.11 /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:30:10 GMT
content-encoding
gzip
age
799817
x-cache
Hit from cloudfront
content-length
765
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Feb 2021 00:29:08 GMT
server
Apache/2.4.46 () PHP/7.4.11
etag
"592-5badc5fefe8f8-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
9CIGudKQxVQRy47AFUov4BCKSTZqyfgOB5zlLAmUd_W_cSuxQntIOA==
expires
Fri, 25 Feb 2022 01:30:09 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6.2
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:27 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3522
etag
W/"29e3b92597e716694def18b1f85abbfb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
62b9efa1c92c4e44-FRA
cf-request-id
08a814191900004e443eb68000000001
expires
Sat, 06 Mar 2021 08:40:27 GMT
qfycdXMQ-fQdxgz20.js
content.jwplatform.com/players/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/players/qfycdXMQ-fQdxgz20.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:f000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:25 GMT
content-encoding
gzip
server
openresty
age
2
x-cache
Error from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
ZAG50-C1
content-length
240
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-amz-cf-id
0izBBOjr55sh0tj-RxGYpkqjan4ftYvVFuUV64wu8PHjowzF84EtgA==
gtm.js
www.googletagmanager.com/ 		72 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NBMK8NJ
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
702fcc2a9725b111636e6efcd6341a2be095863f47e39a6955192bcd533ede5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29089
x-xss-protection
0
last-modified
Sat, 06 Mar 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Mar 2021 07:40:27 GMT
pollembed.js
scripts.poll-maker.com/3012/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.poll-maker.com/3012/pollembed.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b301995ea6cfc1e520a7fdf267e26b60dfa9eaf40c313b236d7db34126027075

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
684298
x-powered-by
ASP.NET
cf-request-id
08a814192700004e80879f7000000001
last-modified
Thu, 19 Sep 2019 01:58:12 GMT
server
cloudflare
etag
W/"ac6b5cb18d6ed51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2XaSu3rx8xzmcipo1ZXJGX4%2F6MyAdnajaPfTyasgW2PAg4%2BYitLkL4kQdqbaJRWM6f7hcm1xkAFXegFA5XrVOSnwc%2F2Zv%2BDzv8SJtwPOPeaqAIa3qHI7%2BksANZhlJWKESoPe"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
62b9efa1db364e80-FRA
background-takeover-plain.jpg
d2pggiv3o55wnc.cloudfront.net/oann/wp-content/uploads/2018/12/ 		215 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2pggiv3o55wnc.cloudfront.net/oann/wp-content/uploads/2018/12/background-takeover-plain.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.23.145 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d837a8bd2d9d0030c7dc50304ecc5f7c83ca5d0992cf58eecd61079d35f83dba

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Feb 2021 00:14:42 GMT
Via
1.1 e4d3109086369a6becda895ae199f9ed.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 04 Dec 2018 16:21:00 GMT
Server
AmazonS3
Age
977146
ETag
"2dc2b57c085e8e5b146b6aa613340775"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
220138
X-Amz-Cf-Id
ncEcF963ARELbWXGJlDh1JKy7sfoHyDVg_xDdHpq1gPvsAh8BxbnWw==
Expires
Wed, 04 Dec 2019 16:20:59 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:300,400,400italic,600,700|Oswald:300,400,400italic,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.oann.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 11:21:24 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 20:31:39 GMT
server
sffe
age
73143
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31676
x-xss-protection
0
expires
Sat, 05 Mar 2022 11:21:24 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v12/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:300,400,400italic,600,700|Oswald:300,400,400italic,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.oann.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 02:32:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:06:03 GMT
server
sffe
age
18487
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32960
x-xss-protection
0
expires
Sun, 06 Mar 2022 02:32:20 GMT
Ukraine-Hoax-373x210.png
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2020/01/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2020/01/Ukraine-Hoax-373x210.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
543c9f28f424d4e9b84bc954b1a2f5b3f033a523e1ba98b7513a7c202183ac7c

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 18:47:38 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
age
46368
x-cache
Hit from cloudfront
content-length
136024
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jun 2020 14:58:48 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"21358-5a7d032a537f0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
IrOeQI6JYZf8znZL5KHIcVC-hTU33DoWNgFlcSKaZF_6FBJoIuXPYQ==
expires
Sat, 05 Mar 2022 18:47:38 GMT
Stephanie-Hamill-In-Focus-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2015/04/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2015/04/Stephanie-Hamill-In-Focus-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
TP-800x450-1-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2015/10/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2015/10/TP-800x450-1-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
trump-int-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2017/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2017/10/trump-int-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.11 /
Resource Hash
68a8ab6242f9056e3cdb04e961e395a8287d2cc1d1867baf86acc8c1a3a9432a

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 18:47:38 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
age
46369
x-cache
Hit from cloudfront
content-length
2993
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Jan 2021 21:38:40 GMT
server
Apache/2.4.46 () PHP/7.4.11
etag
"bb1-5b95bc747fea0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
uc28kPG-IP5GOImi3S_nbJQXjreXSDXBnZ7ce_9Hz7WgtqPfJyNCfg==
expires
Sat, 05 Mar 2022 18:47:38 GMT
GettyImages-1230457865-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/03/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/03/GettyImages-1230457865-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.11 /
Resource Hash
817a2f457779685f0a052a5fc81296161afddf33f5436683320a4a8891f29713

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 02:32:18 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
age
18488
x-cache
Hit from cloudfront
content-length
29831
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 06 Mar 2021 02:24:08 GMT
server
Apache/2.4.46 () PHP/7.4.11
etag
"7487-5bcd4e53ab1d8"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
EvSwkQ-koAwRqmS6e0Pz04bYuE_OumVudoiY3Hu2otaU924UXMZo9A==
expires
Sun, 06 Mar 2022 02:32:18 GMT
2021-02-11T085257Z_1_LYNXMPEH1A0IT_RTROPTP_0_EU-TRADE_1-373x210.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/02/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/02/2021-02-11T085257Z_1_LYNXMPEH1A0IT_RTROPTP_0_EU-TRADE_1-373x210.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
81a2c3ca203e7db165a1553343fa24ca268c73f49f74b5a89e37845a2044c9be

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Feb 2021 18:51:42 GMT
server
Apache/2.4.46 () PHP/7.4.5
x-amz-cf-pop
ZAG50-C1
etag
"5e5e-5bb1402b78578"
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
24158
x-amz-cf-id
Eu7VdF6KCbP_smx8mtXnjUDGMjbQ3cEBjSSNnNfNKOh5wgS79SNVCQ==
expires
Sun, 06 Mar 2022 07:40:28 GMT
2021-02-11T060333Z_1_LYNXMPEH1A0BD_RTROPTP_0_CLIMATE-CHANGE-EU-AVIATION_1-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/02/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/02/2021-02-11T060333Z_1_LYNXMPEH1A0BD_RTROPTP_0_CLIMATE-CHANGE-EU-AVIATION_1-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.11 /
Resource Hash
dfb960708f21dacc14075fc67ea9702df9dd19126dcdd95031511179f449bb1c

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Feb 2021 18:52:23 GMT
server
Apache/2.4.46 () PHP/7.4.11
x-amz-cf-pop
ZAG50-C1
etag
"25b8-5bb1405274cf8"
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9656
x-amz-cf-id
va1vQrI2i0qmOnMaCW6e0E1Zkt5aahzXTpYU_ZtjHj89yQS53tqfmA==
expires
Sun, 06 Mar 2022 07:40:28 GMT
2021-03-05T151634Z_1_LYNXMPEH2410I_RTROPTP_0_BULGARIA-DEFENCE-VEHICLES_1-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/03/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/03/2021-03-05T151634Z_1_LYNXMPEH2410I_RTROPTP_0_BULGARIA-DEFENCE-VEHICLES_1-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.11 /
Resource Hash
76590e3dca8549fbba94ac046a832c4cbb05d87ed23101e620e3e8bf8cfdaaf0

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Mar 2021 17:37:08 GMT
server
Apache/2.4.46 () PHP/7.4.11
x-amz-cf-pop
ZAG50-C1
etag
"29db-5bccd888d5e88"
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
10715
x-amz-cf-id
SpjhFTSoUVh6bseJTJvxzALvYDgu6aoxIDq1C1kJuylklMiD-zVUhA==
expires
Sun, 06 Mar 2022 07:40:28 GMT
2021-03-04T105509Z_1_LYNXMPEH230MJ_RTROPTP_0_CREDIT-SUISSE-GP-GREENSILL_1-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/03/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/03/2021-03-04T105509Z_1_LYNXMPEH230MJ_RTROPTP_0_CREDIT-SUISSE-GP-GREENSILL_1-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.11 /
Resource Hash
1e343b55cfff4d4f8d25584d42aaed0b9845a8cabec3af4d25f9437b2a973dd2

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Mar 2021 19:43:44 GMT
server
Apache/2.4.46 () PHP/7.4.11
x-amz-cf-pop
ZAG50-C1
etag
"2656-5bcbb2f73d1b8"
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9814
x-amz-cf-id
9tzvVEisbNQWPgRmdpzFt40o-4BUQEmyR0P3kHHvozgqlZKNRjRz_g==
expires
Sun, 06 Mar 2022 07:40:28 GMT
2021-02-23T130801Z_1_LYNXMPEH1M0RQ_RTROPTP_0_LEBANON-CRISIS-FUELOIL_1-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/02/2021-02-23T130801Z_1_LYNXMPEH1M0RQ_RTROPTP_0_LEBANON-CRISIS-FUELOIL_1-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
562324b0f9e7647a5fecb2324a86df358afef9bb66336e5ecfab1b12bed8c1c3

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 17:04:01 GMT
server
Apache/2.4.46 () PHP/7.4.5
x-amz-cf-pop
ZAG50-C1
etag
"2b2f-5bc03e7a92cc8"
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11055
x-amz-cf-id
r_M4TxhVuebXQYk5fiyBiThJgEpci_fTLynSV6pKXIXbQUIjNRkUpw==
expires
Sun, 06 Mar 2022 07:40:28 GMT
sdk.js
connect.facebook.net/en_US/ 		197 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=0526278833a35a935dc806f2c7c2a6ab&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
56e6607a3df985b8793d03735651a274da05e3a845fcdd54907a3179be601729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.oann.com
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
O8xTtiUt32Lg5wb0Ij/9Ow==
cross-origin-resource-policy
cross-origin
expires
Sun, 06 Mar 2022 03:43:59 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60548
x-fb-rlafr
0
x-fb-debug
q9I0YWbfTsgsxZB9rBDp6ZxAHfDUhWKcOleHJUhNH67FN5ADmqo2m4B+43/s1u8IlVJXHeUn9Sy/US4fQnLBiw==
x-fb-trip-id
917726464
x-fb-content-md5
74b3cecc85073e7adcac984f95bbf78b
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 06 Mar 2021 07:40:27 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag
"4aa63dfc07a049cd06fa4fda912b89bc"
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
byd-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/03/byd-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
89fe955ebf97a92a0932e49c6c9afb0f0a5c2879b3df8c853393ac8b0e756c4d

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 02:16:38 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
age
19428
x-cache
Hit from cloudfront
content-length
2845
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 06 Mar 2021 02:13:06 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"b1d-5bcd4bdbe4020"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
x54UvN2cqlKIPw7DaVy1nejnRennLXeiIuH2R7gHBgVpWn_qup7oFw==
expires
Sun, 06 Mar 2022 02:16:38 GMT
keating-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/03/keating-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.11 /
Resource Hash
0eb33254aa8a9f54598afdce0e40ff391d031a8dc68606b3c7536875f3e7e9bd

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 01:54:29 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
age
20758
x-cache
Hit from cloudfront
content-length
2964
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 06 Mar 2021 01:28:55 GMT
server
Apache/2.4.46 () PHP/7.4.11
etag
"b94-5bcd41fc758c0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
JBebo3nGAV6OZWNlADXCSD8R47d8sDyNjRpeZUt0uy1pjmLYbm3Zog==
expires
Sun, 06 Mar 2022 01:54:29 GMT
AP21064670030867-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/03/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/03/AP21064670030867-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
63936296619a48a6f9dd7b8e0b69436210c11078007ce8e677979cd31ce78ea8

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 00:08:29 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
age
27118
x-cache
Hit from cloudfront
content-length
8632
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Mar 2021 23:46:06 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"21b8-5bcd2b01572d8"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
Yn36CTIkugRgFLOUaY8e43w6RIRgVee7hJS4zYTPfE1h9O-WeisJMQ==
expires
Sun, 06 Mar 2022 00:08:29 GMT
GettyImages-1305556307-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/03/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/03/GettyImages-1305556307-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:2c00:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
a89080d240a1758a65d4d23d28e52f668a623ae77e77c080dc0948bacdf9ab4d

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 04:17:32 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
age
12175
x-cache
Hit from cloudfront
content-length
16180
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 06 Mar 2021 04:06:13 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"3f34-5bcd652503648"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
4Iu6tOUh7JLtU1g4hDMOLnRM9lTSt55fdKS8hAEqmkcDHAqOMRhhsg==
expires
Sun, 06 Mar 2022 04:17:32 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4555f5d43b753351450e071c5781c07a93ae1b453540e2216ff586135e46f508
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
XuVbPQH8oTOfE3Dfnb5OUw==
cross-origin-resource-policy
cross-origin
expires
Sat, 06 Mar 2021 07:58:59 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-fb-debug
GJOfeh2uvqqEbwUVght/dtUI7OWfullJ6dOJsW2lJ8xu5k4zaPYoNL3iIWJo+owz0BCmGw7hgJnIN2O+i0fehw==
x-fb-trip-id
917726464
x-fb-content-md5
51fee2ba187043d7c70ade5d54c75870
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 06 Mar 2021 07:40:27 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag
"cab07c839b134dda3947a2ed33f96c90"
timing-allow-origin
*
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
collect
www.google-analytics.com/j/ 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=218149172&t=pageview&_s=1&dl=https%3A%2F%2Fwww.oann.com%2Fn-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines%2F&dp=%2F404.html%3Fpage%3D%2Fn-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines%2F%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20One%20America%20News%20Network&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=592658133&gjid=635710999&cid=1354547883.1615016428&tid=UA-98105905-1&_gid=1147523555.1615016428&_r=1&did=dNDMyYj&gtm=2ou2o0&z=1877463085
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
oneamericanewsnetwork.js
cdn1.lockerdomecdn.com/embeds/ 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/oneamericanewsnetwork.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMK8NJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4c20c6241b20bd6306c1cdbee778ee4b344680934744710e0c1639361e6ac07f

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:27 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 17:10:03 GMT
server
nginx
etag
W/"e140bddf249fc3e75b62a6c648f0a880"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
1284
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMK8NJ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fabba7a4de8cb2e8c7d7b0ae53a371cf2c663c0a941425552bc15a7e30d417a

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
62b9efa2a9770742-FRA
date
Sat, 06 Mar 2021 07:40:27 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 02 Mar 2021 07:03:02 GMT
server
cloudflare
age
10738
etag
W/"b5d-5bc8853434c25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
cf-request-id
08a81419aa0000074235341000000001
expires
Sat, 06 Mar 2021 05:41:29 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		140 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMK8NJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50479
x-xss-protection
0
server
cafe
etag
13215137272821469477
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 06 Mar 2021 07:40:27 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-98105905-1&cid=1354547883.1615016428&jid=592658133&gjid=635710999&_gid=1147523555.1615016428&_u=IEBAAUAAAAAAAC~&z=659319876
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 06 Mar 2021 07:40:27 GMT
content-type
text/plain
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ice.js
resources.infolinks.com/js/1734.027-3.011.ab.1735.003-3.012/ 		586 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1734.027-3.011.ab.1735.003-3.012/ice.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae61c3aefc698f6a628f150f210bad9caef45b0d2b431401287e0836be7d0d05

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
62b9efa2e9a80742-FRA
date
Sat, 06 Mar 2021 07:40:27 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 01 Mar 2021 11:44:57 GMT
server
cloudflare
age
10722
etag
W/"92906-5bc7825a20096"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
cf-request-id
08a81419cc0000074243a4b000000001
expires
Mon, 05 Apr 2021 04:41:45 GMT
pbice.js
resources.infolinks.com/js/pbice/3.011/ 		247 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/pbice/3.011/pbice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1734.027-3.011.ab.1735.003-3.012/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe995e4a77e0247cc060ddf1418dce41f899f5e06b83d096c797c7c47b32c70b

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
62b9efa35a310742-FRA
date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 19 Jan 2021 10:12:08 GMT
server
cloudflare
age
10739
etag
W/"3db96-5b93e12351505"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
cf-request-id
08a8141a180000074237b31000000001
expires
Mon, 05 Apr 2021 04:41:29 GMT
manage
router.infolinks.com/usync/ Frame DBAE 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1734.027-3.011.ab.1735.003-3.012/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a771df1440af0eed3cbf20c50769a0fda215b50666ade95d57b9bc95cda35c24

Request headers

:method
GET
:authority
router.infolinks.com
:scheme
https
:path
/usync/manage?pid=3311725&wsid=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/

Response headers

date
Sat, 06 Mar 2021 07:40:28 GMT
content-type
text/html;charset=UTF-8
set-cookie
__cfduid=d12ec2c453527b048bb0c6c7bc1490f861615016428; expires=Mon, 05-Apr-21 07:40:28 GMT; path=/; domain=.infolinks.com; HttpOnly; SameSite=Lax
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08a8141a30000007420d2b4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62b9efa37a680742-FRA
content-encoding
gzip
lcmanage
router.infolinks.com/usync/ 		0
78 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3311725&wsid=0
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1734.027-3.011.ab.1735.003-3.012/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
62b9efa38a6b0742-FRA
content-length
0
cf-request-id
08a8141a360000074234263000000001
hb_v2.js
cdn.pixfuture.com/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/hb_v2.js
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
478becbf54075379f667b0ecf1af653ffd698879890d4211cca8cfe73dd4e586

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 04 Mar 2021 16:41:32 GMT
server
cloudflare
etag
W/"60410dbc-665a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g1WHhUbmPE63CY%2BBC23SN6Eoh3zQ%2BwLe1VcggZnA77NmcmiPk%2FsTMiGI3wZ7tT1byf8DhjERDYhOZ3RtutCqGt5r40NJ7kDnWXLu06NcT7zVxpiamndgZsIGLUDK0g%3D%3D"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public, no-transform
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
62b9efa3dfbb96a4-FRA
cf-request-id
08a8141a64000096a473232000000001
expires
Mon, 08 Mar 2021 07:40:28 GMT
usync.html
eus.rubiconproject.com/ Frame 101D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=infolinks&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://router.infolinks.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://router.infolinks.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Mar 2021 07:40:28 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Date
Sat, 06 Mar 2021 07:40:28 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
de.tynt.com/deb/ Frame 55E0 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.183 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip183.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://router.infolinks.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://router.infolinks.com/

Response headers

cache-control
max-age=86400
expires
Sun, 07 Mar 2021 07:40:28 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Sat, 06 Mar 2021 07:40:28 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 8639
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7ed2da08ad214b0da61050d4da8d4d17334fdcac1dc2c31dade9fa01d2727f5f

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://router.infolinks.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YEMx7A1ODSOl1F0nUEgKkgAA; CMPS=5182
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://router.infolinks.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|45|241|156|40|206|81
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1701
Expires
Sat, 06 Mar 2021 07:40:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
Connection
keep-alive
Set-Cookie
CMID=YEMx7A1ODSOl1F0nUEgKkgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 06 Mar 2022 07:40:28 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 04 Jun 2021 07:40:28 GMT CMPRO=1214;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 04 Jun 2021 07:40:28 GMT CMRUM3=2d604331ec05a0&e6604331ec27600&51604331ec05a0&28604331ec05a00&f1604331ec05a00&9c604331ec05a00&27604331ec0b40&ce604331ec05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 06 Mar 2022 07:40:28 GMT CMST=YEMx7GBDMewA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 07 Mar 2021 07:40:28 GMT

Redirect headers

Server
Apache
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 06 Mar 2021 07:40:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
Connection
keep-alive
Set-Cookie
CMID=YEMx7A1ODSOl1F0nUEgKkgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 06 Mar 2022 07:40:28 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 04 Jun 2021 07:40:28 GMT
/
onetag-sys.com/usync/ Frame 1E8E 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=598ce3ddaee8c90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://router.infolinks.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://router.infolinks.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
apn-usync
router.infolinks.com/dyn/ Frame DBAE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=7457235993791174996
35 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=7457235993791174996
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62b9efa4ec260742-FRA
content-length
35
cf-request-id
08a8141b12000007420d2c0000000001
expires
Fri, 06 Mar 2020 07:40:28 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid
efd85e5b-210f-44f4-a848-861fd3cd8945
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://router.infolinks.com/dyn/apn-usync?user_id=7457235993791174996
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
r1-usync
router.infolinks.com/dyn/ Frame DBAE
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5386363205
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5386363205
  • https://sync.1rx.io/usersync/tradedesk/b38316c3-be8c-4be2-9d02-3a9e5fc27f23
  • https://sync.targeting.unrulymedia.com/csync/RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003
35 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62b9efa5fd800742-FRA
content-length
35
cf-request-id
08a8141bb7000007424037b000000001
expires
Fri, 06 Mar 2020 07:40:28 GMT

Redirect headers

Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
Tengine
ETag
RX546fd2d0ff4f4bff9e669abec4b75515003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://router.infolinks.com/dyn/r1-usync?uid=RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003
Connection
keep-alive
Content-Type
text/html
/
ssc-cms.33across.com/ps/ Frame DBAE 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
33XP001 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-33x-status
2000208
date
Sat, 06 Mar 2021 07:40:28 GMT
server
33XP001
zmn-usync
router.infolinks.com/dyn/ Frame DBAE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://router.infolinks.com/dyn/zmn-usync?uid=
35 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62b9efa6ae9f0742-FRA
content-length
35
cf-request-id
08a8141c2b0000074205318000000001
expires
Fri, 06 Mar 2020 07:40:28 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
70
Content-Type
text/html; charset=utf-8
us
sync.go.sonobi.com/ Frame DBAE 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/ Frame DBAE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.oann.com%252Fn-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines%252F&pi...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.oann.com%25252Fn-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-follo...
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.oann.com%2Fn-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines%2F&pid=12306&adnxs_uid=9009367346844400815
95 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.oann.com%2Fn-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines%2F&pid=12306&adnxs_uid=9009367346844400815
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.239.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sat, 06 Mar 2021 07:40:28 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Sat, 06 Mar 2021 07:40:28 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.86:80
AN-X-Request-Uuid
62a83b3c-d7ac-434b-aa11-be9c55170103
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.oann.com%2Fn-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines%2F&pid=12306&adnxs_uid=9009367346844400815
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
dsp.adkernel.com/ Frame DBAE 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
outh-usync
router.infolinks.com/dyn/ Frame DBAE
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP38a2ee60-7e4f-11eb-bc23-02ae808367ac
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP38a2ee60-7e4f-11eb-bc23-02ae808367ac&verify=true
  • https://router.infolinks.com/dyn/outh-usync?uid=y-KQfh4.V1l2bk.NRHtjrarmIFlF7iSL2W~UP38a2ee60-7e4f-11eb-bc23-02ae808367ac
35 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-KQfh4.V1l2bk.NRHtjrarmIFlF7iSL2W~UP38a2ee60-7e4f-11eb-bc23-02ae808367ac
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62b9efa54ccd0742-FRA
content-length
35
cf-request-id
08a8141b520000074265bf3000000001
expires
Fri, 06 Mar 2020 07:40:28 GMT

Redirect headers

Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://router.infolinks.com/dyn/outh-usync?uid=y-KQfh4.V1l2bk.NRHtjrarmIFlF7iSL2W~UP38a2ee60-7e4f-11eb-bc23-02ae808367ac
Connection
keep-alive
Content-Length
0
sovrn-usync
router.infolinks.com/dyn/ Frame DBAE
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
  • https://router.infolinks.com/dyn/sovrn-usync?uid=3acca5fb689bb2c977cd6d9b
35 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=3acca5fb689bb2c977cd6d9b
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62b9efa4dc160742-FRA
content-length
35
cf-request-id
08a8141b0b000007423a86b000000001
expires
Fri, 06 Mar 2020 07:40:28 GMT

Redirect headers

Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
nginx
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=3acca5fb689bb2c977cd6d9b
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pbm-usync
router.infolinks.com/dyn/ Frame DBAE
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzMxNEZDRTAtNjU3Mi00QTJDLTgyQzYtNDdBMjAxMTA1QzND&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
  • https://router.infolinks.com/dyn/pbm-usync?uid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
0
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
62b9efa5fd830742-FRA
content-length
0
cf-request-id
08a8141bb700000742540f1000000001
expires
Fri, 06 Mar 2020 07:40:28 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/pbm-usync?uid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
Date
Sat, 06 Mar 2021 07:40:28 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
403
Content-Type
text/html; charset=iso-8859-1
pbm-usync
router.infolinks.com/dyn/ Frame DBAE
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkE5NEVCMEQtMThGRS00RUM2LUJBQjktNkJBMTg2NUU0QjA0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
  • https://router.infolinks.com/dyn/pbm-usync?uid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
62b9efa5fd7d0742-FRA
content-length
0
cf-request-id
08a8141bb7000007420fbdc000000001
expires
Fri, 06 Mar 2020 07:40:28 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/pbm-usync?uid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
Date
Sat, 06 Mar 2021 07:40:28 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
403
Content-Type
text/html; charset=iso-8859-1
bizzc-usync
router.infolinks.com/dyn/ Frame DBAE
Redirect Chain
  • https://us.ck-ie.com/nfol263.gif?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fbizzc-usync%3Fuid%3D%7B%24PARTNER_UID%7D
  • https://router.infolinks.com/dyn/bizzc-usync?uid=91a78059df4af410b204bab20c69af25c820bdddeb6952159a5a4c5b25e3d7fa
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/bizzc-usync?uid=91a78059df4af410b204bab20c69af25c820bdddeb6952159a5a4c5b25e3d7fa
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62b9efa77f800742-FRA
content-length
35
cf-request-id
08a8141caa00000742fda9e000000001
expires
Fri, 06 Mar 2020 07:40:28 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://router.infolinks.com/dyn/bizzc-usync?uid=91a78059df4af410b204bab20c69af25c820bdddeb6952159a5a4c5b25e3d7fa
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
iq-usync
router.infolinks.com/dyn/ Frame DBAE 		0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/iq-usync
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
62b9efa59d120742-FRA
content-length
0
cf-request-id
08a8141b80000007422fbc8000000001
zeta-usync
router.infolinks.com/dyn/ Frame DBAE
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=1871316018058183234
35 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=1871316018058183234
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62b9efa62dc60742-FRA
content-length
35
cf-request-id
08a8141bda0000074205312000000001
expires
Fri, 06 Mar 2020 07:40:28 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=1871316018058183234
Server
Jetty(9.0.6.v20130930)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sx-usync
router.infolinks.com/dyn/ Frame DBAE
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=38c4f5e0-7e4f-11eb-90e3-11482f422c06
  • https://router.infolinks.com/dyn/sx-usync?uid=38c4f5ab-7e4f-11eb-90e3-11482f422c06
35 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sx-usync?uid=38c4f5ab-7e4f-11eb-90e3-11482f422c06
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62b9efa63de40742-FRA
content-length
35
cf-request-id
08a8141be5000007426a96c000000001
expires
Fri, 06 Mar 2020 07:40:28 GMT

Redirect headers

Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
nginx
Location
https://router.infolinks.com/dyn/sx-usync?uid=38c4f5ab-7e4f-11eb-90e3-11482f422c06
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
72
Connection
keep-alive
Content-Length
0
VR-usync
router.infolinks.com/dyn/ Frame DBAE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58422/occ
  • https://router.infolinks.com/dyn/VR-usync?uid=y-W1Pd1sZ1l2ac4xKoTDOMRyPw3HU4mMXkTjPekhE-
35 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/VR-usync?uid=y-W1Pd1sZ1l2ac4xKoTDOMRyPw3HU4mMXkTjPekhE-
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62b9efa6ced00742-FRA
content-length
35
cf-request-id
08a8141c41000007426a972000000001
expires
Fri, 06 Mar 2020 07:40:28 GMT

Redirect headers

Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://router.infolinks.com/dyn/VR-usync?uid=y-W1Pd1sZ1l2ac4xKoTDOMRyPw3HU4mMXkTjPekhE-
Connection
keep-alive
Content-Length
0
pbix.js
cdn.pixfuture.com/ 		363 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pbix.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a7aea6e614acb9166508ed9172b92f4c754a16584e73627328977cacdb14211

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 01 Mar 2021 19:36:01 GMT
server
cloudflare
etag
W/"603d4221-5aada"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rKhF6e9LOfqFlBYBV5tfQ7HL15ap2AnLuYa%2BFPLtVguazkzeO%2F7XZj1y%2B%2BXSNNSOkRytAb4K7ry1IpgeOvNbr%2F66%2Bsaao633ubR8VSZT6fzWVi1QCuEhz%2B%2BfJG%2FyHQ%3D%3D"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public, no-transform
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
62b9efa47fd196a4-FRA
cf-request-id
08a8141ac9000096a48789a000000001
expires
Mon, 08 Mar 2021 07:40:28 GMT
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=25449x300x250x4195x_ADSLOT1&keywords=page,not,found,one,america,news,network&refUrl=&refresh=false&innerWidth=1600&jscookie=logglytrackingsession=1481c829-252d-4eee-9552-02cebd0dd8cd;%20_ga=GA1.2.1354547883.1615016428;%20_gid=GA1.2.1147523555.1615016428;%20_gat_gtag_UA_98105905_1=1;%20AWSALBTG=Rx0lMPaprk+99WwyBVeq6qq+DQ18Zeahc/4BXr9d8ScTXSeDxjmkv18l2wB4zlWRI/hJUXGVm7w3UtCB3MHdDxcgBcAcf1rcvxfqYuQk8yF1OvtTllM1v2mwaAYVu5kchDo+Fx273koEw9wF7J7jyVBSsMHeVE/gAcqCTjYE/HDht4Q2r1c=;%20AWSALBTGCORS=Rx0lMPaprk+99WwyBVeq6qq+DQ18Zeahc/4BXr9d8ScTXSeDxjmkv18l2wB4zlWRI/hJUXGVm7w3UtCB3MHdDxcgBcAcf1rcvxfqYuQk8yF1OvtTllM1v2mwaAYVu5kchDo+Fx273koEw9wF7J7jyVBSsMHeVE/gAcqCTjYE/HDht4Q2r1c=;%20AWSALB=m85UZiInBz987EIiUu7V5ibQU59GxKLTgJiDTpsMW5LIiFWqxwIK7KwMhu1YTXCls8izq5E3cI0gs11dpj6THhrZzs87NX5JbMtVq+pI4l4JdyCJ08oaoFm3ZIYd;%20AWSALBCORS=m85UZiInBz987EIiUu7V5ibQU59GxKLTgJiDTpsMW5LIiFWqxwIK7KwMhu1YTXCls8izq5E3cI0gs11dpj6THhrZzs87NX5JbMtVq+pI4l4JdyCJ08oaoFm3ZIYd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
35f3fd22493510a2cec28708322eb76b333ee9633420e347d497360e1bb55bbc

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
nginx/1.10.3 (Ubuntu)
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800, public, no-transform
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Mon, 08 Mar 2021 07:40:28 GMT
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24699x320x50x4195x_ADSLOT1&keywords=page,not,found,one,america,news,network&refUrl=&refresh=false&innerWidth=1600&jscookie=logglytrackingsession=1481c829-252d-4eee-9552-02cebd0dd8cd;%20_ga=GA1.2.1354547883.1615016428;%20_gid=GA1.2.1147523555.1615016428;%20_gat_gtag_UA_98105905_1=1;%20AWSALBTG=Rx0lMPaprk+99WwyBVeq6qq+DQ18Zeahc/4BXr9d8ScTXSeDxjmkv18l2wB4zlWRI/hJUXGVm7w3UtCB3MHdDxcgBcAcf1rcvxfqYuQk8yF1OvtTllM1v2mwaAYVu5kchDo+Fx273koEw9wF7J7jyVBSsMHeVE/gAcqCTjYE/HDht4Q2r1c=;%20AWSALBTGCORS=Rx0lMPaprk+99WwyBVeq6qq+DQ18Zeahc/4BXr9d8ScTXSeDxjmkv18l2wB4zlWRI/hJUXGVm7w3UtCB3MHdDxcgBcAcf1rcvxfqYuQk8yF1OvtTllM1v2mwaAYVu5kchDo+Fx273koEw9wF7J7jyVBSsMHeVE/gAcqCTjYE/HDht4Q2r1c=;%20AWSALB=m85UZiInBz987EIiUu7V5ibQU59GxKLTgJiDTpsMW5LIiFWqxwIK7KwMhu1YTXCls8izq5E3cI0gs11dpj6THhrZzs87NX5JbMtVq+pI4l4JdyCJ08oaoFm3ZIYd;%20AWSALBCORS=m85UZiInBz987EIiUu7V5ibQU59GxKLTgJiDTpsMW5LIiFWqxwIK7KwMhu1YTXCls8izq5E3cI0gs11dpj6THhrZzs87NX5JbMtVq+pI4l4JdyCJ08oaoFm3ZIYd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
47a0021f9e8dce6c0ed907d2032bbad360a3b870cd3cd99975d38f5552b0faae

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
nginx/1.10.3 (Ubuntu)
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800, public, no-transform
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Mon, 08 Mar 2021 07:40:28 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8639
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEIDQRlXybrOqBPBtiEXyKec&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEIDQRlXybrOqBPBtiEXyKec&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 06 Mar 2021 07:40:28 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEIDQRlXybrOqBPBtiEXyKec&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8639 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=YEMx7A1ODSOl1F0nUEgKkgAA&gdpr=1&cm_dsp_id=39
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.114.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-114-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 8639
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YEMx7A1ODSOl1F0nUEgKkgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAZjBDp28RJWtCvXRvZgILM&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAZjBDp28RJWtCvXRvZgILM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 06 Mar 2021 07:40:28 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAZjBDp28RJWtCvXRvZgILM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8639
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cookiesync
bttrack.com/pixel/ Frame 8639 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:17 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8639
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB
43 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YEMx7A1ODSOl1F0nUEgKkgAABL4AAAAB
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 8639
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=zHBegslxD9LXdA6FwnhHiZl1U4XXdg7Um3CaAB33
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=zHBegslxD9LXdA6FwnhHiZl1U4XXdg7Um3CaAB33
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 06 Mar 2021 07:40:28 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=zHBegslxD9LXdA6FwnhHiZl1U4XXdg7Um3CaAB33
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ix-usync
router.infolinks.com/dyn/ Frame 8639 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=YEMx7A1ODSOl1F0nUEgKkgAA%261214
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62b9efa4fc310742-FRA
content-length
35
cf-request-id
08a8141b1a000007420632e000000001
expires
Fri, 06 Mar 2020 07:40:28 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 3B53
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.167.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b1e714cacd64d510c4f6a5fce9333a7e5c547daf0113944c6ddb25a041331570

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum-sec.casalemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=f571fe4b-9a2e-410a-acb4-9d9b021cfe4c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Sat, 06 Mar 2021 07:40:28 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sat, 06 Mar 2021 07:40:28 GMT
pragma
no-cache

Redirect headers

date
Sat, 06 Mar 2021 07:40:28 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=f571fe4b-9a2e-410a-acb4-9d9b021cfe4c; Path=/; Domain=eqads.com; Expires=Sun, 06 Jun 2021 07:40:28 GMT; Secure; SameSite=None
usync.js
eus.rubiconproject.com/ Frame 101D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:40:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30666
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9309
Expires
Sat, 06 Mar 2021 16:11:34 GMT
khaos.jpg
token.rubiconproject.com/ Frame 101D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.oann.com%2F&domain=www.oann.com&cw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.oann.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.oann.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1425
date
Sat, 06 Mar 2021 07:40:28 GMT
content-encoding
gzip
vary
Accept-Encoding
pixfuture
pixfuture.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pixfuture.technoratimedia.com/openrtb/bids/pixfuture?src=prebid_prebid_4.26.0
Protocol
H2
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.oann.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 06 Mar 2021 07:40:28 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
152489444
age
0
via
1.1 varnish
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.oann.com%2F&domain=www.oann.com&cw=1
  • https://mug.criteo.com/sid?cpp=TLQ0jHxXM0NjNER0Yms1cnlycHpvMkY1UWVZNVQ3NXdEaXd4ZzVvMnNxd1VDRi8xb2YyWGd6TnA0WVhrQ3gvdGRteGkvNmYwWjZiZUp1Y2VKZ2tLQmlJL2ZNVVlyYzFCZFpUS2x3S0IwNEd1bDZLMmtSY1lBeWMweUxnal...
352 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TLQ0jHxXM0NjNER0Yms1cnlycHpvMkY1UWVZNVQ3NXdEaXd4ZzVvMnNxd1VDRi8xb2YyWGd6TnA0WVhrQ3gvdGRteGkvNmYwWjZiZUp1Y2VKZ2tLQmlJL2ZNVVlyYzFCZFpUS2x3S0IwNEd1bDZLMmtSY1lBeWMweUxnalpjdkRyTkV5ZmlSakZsbUtyTzQwOGRCNlVJcWExOGF0S0FFVEwyMDhaNlp3YnZ3TjdRZlJzbFJKbVJVYU1jOWJudzlkVGwvaGZkY2VXdlR4L09xVE9KMVQrUFpVSGJmRzJGV1M3UGx0dHRlY2Q0ZURneUNNPXw&cppv=2
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
969759485872387d62513332cd0a0619407cf99f5d34180fb0f2ab4bac77fc96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 06 Mar 2021 07:40:28 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2147
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 06 Mar 2021 07:40:28 GMT
location
https://mug.criteo.com/sid?cpp=TLQ0jHxXM0NjNER0Yms1cnlycHpvMkY1UWVZNVQ3NXdEaXd4ZzVvMnNxd1VDRi8xb2YyWGd6TnA0WVhrQ3gvdGRteGkvNmYwWjZiZUp1Y2VKZ2tLQmlJL2ZNVVlyYzFCZFpUS2x3S0IwNEd1bDZLMmtSY1lBeWMweUxnalpjdkRyTkV5ZmlSakZsbUtyTzQwOGRCNlVJcWExOGF0S0FFVEwyMDhaNlp3YnZ3TjdRZlJzbFJKbVJVYU1jOWJudzlkVGwvaGZkY2VXdlR4L09xVE9KMVQrUFpVSGJmRzJGV1M3UGx0dHRlY2Q0ZURneUNNPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1614
content-length
482
expires
0
v1
prg.smartadserver.com/prebid/ 		1022 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
5b4193177648417e17da707747acda78e90718511762a9e69781fa468c57cc65

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b23%3b120
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.oann.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
pixfuture
pixfuture.technoratimedia.com/openrtb/bids/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture.technoratimedia.com/openrtb/bids/pixfuture?src=prebid_prebid_4.26.0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Mar 2021 07:40:29 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
150654618
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
98c24d56dfeed6465fbbe7ddc50f13abb54216fb87eab2621db1ea780654ac68
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.73:80
AN-X-Request-Uuid
690e15cb-c7a2-4ede-9c78-f0aec9f7e984
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		65 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.248.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
e78b9e8880c05ff7c2509c05d3cf596650da68062d7dba912805da0f3e1e74e8

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Mar 2021 07:40:28 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
arj
pixfuture2-d.openx.net/w/1.0/ 		172 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.oann.com%2Fn-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a90e7c1b-a239-4269-829f-618185c604f8&nocache=1615016428566&pubcid=c2eb851f-2d7a-4864-9bad-fd8b0dfbfbd6&schain=1.0%2C1!pixfuture.com%2C4195%2C1%2C%2C%2C&aus=320x50&divIds=24699x320x50x4195x_ADSLOT1&auid=540580841&tps=bXlrZXl3b3JkPXBhZ2Usbm90LGZvdW5kLG9uZSxhbWVyaWNhLG5ld3MsbmV0d29yayZteW90aGVya2V5d29yZD1wYWdlLG5vdCxmb3VuZCxvbmUsYW1lcmljYSxuZXdzLG5ldHdvcms%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
b3562502adba80475e10a8ed1e6d3fdc795aa09b0bb83ed02099d6298f2fb69c

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.oann.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oann.com
date
Sat, 06 Mar 2021 07:34:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pixfuture
pixfuture.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pixfuture.technoratimedia.com/openrtb/bids/pixfuture?src=prebid_prebid_4.26.0
Protocol
H2
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.oann.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 06 Mar 2021 07:40:28 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
136770954
age
0
via
1.1 varnish
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.115.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oann.com
date
Sat, 06 Mar 2021 07:40:28 GMT
access-control-allow-credentials
true
vary
Origin
pixfuture
pixfuture.technoratimedia.com/openrtb/bids/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture.technoratimedia.com/openrtb/bids/pixfuture?src=prebid_prebid_4.26.0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Mar 2021 07:40:29 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
160977837
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		65 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.248.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
f5842e3039b52c77a907edb3e4c5702e2819f70353e79834b7bc9afef473bf16

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Mar 2021 07:40:28 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
arj
pixfuture2-d.openx.net/w/1.0/ 		172 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.oann.com%2Fn-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cde6bd79-65ab-4701-bdec-5882a35ccd3d&nocache=1615016428576&pubcid=c2eb851f-2d7a-4864-9bad-fd8b0dfbfbd6&schain=1.0%2C1!pixfuture.com%2C4195%2C1%2C%2C%2C&aus=300x250&divIds=25449x300x250x4195x_ADSLOT1&auid=540580840&tps=bXlrZXl3b3JkPXBhZ2Usbm90LGZvdW5kLG9uZSxhbWVyaWNhLG5ld3MsbmV0d29yayZteW90aGVya2V5d29yZD1wYWdlLG5vdCxmb3VuZCxvbmUsYW1lcmljYSxuZXdzLG5ldHdvcms%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
ebb580b12e94a3d62df495261282c30d367f6d32b8fb754f2cdb16f775898637

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.oann.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
32e566bb817d7840fa6919dbe1179c482ce5e5ff1a451326bc4577ab399a4904
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.50:80
AN-X-Request-Uuid
33d142c7-ebb6-4a22-8ab0-41cc4ae67a15
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		1 KB
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
ee767c06cce5f4e1d52a0d654a509eeca9e8e8d5053c569aeb219814b48d1129

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:28 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b9%3b64
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.oann.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oann.com
date
Sat, 06 Mar 2021 07:34:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TLQ0jHxXM0NjNER0Yms1cnlycHpvMkY1UWVZNVQ3NXdEaXd4ZzVvMnNxd1VDRi8xb2YyWGd6TnA0WVhrQ3gvdGRteGkvNmYwWjZiZUp1Y2VKZ2tLQmlJL2ZNVVlyYzFCZFpUS2x3S0IwNEd1bDZLMmtSY1lBeWMweUxnalpjdkRyTkV5ZmlSakZsbUtyTzQwOGRCNlVJcWExOGF0S0FFVEwyMDhaNlp3YnZ3TjdRZlJzbFJKbVJVYU1jOWJudzlkVGwvaGZkY2VXdlR4L09xVE9KMVQrUFpVSGJmRzJGV1M3UGx0dHRlY2Q0ZURneUNNPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
984
date
Sat, 06 Mar 2021 07:40:28 GMT
content-encoding
gzip
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame 3B53 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=f571fe4b-9a2e-410a-acb4-9d9b021cfe4c&expiration=1622965228
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 06 Mar 2021 07:40:28 GMT
delivery.js
assets.revcontent.com/master/ Frame B4C1 		320 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bc92fd2fcf02ab23bf434d20248d29690b562b406e32cb0888a440774d16fd8

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:29 GMT
content-encoding
gzip
last-modified
Mon, 01 Mar 2021 22:01:44 GMT
server
AmazonS3
x-amz-request-id
C1B0605AC5213154
etag
"920820ccb3600c75c59354aece75e703"
x-hw
1615016429.cds132.fr8.hn,1615016429.cds055.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
88095
x-amz-id-2
JDjT/XdC/u1Fedlff7ltt1cH0pk4UEaQnAujvdXbEywRntRRNwXByCZUMXVuM1TPP8JUzvfI9vY=
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:29 GMT
Server
nginx/1.10.3 (Ubuntu)
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Mon, 08 Mar 2021 07:40:29 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:29 GMT
Server
nginx/1.10.3 (Ubuntu)
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Mon, 08 Mar 2021 07:40:29 GMT
/
trends.revcontent.com/api/demand/ Frame B4C1 		52 B
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=169616
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.76.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.oann.com
date
Sat, 06 Mar 2021 07:40:29 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/ Frame B4C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.76.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.oann.com
date
Sat, 06 Mar 2021 07:40:29 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
generic
trends.revcontent.com/event/ Frame B4C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.76.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.oann.com
date
Sat, 06 Mar 2021 07:40:29 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
/
trends.revcontent.com/api/delivery/ Frame B4C1 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?w=169616&width=300&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.oann.com%2Fn-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines%2F&va=1&time=1615016429451&up=pc&bn=chrome&bv=89
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.76.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
065d06363c755bef9b7937efbf26d933eb1d9bc93ccb5e41bf05971ebe4823af
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:29 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
3246
script.js
d1bvk193qme2fc.cloudfront.net/ Frame B4C1 		110 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bvk193qme2fc.cloudfront.net/script.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4400:19:f03c:7200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
027cdd160b8cd7846376309f6a3f089087d4da7d1fe894dbfb41a7ca682420df

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:31:54 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 16:23:33 GMT
server
AmazonS3
age
517
etag
W/"29a74dafc784a65c2d82f355f88118a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
e2Ozb-feigotnpwCiSWhZUz-O6DjuL5OHmk3EoKEPbt4tcy7IHMbpA==
impression
trends.revcontent.com/event/ Frame B4C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.76.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.oann.com
date
Sat, 06 Mar 2021 07:40:29 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
css2
fonts.googleapis.com/ Frame B4C1 		5 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@300;400;500&display=swap
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ccf31f3d3dc9f78ff922e4b048747936f2335d8103959f13d0ea67212bb4fff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 06 Mar 2021 06:27:50 GMT
server
ESF
date
Sat, 06 Mar 2021 07:40:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Mar 2021 07:40:29 GMT
css2
fonts.googleapis.com/ Frame B4C1 		1 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=PT+Serif&display=swap
Requested by
Host: www.oann.com
URL: https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
12a2477ddcc5a8e47efe6f1ba6ef3b43f9d1296790e643a0c20a7bbfe0083852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 06 Mar 2021 06:43:34 GMT
server
ESF
date
Sat, 06 Mar 2021 07:40:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Mar 2021 07:40:29 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.oann.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Sat, 06 Mar 2021 07:40:29 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/ Frame B4C1 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Mar 2021 07:40:29 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
/
img.revcontent.com/ Frame B4C1 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:30 GMT
last-modified
Wed, 01 Jul 2020 17:13:25 GMT
etag
"1593623605"
x-hw
1615016430.cds128.fr8.hn,1615016430.cds260.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20438
rc-logo.png
cdn.revcontent.com/assets/img/ Frame B4C1 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:30 GMT
last-modified
Fri, 05 Mar 2021 21:30:15 GMT
etag
"1614979815"
x-hw
1615016430.cds131.fr8.hn,1615016430.cds130.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=20
accept-ranges
bytes
content-length
4298
generic
trends.revcontent.com/event/ Frame B4C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.76.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.oann.com
date
Sat, 06 Mar 2021 07:40:30 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
generic
trends.revcontent.com/event/ Frame B4C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.76.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.oann.com
date
Sat, 06 Mar 2021 07:40:30 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
15668969240133101578.jpg
images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ Frame B4C1 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15668969240133101578.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
bf0ecf4878802d7c9bb2c3c3c9c7e53fd12f832257ae8b743087ad88063f608e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:30 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=109;cpu=0;start=2021-03-01T22:02:54.576Z;desc=miss,rtt;dur=0,cloudinary;dur=15;start=2021-03-01T22:02:54.621Z
content-length
15639
last-modified
Mon, 01 Mar 2021 22:02:12 GMT
server
Cloudinary
etag
"c8698cdfd2f610f2ffa7fe4a615eb40e"
vary
Save-Data
x-hw
1615016430.cds101.fr8.hn,1615016430.cds125.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ Frame B4C1 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@300;400;500&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.oann.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 11:21:24 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 20:31:39 GMT
server
sffe
age
73146
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31676
x-xss-protection
0
expires
Sat, 05 Mar 2022 11:21:24 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v12/ Frame B4C1 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Serif&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.oann.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 02:32:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:06:03 GMT
server
sffe
age
18490
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32960
x-xss-protection
0
expires
Sun, 06 Mar 2022 02:32:20 GMT
envelope
api.rlcdn.com/api/identity/ 		44 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Mar 2021 07:40:30 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
rid
match.adsrvr.org/track/ 		108 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.114.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-114-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e8fb26d2655283adfcb14077c9a7a20e719fc0fb14a898a41606c0923b61c50f

Request headers

Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Mar 2021 07:40:30 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oann.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Mon, 05 Apr 2021 07:40:30 GMT
CookieSyncV.html
csync.smartadserver.com/diff/rtb/csync/ Frame E083 		1018 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3663&dcid=6&iscname=false&cname=
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486

Request headers

Host
csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"f7993322e8eb79ecae2b39841d5f82cc:1613661331.105246"
Last-Modified
Thu, 18 Feb 2021 15:14:17 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=3600
Date
Sat, 06 Mar 2021 07:40:30 GMT
Content-Length
445
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2E18 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; SyncRTB3=1616198400%3A220; KADUSERCOOKIE=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04; PUBMDCID=3; chkChromeAb67Sec=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=24571
Expires
Sat, 06 Mar 2021 14:30:01 GMT
Date
Sat, 06 Mar 2021 07:40:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame B914 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-200.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=7457235993791174996; icu=ChgI3sJXEAoYASABKAEw7OOMggY4AUABSAEQ7OOMggYYAA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sun, 07 Mar 2021 07:40:32 GMT
Date
Sat, 06 Mar 2021 07:40:30 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame BA12 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; SyncRTB3=1616198400%3A220; KADUSERCOOKIE=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04; PUBMDCID=3; chkChromeAb67Sec=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=24571
Expires
Sat, 06 Mar 2021 14:30:01 GMT
Date
Sat, 06 Mar 2021 07:40:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 742E 		668 B
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
8d75c8c16c4f55e81e13b1fd8655d4ebc93582d1eecbe2895589f895125e9ef7

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=c2eb851f-2d7a-4864-9bad-fd8b0dfbfbd6|1615016428
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=c2eb851f-2d7a-4864-9bad-fd8b0dfbfbd6|1615016428; Version=1; Expires=Sun, 06-Mar-2022 07:40:30 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1615016430|gekin0vNiygu; Version=1; Expires=Sun, 21-Mar-2021 07:40:30 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 06 Mar 2021 07:40:30 GMT
content-type
text/html
content-length
421
content-encoding
gzip
via
1.1 google
alt-svc
clear
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 92C0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.26.0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
688e1a13a6ab7e1a00ca53de2288ddc2abcaedb690040b04803cd22ce9334332

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html?src=prebid_prebid_4.26.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tads_uid=GDPR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
29
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Sat, 06 Mar 2021 07:40:30 GMT
etag
"41cc-5b96de62f8100"
expires
Sat, 06 Mar 2021 07:55:30 GMT
last-modified
Thu, 21 Jan 2021 19:15:48 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (frd/E2F8)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
4880465
content-length
5388
pd
eu-u.openx.net/w/1.0/ Frame D589 		668 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
8d75c8c16c4f55e81e13b1fd8655d4ebc93582d1eecbe2895589f895125e9ef7

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=c2eb851f-2d7a-4864-9bad-fd8b0dfbfbd6|1615016428
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=c2eb851f-2d7a-4864-9bad-fd8b0dfbfbd6|1615016428; Version=1; Expires=Sun, 06-Mar-2022 07:40:30 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1615016430|gekin0vNiygu; Version=1; Expires=Sun, 21-Mar-2021 07:40:30 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 06 Mar 2021 07:40:30 GMT
content-type
text/html
content-length
421
content-encoding
gzip
via
1.1 google
alt-svc
clear
usersync.html
ad-cdn.technoratimedia.com/html/ Frame F197 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.26.0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
688e1a13a6ab7e1a00ca53de2288ddc2abcaedb690040b04803cd22ce9334332

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html?src=prebid_prebid_4.26.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tads_uid=GDPR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
29
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Sat, 06 Mar 2021 07:40:30 GMT
etag
"41cc-5b96de62f8100"
expires
Sat, 06 Mar 2021 07:55:30 GMT
last-modified
Thu, 21 Jan 2021 19:15:48 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (frd/E2F8)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
4880465
content-length
5388
async_usersync.html
acdn.adnxs.com/dmp/ Frame 88EB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-200.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=7457235993791174996; icu=ChgI3sJXEAoYASABKAEw7OOMggY4AUABSAEQ7OOMggYYAA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sun, 07 Mar 2021 07:40:32 GMT
Date
Sat, 06 Mar 2021 07:40:30 GMT
Connection
keep-alive
/
ssc-cms.33across.com/ps/ Frame 78F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/

Response headers

x-33x-status
2000208
server
33XP002
date
Sat, 06 Mar 2021 07:40:29 GMT
CookieSyncV.html
csync.smartadserver.com/diff/rtb/csync/ Frame A994 		1018 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3663&dcid=6&iscname=false&cname=
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486

Request headers

Host
csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"f7993322e8eb79ecae2b39841d5f82cc:1613661331.105246"
Last-Modified
Thu, 18 Feb 2021 15:14:17 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=3600
Date
Sat, 06 Mar 2021 07:40:30 GMT
Content-Length
445
Connection
keep-alive
PugMaster
image6.pubmatic.com/AdServer/ Frame 2E18 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93992670&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
68c075ee7e13f2fe52b6aa4ef68a41cbe78e67bcd9657e5732e4016e6c7baccb

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:32:43 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame B914 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:30 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.148:80
AN-X-Request-Uuid
d727e962-d171-476e-89ff-1420f15d1b61
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 742E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e4496043-31ee-4100-b918-0c340b92bde8
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e4496043-31ee-4100-b918-0c340b92bde8
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 06 Mar 2021 07:41:21 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e4496043-31ee-4100-b918-0c340b92bde8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 06 Mar 2021 07:41:20 GMT
sd
us-u.openx.net/w/1.0/ Frame 742E
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=QbgFwUS5VJFavFXGT7AcyhS9CMZavlWXFrgN4Y3U
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=QbgFwUS5VJFavFXGT7AcyhS9CMZavlWXFrgN4Y3U
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=QbgFwUS5VJFavFXGT7AcyhS9CMZavlWXFrgN4Y3U
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 742E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4348896498972511524
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4348896498972511524
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4348896498972511524
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 742E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=1147ba46-84fd-7793-c17b-356369dcc82b&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.114.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-114-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 742E 		170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2QyODY5OGMtNGQ4YS0yOTM3LWQ0OWItNmZkYWEzM2UwNjRi
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 742E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4e0NqfuZ5Q0pPJ-ritLw4&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4e0NqfuZ5Q0pPJ-ritLw4&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4e0NqfuZ5Q0pPJ-ritLw4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 0D6E 		43 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93992670&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sat, 06 Mar 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1141
date
Sat, 06 Mar 2021 07:40:30 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 4A12
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8770980778055199659
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8770980778055199659
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93992670&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04; PUBMDCID=3; pi=158127:3; chkChromeAb67Sec=3; DPSync3=1616198400%3A201_227_226_221; SyncRTB3=1616198400%3A189_104_220_21_3_71_166_81_204_5_78_56_88_176_161_54_55_8_99_222_13_7_22_165%7C1615593600%3A2_67_223_15%7C1617580800%3A203%7C1615852800%3A63%7C1616284800%3A35; KRTBCOOKIE_80=16514-CAESEMokC1n7aEsCUILunGaFBp4&KRTB&22987-CAESEMokC1n7aEsCUILunGaFBp4&KRTB&23025-CAESEMokC1n7aEsCUILunGaFBp4; KRTBCOOKIE_1101=23040-6936442749358831766; KRTBCOOKIE_409=22966-CfIi0ib4yPwO8SITkT27WbMM&KRTB&23212-CfIi0ib4yPwO8SITkT27WbMM; KRTBCOOKIE_57=22776-7457235993791174996; SPugT=1615016428; KRTBCOOKIE_153=19420-_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj&KRTB&22979-_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj; KRTBCOOKIE_377=6810-b38316c3-be8c-4be2-9d02-3a9e5fc27f23&KRTB&22918-b38316c3-be8c-4be2-9d02-3a9e5fc27f23&KRTB&23031-b38316c3-be8c-4be2-9d02-3a9e5fc27f23; PugT=1615016429
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 06 Mar 2021 07:40:30 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-8770980778055199659; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 05-Apr-2021 07:40:30 GMT; path=/ PugT=1615016430; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 05-Apr-2021 07:40:30 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 04-Jun-2021 07:40:30 GMT; path=/
X-lat
amspug007:0:522
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8770980778055199659
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 7E5E 		43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93992670&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.8.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sat, 06 Mar 2021 07:40:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 1B4F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936442749358831766
42 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936442749358831766
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93992670&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04; PUBMDCID=3; pi=158127:3; chkChromeAb67Sec=3; DPSync3=1616198400%3A201_227_226_221; SyncRTB3=1616198400%3A189_104_220_21_3_71_166_81_204_5_78_56_88_176_161_54_55_8_99_222_13_7_22_165%7C1615593600%3A2_67_223_15%7C1617580800%3A203%7C1615852800%3A63%7C1616284800%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sat, 06 Mar 2021 07:40:29 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_1101=23040-6936442749358831766; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 05-Apr-2021 07:40:29 GMT; path=/ PugT=1615016429; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 05-Apr-2021 07:40:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 04-Jun-2021 07:40:29 GMT; path=/
X-lat
Pug23031:0:305
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Server
nginx
Date
Sat, 06 Mar 2021 07:40:30 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6936442749358831766; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936442749358831766
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 106D
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=CfIi0ib4yPwO8SITkT27WbMM
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=CfIi0ib4yPwO8SITkT27WbMM
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93992670&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04; PUBMDCID=3; pi=158127:3; chkChromeAb67Sec=3; DPSync3=1616198400%3A201_227_226_221; SyncRTB3=1616198400%3A189_104_220_21_3_71_166_81_204_5_78_56_88_176_161_54_55_8_99_222_13_7_22_165%7C1615593600%3A2_67_223_15%7C1617580800%3A203%7C1615852800%3A63%7C1616284800%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 06 Mar 2021 07:32:41 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-CfIi0ib4yPwO8SITkT27WbMM&KRTB&23212-CfIi0ib4yPwO8SITkT27WbMM; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 05-Apr-2021 07:32:41 GMT; path=/ PugT=1615015961; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 05-Apr-2021 07:32:41 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 04-Jun-2021 07:32:41 GMT; path=/
X-lat
amspug001:0:377
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sat, 06 Mar 2021 07:40:30 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=CfIi0ib4yPwO8SITkT27WbMM; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=CfIi0ib4yPwO8SITkT27WbMM
strict-transport-security
max-age=0; includeSubDomains;
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 40BB
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003&rndcb=1777789656
  • https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003&rndcb=1777789656
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=e83be185-29e8-4bd8-9dac-c62d1e1821b8&google_hm=ZTgzYmUxODUtMjllOC00YmQ4LTlkYWMtYzYyZDFlMTgy...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEC7XTVgWpi2U-6nS0SWkdsk&google_cver=1&ssp=adconductor&bsw_param=e83be185-29e8-4bd8-9dac-c62d1e1821b8
  • https://sync.1rx.io/usersync/bidswitch/e83be185-29e8-4bd8-9dac-c62d1e1821b8?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003
42 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93992670&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04; PUBMDCID=3; pi=158127:3; chkChromeAb67Sec=3; DPSync3=1616198400%3A201_227_226_221; SyncRTB3=1616198400%3A189_104_220_21_3_71_166_81_204_5_78_56_88_176_161_54_55_8_99_222_13_7_22_165%7C1615593600%3A2_67_223_15%7C1617580800%3A203%7C1615852800%3A63%7C1616284800%3A35; KRTBCOOKIE_80=16514-CAESEMokC1n7aEsCUILunGaFBp4&KRTB&22987-CAESEMokC1n7aEsCUILunGaFBp4&KRTB&23025-CAESEMokC1n7aEsCUILunGaFBp4; KRTBCOOKIE_1101=23040-6936442749358831766; KRTBCOOKIE_409=22966-CfIi0ib4yPwO8SITkT27WbMM&KRTB&23212-CfIi0ib4yPwO8SITkT27WbMM; KRTBCOOKIE_57=22776-7457235993791174996; SPugT=1615016428; KRTBCOOKIE_153=19420-_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj&KRTB&22979-_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj; KRTBCOOKIE_377=6810-b38316c3-be8c-4be2-9d02-3a9e5fc27f23&KRTB&22918-b38316c3-be8c-4be2-9d02-3a9e5fc27f23&KRTB&23031-b38316c3-be8c-4be2-9d02-3a9e5fc27f23; KRTBCOOKIE_27=16735-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&16736-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&23019-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&23114-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427; KRTBCOOKIE_336=5844-8770980778055199659; KRTBCOOKIE_22=14911-4385927054558514200; KRTBCOOKIE_391=22924-1871625874875868808; PugT=1615016428
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sat, 06 Mar 2021 07:40:30 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_594=17105-RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003&KRTB&17107-RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 04-Jun-2021 07:40:30 GMT; path=/ PugT=1615016430; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 05-Apr-2021 07:40:30 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 04-Jun-2021 07:40:30 GMT; path=/
X-lat
Pug23042:0:324
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Server
Tengine
Date
Sat, 06 Mar 2021 07:40:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003%22%7D; path=/; expires=Sun, 06 Mar 2022 07:40:30 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003
ETag
RX546fd2d0ff4f4bff9e669abec4b75515003
bridge
cm.adgrx.com/ Frame A395 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93992670&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sat, 06 Mar 2021 07:40:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 88B1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93992670&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aLnoeUpkijtDifqGdSpZaVYYFJmRsMauElZbZdimgZaB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 06 Mar 2021 07:40:30 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d2f644970e4f187fc166ba8e6474d94251615016430; expires=Mon, 05-Apr-21 07:40:30 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aknseFtlix88qyTAZbCanHDcdZbLn9Klwv1RtdIObG0VKcflN6rZalr46X5l3ek6gu9DZboGfoMKt7Vw37T8F7wU; path=/; domain=.tribalfusion.com; expires=Fri, 04-Jun-2021 07:40:30 GMT; SameSite=None; Secure; ANON_ID_old=aknseFtlix88qyTAZbCanHDcdZbLn9Klwv1RtdIObG0VKcflN6rZalr46X5l3ek6gu9DZboGfoMKt7Vw37T8F7wU; path=/; domain=.tribalfusion.com; expires=Fri, 04-Jun-2021 07:40:30 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
08a814233f00004de87e012000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62b9efb1f92b4de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sat, 06 Mar 2021 07:40:30 GMT
content-type
text/html
set-cookie
__cfduid=d2f644970e4f187fc166ba8e6474d94251615016430; expires=Mon, 05-Apr-21 07:40:30 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aLnoeUpkijtDifqGdSpZaVYYFJmRsMauElZbZdimgZaB; path=/; domain=.tribalfusion.com; expires=Fri, 04-Jun-2021 07:40:30 GMT; SameSite=None; Secure; ANON_ID_old=aLnoeUpkijtDifqGdSpZaVYYFJmRsMauElZbZdimgZaB; path=/; domain=.tribalfusion.com; expires=Fri, 04-Jun-2021 07:40:30 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
1686
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
08a814229400004de8b3b2a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62b9efb0efd84de8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 2703
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Nrompvf8Zmyu&pid=557219
1 B
667 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Nrompvf8Zmyu&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93992670&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04; PUBMDCID=3; pi=158127:3; chkChromeAb67Sec=3; DPSync3=1616198400%3A201_227_226_221; SyncRTB3=1616198400%3A189_104_220_21_3_71_166_81_204_5_78_56_88_176_161_54_55_8_99_222_13_7_22_165%7C1615593600%3A2_67_223_15%7C1617580800%3A203%7C1615852800%3A63%7C1616284800%3A35; KRTBCOOKIE_80=16514-CAESEMokC1n7aEsCUILunGaFBp4&KRTB&22987-CAESEMokC1n7aEsCUILunGaFBp4&KRTB&23025-CAESEMokC1n7aEsCUILunGaFBp4; KRTBCOOKIE_1101=23040-6936442749358831766; KRTBCOOKIE_409=22966-CfIi0ib4yPwO8SITkT27WbMM&KRTB&23212-CfIi0ib4yPwO8SITkT27WbMM; KRTBCOOKIE_57=22776-7457235993791174996; SPugT=1615016428; KRTBCOOKIE_153=19420-_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj&KRTB&22979-_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj; KRTBCOOKIE_377=6810-b38316c3-be8c-4be2-9d02-3a9e5fc27f23&KRTB&22918-b38316c3-be8c-4be2-9d02-3a9e5fc27f23&KRTB&23031-b38316c3-be8c-4be2-9d02-3a9e5fc27f23; KRTBCOOKIE_27=16735-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&16736-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&23019-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&23114-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427; KRTBCOOKIE_336=5844-8770980778055199659; KRTBCOOKIE_22=14911-4385927054558514200; KRTBCOOKIE_391=22924-1871625874875868808; KRTBCOOKIE_594=17105-RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003&KRTB&17107-RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003; PugT=1615016430
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sat, 06 Mar 2021 07:40:30 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 04-Jun-2021 07:40:30 GMT; path=/
X-lat
Pug23048:0:230
Content-Length
1
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
text/html; charset=utf-8

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-568ff9c7d-9cnfz
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Nrompvf8Zmyu&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=d91942d279e46aae; path=/; HttpOnly; Secure; SameSite=None
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 17E1
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c057a006-cab5-4f3b-8d01-cb12d679a0c6-tuct73cb76e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c057a006-cab5-4f3b-8d01-cb12d679a0c6-tuct73cb76e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93992670&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c057a006-cab5-4f3b-8d01-cb12d679a0c6-tuct73cb76e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=c057a006-cab5-4f3b-8d01-cb12d679a0c6-tuct73cb76e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sat, 06 Mar 2021 07:40:30 GMT
via
1.1 varnish
x-served-by
cache-hhn11568-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1615016431.505516,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=c057a006-cab5-4f3b-8d01-cb12d679a0c6-tuct73cb76e;Version=1;Path=/;Domain=.taboola.com;Expires=Sun, 06-Mar-2022 07:40:30 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c057a006-cab5-4f3b-8d01-cb12d679a0c6-tuct73cb76e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sat, 06 Mar 2021 07:40:30 GMT
via
1.1 varnish
x-served-by
cache-hhn11568-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1615016430.486051,VS0,VE8
x-vcl-time-ms
8
content-length
0
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 0203
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:oHyNQ6z81Liry65&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:oHyNQ6z81Liry65&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93992670&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04; PUBMDCID=3; pi=158127:3; chkChromeAb67Sec=3; DPSync3=1616198400%3A201_227_226_221; SyncRTB3=1616198400%3A189_104_220_21_3_71_166_81_204_5_78_56_88_176_161_54_55_8_99_222_13_7_22_165%7C1615593600%3A2_67_223_15%7C1617580800%3A203%7C1615852800%3A63%7C1616284800%3A35; KRTBCOOKIE_80=16514-CAESEMokC1n7aEsCUILunGaFBp4&KRTB&22987-CAESEMokC1n7aEsCUILunGaFBp4&KRTB&23025-CAESEMokC1n7aEsCUILunGaFBp4; KRTBCOOKIE_1101=23040-6936442749358831766; KRTBCOOKIE_409=22966-CfIi0ib4yPwO8SITkT27WbMM&KRTB&23212-CfIi0ib4yPwO8SITkT27WbMM; KRTBCOOKIE_57=22776-7457235993791174996; SPugT=1615016428; KRTBCOOKIE_153=19420-_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj&KRTB&22979-_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj; KRTBCOOKIE_377=6810-b38316c3-be8c-4be2-9d02-3a9e5fc27f23&KRTB&22918-b38316c3-be8c-4be2-9d02-3a9e5fc27f23&KRTB&23031-b38316c3-be8c-4be2-9d02-3a9e5fc27f23; KRTBCOOKIE_27=16735-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&16736-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&23019-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&23114-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427; KRTBCOOKIE_336=5844-8770980778055199659; KRTBCOOKIE_22=14911-4385927054558514200; KRTBCOOKIE_391=22924-1871625874875868808; KRTBCOOKIE_594=17105-RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003&KRTB&17107-RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003; PugT=1615016430; KRTBCOOKIE_218=22978-YEMx7gAAAKN7_Szr&KRTB&23194-YEMx7gAAAKN7_Szr&KRTB&23209-YEMx7gAAAKN7_Szr&KRTB&23244-YEMx7gAAAKN7_Szr
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 06 Mar 2021 07:40:30 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:oHyNQ6z81Liry65; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 04-Jun-2021 07:40:30 GMT; path=/ PugT=1615016430; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 05-Apr-2021 07:40:30 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 04-Jun-2021 07:40:30 GMT; path=/
X-lat
lhrpug017:0:582
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Sat, 06 Mar 2021 07:40:30 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:oHyNQ6z81Liry65&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0ae06fec161a2bbf2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=oHyNQ6z81Liry65; Domain=.w55c.net; Expires=Wed, 06-Apr-2022 07:40:30 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Mon, 05-Apr-2021 07:40:30 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
check
pixel.tapad.com/idsync/ex/receive/ Frame 072C
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93992670&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1615016430517; TapAd_DID=39fa8e51-7e4f-11eb-9d32-1e91907014bb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 06 Mar 2021 07:40:30 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Sat, 06 Mar 2021 07:40:30 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1615016430517;Expires=Wed, 05 May 2021 07:40:30 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=39fa8e51-7e4f-11eb-9d32-1e91907014bb;Expires=Wed, 05 May 2021 07:40:30 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2E18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=apTrDRj-Tsa6uWuhhl5LBA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=64510
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sun, 07 Mar 2021 01:35:40 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 2E18 		95 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
62b9efb0de93d711-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08a81422870000d711bfaab000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 2E18
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:29 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:29 GMT
frontend-id
7
location
/pubmatic/1/info2?sType=sync&sExtCookieId=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&addseg=19,36,42
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:40:30 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Sat, 06 Mar 2021 07:40:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMokC1n7aEsCUILunGaFBp4&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMokC1n7aEsCUILunGaFBp4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:32:41 GMT
X-lat
amspug001:0:443
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMokC1n7aEsCUILunGaFBp4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2E18 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:30 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 05 Mar 2021 07:40:30 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1871625874875868808
42 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1871625874875868808
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:28 GMT
X-lat
Pug23041:0:585
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1871625874875868808
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&gdpr=0&gdpr_consent=
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:30 GMT
X-lat
Pug23024:0:285
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Sat, 06 Mar 2021 07:41:21 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 06 Mar 2021 07:41:20 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b38316c3-be8c-4be2-9d02-3a9e5fc27f23
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b38316c3-be8c-4be2-9d02-3a9e5fc27f23
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:29 GMT
X-lat
Pug23033:0:312
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b38316c3-be8c-4be2-9d02-3a9e5fc27f23
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7457235993791174996&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7457235993791174996&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:40:30 GMT
X-lat
amspug006:0:381
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:30 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.17:80
AN-X-Request-Uuid
fd76f4d7-99db-420e-afa2-a4ce27b0e937
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7457235993791174996&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KKMo4T11l2Je7y_PzDoIyGe04f9EZu8-&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KKMo4T11l2Je7y_PzDoIyGe04f9EZu8-&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Sat, 06 Mar 2021 07:40:28 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Sat, 06 Mar 2021 07:40:30 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KKMo4T11l2Je7y_PzDoIyGe04f9EZu8-&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2E18 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4385927054558514200&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4385927054558514200&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:40:30 GMT
X-lat
lhrpug018:0:457
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4385927054558514200&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj
42 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:32:39 GMT
X-lat
amspug013:0:710
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=27fd4f95-1735-4c57-8617-c99d6e09b2b0&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e83be185-29e8-4bd8-9dac-c62d1e1821b8&gdpr=&gdpr_consent=&gdpr_pd=
1 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e83be185-29e8-4bd8-9dac-c62d1e1821b8&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:29 GMT
X-lat
Pug23045:0:341
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e83be185-29e8-4bd8-9dac-c62d1e1821b8&gdpr=&gdpr_consent=&gdpr_pd=
date
Sat, 06 Mar 2021 07:40:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEMx7gAAAKN7_Szr&gdpr=0&gdpr_consent=&_test=YEMx7gAAAKN7_Szr
1 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEMx7gAAAKN7_Szr&gdpr=0&gdpr_consent=&_test=YEMx7gAAAKN7_Szr
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:30 GMT
X-lat
Pug23035:0:330
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1615016430.476038,VS0,VE0
x-served-by
cache-hhn4078-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEMx7gAAAKN7_Szr&gdpr=0&gdpr_consent=&_test=YEMx7gAAAKN7_Szr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:32:41 GMT
X-lat
amspug015:0:295
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:31 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 2E18 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4a21f60b-16d4-410d-aab4-fa15184aefd2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4a21f60b-16d4-410d-aab4-fa15184aefd2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:40:31 GMT
X-lat
lhrpug016:0:444
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4a21f60b-16d4-410d-aab4-fa15184aefd2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 06 Mar 2021 07:40:31 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7457235993791174996
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7457235993791174996
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:32 GMT
X-lat
Pug23036:0:277
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:33 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.155:80
AN-X-Request-Uuid
177356df-9bbb-4e1c-88de-16fac0c04072
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7457235993791174996
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_21e849ae-acc5-4f45-bd2e-336df2d408a4
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_21e849ae-acc5-4f45-bd2e-336df2d408a4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:40:30 GMT
X-lat
lhrpug001:0:422
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_21e849ae-acc5-4f45-bd2e-336df2d408a4
date
Sat, 06 Mar 2021 07:40:30 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame 2E18
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=3ad18dbe-7e4f-11eb-be16-578c85b85361&gdpr=0&gdpr_consent=
1 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=3ad18dbe-7e4f-11eb-be16-578c85b85361&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:40:31 GMT
X-lat
lhrpug014:0:516
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=3ad18dbe-7e4f-11eb-be16-578c85b85361&gdpr=0&gdpr_consent=
Date
Sat, 06 Mar 2021 07:40:31 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
3ad18dbf-7e4f-11eb-be16-578c85b85361
sd
eu-u.openx.net/w/1.0/ Frame D589
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ebc36043-31ee-4500-ab36-50253b7dc5a3
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ebc36043-31ee-4500-ab36-50253b7dc5a3
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 06 Mar 2021 07:41:21 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x16
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ebc36043-31ee-4500-ab36-50253b7dc5a3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 06 Mar 2021 07:41:20 GMT
sd
us-u.openx.net/w/1.0/ Frame D589
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=QbgFwUS5VJFavFXGT7AcyhS9CMZavlWXFrgN4Y3U
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=QbgFwUS5VJFavFXGT7AcyhS9CMZavlWXFrgN4Y3U
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=QbgFwUS5VJFavFXGT7AcyhS9CMZavlWXFrgN4Y3U
pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame D589
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1521188977413173293
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1521188977413173293
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1521188977413173293
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame D589 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=1147ba46-84fd-7793-c17b-356369dcc82b&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.114.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-114-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D589 		170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2QyODY5OGMtNGQ4YS0yOTM3LWQ0OWItNmZkYWEzM2UwNjRi
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D589
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4e0NqfuZ5Q0pPJ-ritLw4&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4e0NqfuZ5Q0pPJ-ritLw4&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 07:40:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4e0NqfuZ5Q0pPJ-ritLw4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
consent-string.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame E083 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/consent-string.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3663&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F81) /
Resource Hash
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:31 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:14:17 GMT
server
ECS (pab/6F81)
age
58822
etag
"f720a7f2a8432d0f18de76239266413f:1613661329.433766"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
6396
TemplatePool.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame E083 		74 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3663&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F90) /
Resource Hash
c6519d6a796a5ef0daa0e7628812ffc354d25635216b7aaafda7cd58a958dc6f

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:31 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:13 GMT
server
ECS (pab/6F90)
age
58908
etag
"76c4b2e4d7cfc32ed3d0fd0e8507a2b5:1613661331.820325"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
3527
CookieSync.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame E083 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3663&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FA5) /
Resource Hash
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:31 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:14 GMT
server
ECS (pab/6FA5)
age
58797
etag
"5c225f0da4164867a9eba01d527131e3:1613661330.299947"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1566
CookieSyncCtrl.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame E083 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSyncCtrl.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3663&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FAA) /
Resource Hash
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:31 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:15 GMT
server
ECS (pab/6FAA)
age
59006
etag
"c77fb70e5e267321a13fbe8a4c2eb33b:1613661330.71025"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1560
async_usersync
ib.adnxs.com/ Frame 88EB 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:30 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid
d99a0d74-76d4-49ba-9c41-008eb3f2fbd6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
consent-string.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame A994 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/consent-string.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3663&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F81) /
Resource Hash
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:31 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:14:17 GMT
server
ECS (pab/6F81)
age
58822
etag
"f720a7f2a8432d0f18de76239266413f:1613661329.433766"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
6396
TemplatePool.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame A994 		74 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3663&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F90) /
Resource Hash
c6519d6a796a5ef0daa0e7628812ffc354d25635216b7aaafda7cd58a958dc6f

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:31 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:13 GMT
server
ECS (pab/6F90)
age
58908
etag
"76c4b2e4d7cfc32ed3d0fd0e8507a2b5:1613661331.820325"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
3527
CookieSync.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame A994 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3663&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FA5) /
Resource Hash
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:31 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:14 GMT
server
ECS (pab/6FA5)
age
58797
etag
"5c225f0da4164867a9eba01d527131e3:1613661330.299947"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1566
CookieSyncCtrl.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame A994 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSyncCtrl.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3663&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FAA) /
Resource Hash
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 07:40:31 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 15:15:15 GMT
server
ECS (pab/6FAA)
age
59006
etag
"c77fb70e5e267321a13fbe8a4c2eb33b:1613661330.71025"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1560
async_usersync
ib.adnxs.com/ Frame B914 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:31 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.237:80
AN-X-Request-Uuid
7f283925-4b44-4469-8ebf-54e0d12cb07d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 88EB 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Mar 2021 07:40:31 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.41:80
AN-X-Request-Uuid
c9910575-770a-4b92-a5de-c515f56e204d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 2E18 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158127&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:32:41 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
showad.js
ads.pubmatic.com/AdServer/js/ Frame BA12 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04; PUBMDCID=3; chkChromeAb67Sec=3; DPSync3=1616198400%3A201_227_226_221; SyncRTB3=1616198400%3A189_104_220_21_3_71_166_81_204_5_78_56_88_176_161_54_55_8_99_222_13_7_22_165%7C1615593600%3A2_67_223_15%7C1617580800%3A203%7C1615852800%3A63%7C1616284800%3A35; KRTBCOOKIE_80=16514-CAESEMokC1n7aEsCUILunGaFBp4&KRTB&22987-CAESEMokC1n7aEsCUILunGaFBp4&KRTB&23025-CAESEMokC1n7aEsCUILunGaFBp4; KRTBCOOKIE_1101=23040-6936442749358831766; KRTBCOOKIE_409=22966-CfIi0ib4yPwO8SITkT27WbMM&KRTB&23212-CfIi0ib4yPwO8SITkT27WbMM; KRTBCOOKIE_57=22776-7457235993791174996; KRTBCOOKIE_153=19420-_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj&KRTB&22979-_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj; KRTBCOOKIE_377=6810-b38316c3-be8c-4be2-9d02-3a9e5fc27f23&KRTB&22918-b38316c3-be8c-4be2-9d02-3a9e5fc27f23&KRTB&23031-b38316c3-be8c-4be2-9d02-3a9e5fc27f23; KRTBCOOKIE_27=16735-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&16736-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&23019-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&23114-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427; KRTBCOOKIE_336=5844-8770980778055199659; KRTBCOOKIE_22=14911-4385927054558514200; KRTBCOOKIE_391=22924-1871625874875868808; KRTBCOOKIE_594=17105-RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003&KRTB&17107-RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003; KRTBCOOKIE_218=22978-YEMx7gAAAKN7_Szr&KRTB&23194-YEMx7gAAAKN7_Szr&KRTB&23209-YEMx7gAAAKN7_Szr&KRTB&23244-YEMx7gAAAKN7_Szr; KRTBCOOKIE_107=1471-uid:oHyNQ6z81Liry65; KRTBCOOKIE_1074=22956-e_21e849ae-acc5-4f45-bd2e-336df2d408a4; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_466=16530-e83be185-29e8-4bd8-9dac-c62d1e1821b8; KRTBCOOKIE_279=22890-3ad18dbe-7e4f-11eb-be16-578c85b85361&KRTB&23011-3ad18dbe-7e4f-11eb-be16-578c85b85361; PugT=1615016431; SPugT=1615015961; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=24568
Expires
Sat, 06 Mar 2021 14:30:01 GMT
Date
Sat, 06 Mar 2021 07:40:33 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame BA12 		979 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=26850571&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
64e8d63a8ddbf2cfd854bc145282726aade1d38c1b3443e9d438ed7d40b36d06

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 07:32:44 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
979
Content-Type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 5DEA 		35 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=26850571&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=1521188977413173293
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 06 Mar 2021 07:40:33 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1521188977413173293; expires=Wed, 05 May 2021 07:40:33 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame AA27
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EDD05FAF8FD0404CA146BB0044AEF5C4
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EDD05FAF8FD0404CA146BB0044AEF5C4
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=26850571&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEMokC1n7aEsCUILunGaFBp4&KRTB&22987-CAESEMokC1n7aEsCUILunGaFBp4&KRTB&23025-CAESEMokC1n7aEsCUILunGaFBp4; KRTBCOOKIE_1101=23040-6936442749358831766; KRTBCOOKIE_409=22966-CfIi0ib4yPwO8SITkT27WbMM&KRTB&23212-CfIi0ib4yPwO8SITkT27WbMM; KRTBCOOKIE_57=22776-7457235993791174996; KRTBCOOKIE_153=19420-_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj&KRTB&22979-_aOF7_ii1L_mp9Xo86uc5KimiOjmpdW5qqPJmKZj; KRTBCOOKIE_377=6810-b38316c3-be8c-4be2-9d02-3a9e5fc27f23&KRTB&22918-b38316c3-be8c-4be2-9d02-3a9e5fc27f23&KRTB&23031-b38316c3-be8c-4be2-9d02-3a9e5fc27f23; KRTBCOOKIE_27=16735-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&16736-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&23019-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427&KRTB&23114-uid:052f6043-31ee-4500-ad4a-18d9c7e8c427; KRTBCOOKIE_336=5844-8770980778055199659; KRTBCOOKIE_22=14911-4385927054558514200; KRTBCOOKIE_391=22924-1871625874875868808; KRTBCOOKIE_594=17105-RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003&KRTB&17107-RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003; KRTBCOOKIE_218=22978-YEMx7gAAAKN7_Szr&KRTB&23194-YEMx7gAAAKN7_Szr&KRTB&23209-YEMx7gAAAKN7_Szr&KRTB&23244-YEMx7gAAAKN7_Szr; KRTBCOOKIE_107=1471-uid:oHyNQ6z81Liry65; KRTBCOOKIE_1074=22956-e_21e849ae-acc5-4f45-bd2e-336df2d408a4; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_466=16530-e83be185-29e8-4bd8-9dac-c62d1e1821b8; KRTBCOOKIE_279=22890-3ad18dbe-7e4f-11eb-be16-578c85b85361&KRTB&23011-3ad18dbe-7e4f-11eb-be16-578c85b85361; PugT=1615016431; SPugT=1615015961; pi=158127:4; chkChromeAb67Sec=4; DPSync3=1616198400%3A226_221_219_197_201_227%7C1615075200%3A174; SyncRTB3=1617580800%3A203%7C1616198400%3A189_3_204_176_7_104_220_81_56_5_54_222_165_78_21_71_88_8_55_166_161_99_13_22%7C1620172800%3A69%7C1616284800%3A35%7C1615593600%3A15_2_67_223%7C1615852800%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 06 Mar 2021 07:40:33 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 04-Jun-2021 07:40:33 GMT; path=/
X-lat
lhrpug019:0:402
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
nginx
date
Sat, 06 Mar 2021 07:40:33 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EDD05FAF8FD0404CA146BB0044AEF5C4
expires
Fri, 05 Mar 2021 07:40:33 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
/
pixel.onaudience.com/ Frame BA12
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b1294efe3991b4910e7752b3bc1003e5
35 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b1294efe3991b4910e7752b3bc1003e5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.210.112.63 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3174889.ip-51-210-112.eu
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Sat, 06 Mar 2021 07:40:33 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b1294efe3991b4910e7752b3bc1003e5
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame BA12
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=052f6043-31ee-4500-ad4a-18d9c7e8c427
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=052f6043-31ee-4500-ad4a-18d9c7e8c427
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Sat, 06 Mar 2021 07:40:31 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Sat, 06 Mar 2021 07:41:24 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=052f6043-31ee-4500-ad4a-18d9c7e8c427
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 06 Mar 2021 07:41:23 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame BA12 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158127&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Sat, 06 Mar 2021 15:40:28 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| gtm4wp_datalayer_name object| dataLayer object| google_tag_manager string| em_version boolean| em_track_user string| em_no_track_reason string| disableStr function| __gtagTrackerIsOptedOut function| __gtagTrackerOptout function| gaOptout function| __gtagTracker object| google_tag_data string| GoogleAnalyticsObject function| ga function| gtag function| __gaTracker object| exactmetrics_frontend function| ExactMetrics object| ExactMetricsObject undefined| $ function| jQuery object| html5 object| Modernizr function| yepnope object| dataLayer_content function| documentInitOneSignal object| OneSignal string| QP object| qp object| FB string| wparest string| wpatext object| wp object| gaplugins object| gaGlobal object| gaData object| _oneSignalInitOptions number| infolinks_pid number| infolinks_wsid object| data object| $iceboot object| INFOLINKS object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| google_sa_queue object| google_sl_win function| google_process_slots function| _typeof object| $ice object| $infolinks object| displayPlacement_PF_script boolean| pixfuture_environment_started function| init_____display____pixfuture function| hb_iceChunk object| hb_ice object| _pbjsGlobals object| $ICE_HB boolean| isPending string| prebid_file function| findCMP_PixFuture function| pbjs_pixChunk object| pbjs_pix

30 Cookies

Domain/Path Name / Value
.eqads.com/ Name: EQUser
Value: UID=f571fe4b-9a2e-410a-acb4-9d9b021cfe4c
.casalemedia.com/ Name: CMST
Value: YEMx7GBDMewA
.casalemedia.com/ Name: CMPRO
Value: 1214
.casalemedia.com/ Name: CMPS
Value: 5182
.casalemedia.com/ Name: CMID
Value: YEMx7A1ODSOl1F0nUEgKkgAA
.infolinks.com/ Name: BIZZCUSERCOOKIE
Value: 91a78059df4af410b204bab20c69af25c820bdddeb6952159a5a4c5b25e3d7fa
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 1871316018058183234
.infolinks.com/ Name: ZMNUSERCOOKIE
Value: ""
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: 6A94EB0D-18FE-4EC6-BAB9-6BA1865E4B04
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-KQfh4.V1l2bk.NRHtjrarmIFlF7iSL2W~UP38a2ee60-7e4f-11eb-bc23-02ae808367ac
.infolinks.com/ Name: ANUSERCOOKIE
Value: 7457235993791174996
.infolinks.com/ Name: R1USERCOOKIE
Value: RX-546fd2d0-ff4f-4bff-9e66-9abec4b75515-003
www.oann.com/ Name: _pubcid
Value: c2eb851f-2d7a-4864-9bad-fd8b0dfbfbd6
.infolinks.com/ Name: IXUSERCOOKIE
Value: YEMx7A1ODSOl1F0nUEgKkgAA&1214
www.oann.com/ Name: cto_bundle
Value: 31oPgF9WUGlTNUdWYm1UZVVycXk5N2RjQ0g0ejh2Tjk0VlNQQnZlYTVnQ0FpQ1lzSnhJSyUyRnpSNGQxR1g1TUhWRGluWU92MlJzS3lzMnRLQ0tDdXJLRDZQNHhzS3AwMXVJRGtNSzlweDI4SHMlMkZvOXJtc0YzcXdEJTJGOXNaVXolMkZCUGJ3bTk2
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: 3acca5fb689bb2c977cd6d9b
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-W1Pd1sZ1l2ac4xKoTDOMRyPw3HU4mMXkTjPekhE-
.oann.com/ Name: _pubcid
Value: c2eb851f-2d7a-4864-9bad-fd8b0dfbfbd6
www.oann.com/ Name: AWSALB
Value: m85UZiInBz987EIiUu7V5ibQU59GxKLTgJiDTpsMW5LIiFWqxwIK7KwMhu1YTXCls8izq5E3cI0gs11dpj6THhrZzs87NX5JbMtVq+pI4l4JdyCJ08oaoFm3ZIYd
www.oann.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.oann.com/ Name: AWSALBTGCORS
Value: Rx0lMPaprk+99WwyBVeq6qq+DQ18Zeahc/4BXr9d8ScTXSeDxjmkv18l2wB4zlWRI/hJUXGVm7w3UtCB3MHdDxcgBcAcf1rcvxfqYuQk8yF1OvtTllM1v2mwaAYVu5kchDo+Fx273koEw9wF7J7jyVBSsMHeVE/gAcqCTjYE/HDht4Q2r1c=
.infolinks.com/ Name: SXUSERCOOKIE
Value: 38c4f5ab-7e4f-11eb-90e3-11482f422c06
.casalemedia.com/ Name: CMRUM3
Value: 9c604331ec05a00&27604331ec0b40&ce604331ec05a00&f1604331ec05a00&51604331ec05a0&28604331ec2760f571fe4b-9a2e-410a-acb4-9d9b021cfe4c&2d604331ec2760CAESEAZjBDp28RJWtCvXRvZgILM&e6604331ec27600
.oann.com/ Name: _gid
Value: GA1.2.1147523555.1615016428
www.oann.com/ Name: cto_bidid
Value: UmiUw19SaE9qakl2WlJsUFpHcFclMkZMQVdLdXZCelJ3Zjcxamp5Z3hkYTR4NXJwJTJCNjlPZU9xS2FkNlB1RW5vMFBIdDJPaEIlMkJiTmdVeWxBWSUyRm1FRWV3Wnc2enhRJTNEJTNE
www.oann.com/n-y-gov-cuomo-threatens-to-pull-funding-to-local-govts-schools-not-following-lockdown-guidelines Name: logglytrackingsession
Value: 1481c829-252d-4eee-9552-02cebd0dd8cd
.oann.com/ Name: _ga
Value: GA1.2.1354547883.1615016428
www.oann.com/ Name: AWSALBTG
Value: Rx0lMPaprk+99WwyBVeq6qq+DQ18Zeahc/4BXr9d8ScTXSeDxjmkv18l2wB4zlWRI/hJUXGVm7w3UtCB3MHdDxcgBcAcf1rcvxfqYuQk8yF1OvtTllM1v2mwaAYVu5kchDo+Fx273koEw9wF7J7jyVBSsMHeVE/gAcqCTjYE/HDht4Q2r1c=
.oann.com/ Name: _gat_gtag_UA_98105905_1
Value: 1
www.oann.com/ Name: AWSALBCORS
Value: m85UZiInBz987EIiUu7V5ibQU59GxKLTgJiDTpsMW5LIiFWqxwIK7KwMhu1YTXCls8izq5E3cI0gs11dpj6THhrZzs87NX5JbMtVq+pI4l4JdyCJ08oaoFm3ZIYd

8 Console Messages

Source Level URL
Text
console-api log URL: https://dzm0ugdauank9.cloudfront.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6.2(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api error URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js(Line 71)
Message:
Error: PublisherCodeNotFoundForAma
console-api log URL: https://resources.infolinks.com/js/1734.027-3.011.ab.1735.003-3.012/ice.js(Line 1)
Message:
[object Object]
console-api log URL: https://resources.infolinks.com/js/1734.027-3.011.ab.1735.003-3.012/ice.js(Line 1)
Message:
Failed to log to loggly because of this exception: TypeError: Converting circular structure to JSON --> starting at object with constructor 'Window' --- property 'window' closes the circle
console-api log URL: https://resources.infolinks.com/js/1734.027-3.011.ab.1735.003-3.012/ice.js(Line 1)
Message:
Failed log data: [object Object]
console-api warning URL: https://cdn.pixfuture.com/hb_v2.js(Line 3)
Message:
CMP IS NOT FOUND!!!
console-api warning URL: https://cdn.pixfuture.com/hb_v2.js(Line 3)
Message:
CMP IS NOT FOUND!!!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a.volvelle.tech
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ap.lijit.com
api.rlcdn.com
assets.revcontent.com
aud.pubmatic.com
b1sync.zemanta.com
bh.contextweb.com
btlr.sharethrough.com
bttrack.com
c1.adform.net
cdn.onesignal.com
cdn.pixfuture.com
cdn.revcontent.com
cdn1.lockerdomecdn.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
content.jwplatform.com
csync.smartadserver.com
d1bvk193qme2fc.cloudfront.net
d2pggiv3o55wnc.cloudfront.net
d5p.de17a.com
de.tynt.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dzm0ugdauank9.cloudfront.net
ec-ns.sascdn.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.revcontent.com
img.revcontent.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
maxcdn.bootstrapcdn.com
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pixfuture.technoratimedia.com
pixfuture2-d.openx.net
pm.w55c.net
pr-bh.ybp.yahoo.com
prg.smartadserver.com
pubmatic-match.dotomi.com
resources.infolinks.com
router.infolinks.com
rtb.gumgum.com
s.amazon-adsystem.com
s.cpx.to
s.tribalfusion.com
scripts.poll-maker.com
secure-assets.rubiconproject.com
secure.adnxs.com
served-by.pixfuture.com
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
trc.taboola.com
trends.revcontent.com
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
visitor.fiftyt.com
www.google-analytics.com
www.googletagmanager.com
www.oann.com
x.bidswitch.net
104.108.144.200
104.108.144.214
104.108.145.8
104.117.200.100
142.250.185.66
151.101.114.49
151.139.128.11
151.139.241.28
152.199.22.191
169.50.137.190
172.67.39.17
173.231.180.197
174.137.133.49
178.162.133.149
178.250.0.163
178.250.2.146
178.62.202.251
18.185.192.106
18.195.193.185
18.198.115.155
18.198.126.47
185.29.135.233
185.33.221.87
185.33.223.178
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.216
185.64.190.106
185.64.190.80
185.64.190.81
185.86.139.95
185.94.180.125
192.132.33.46
193.0.160.128
193.122.130.38
198.148.27.139
199.232.137.44
2001:678:cb4:bbbb::11
208.100.17.183
213.155.156.167
213.19.147.151
216.52.2.19
2600:1f1c:adc:8703:1672:d163:3a9e:5b14
2600:9000:20d7:2c00:9:da2a:f240:21
2600:9000:20d7:f000:1:a3fa:7cc0:93a1
2600:9000:2156:4400:19:f03c:7200:21
2606:4700:10::6816:1857
2606:4700:20::681a:5da
2606:4700:20::681a:a9c
2606:4700::6812:acf
2606:4700::6812:c05
2606:4700::6812:e134
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2008
2a00:1450:4001:813::200e
2a00:1450:4001:829::200a
2a00:1450:400c:c0c::9d
2a02:2638::1c
2a02:26f0:6c00::210:ba29
2a02:fa8:8806:12::1400
2a03:2880:f02d:12:face:b00c:0:3
3.126.56.137
34.120.133.55
34.225.236.62
34.250.193.151
34.95.69.49
34.98.107.212
35.201.96.126
35.210.178.101
35.227.248.159
35.244.159.8
37.157.4.25
51.210.112.63
51.38.120.206
52.19.239.39
52.215.8.160
52.28.239.147
52.45.248.59
52.51.76.107
54.228.114.223
54.239.17.112
54.85.167.1
65.9.23.145
66.155.71.149
67.202.110.21
68.183.31.14
68.232.35.16
69.173.144.165
70.42.32.191
77.243.60.138
85.114.159.93
87.98.128.108
88.214.193.83
027cdd160b8cd7846376309f6a3f089087d4da7d1fe894dbfb41a7ca682420df
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439
065d06363c755bef9b7937efbf26d933eb1d9bc93ccb5e41bf05971ebe4823af
0a1fc524469c189ab3ef5bb0fd741d4ca4b9397535b88666e87b412fb78cb4f1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eb33254aa8a9f54598afdce0e40ff391d031a8dc68606b3c7536875f3e7e9bd
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0fabba7a4de8cb2e8c7d7b0ae53a371cf2c663c0a941425552bc15a7e30d417a
12a2477ddcc5a8e47efe6f1ba6ef3b43f9d1296790e643a0c20a7bbfe0083852
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
17acf490bf92b3021e7d0de1c552218a0b4423bffabefa072fea63f35cbb89db
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19b6c387b48027f8f914bfa76c6152255e3bebde3f4344444d04e9af2c572f18
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122
1bc92fd2fcf02ab23bf434d20248d29690b562b406e32cb0888a440774d16fd8
1ccf31f3d3dc9f78ff922e4b048747936f2335d8103959f13d0ea67212bb4fff
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3
1e343b55cfff4d4f8d25584d42aaed0b9845a8cabec3af4d25f9437b2a973dd2
2878b0331a62abfe17a83b7f7bfcfdaa940aa542eac35eff3f9d19af68bdb9a0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f325ae6eba35146be280cb1b42f68dda3d172bc2e0213ac9c35c4452dad1317
32e566bb817d7840fa6919dbe1179c482ce5e5ff1a451326bc4577ab399a4904
35f3fd22493510a2cec28708322eb76b333ee9633420e347d497360e1bb55bbc
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4555f5d43b753351450e071c5781c07a93ae1b453540e2216ff586135e46f508
478becbf54075379f667b0ecf1af653ffd698879890d4211cca8cfe73dd4e586
47a0021f9e8dce6c0ed907d2032bbad360a3b870cd3cd99975d38f5552b0faae
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
4c20c6241b20bd6306c1cdbee778ee4b344680934744710e0c1639361e6ac07f
4d709a0ccf31245d508c57e5af7011c52f2f43cb75a55a9c9b53e371a3485066
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
543c9f28f424d4e9b84bc954b1a2f5b3f033a523e1ba98b7513a7c202183ac7c
562324b0f9e7647a5fecb2324a86df358afef9bb66336e5ecfab1b12bed8c1c3
56e6607a3df985b8793d03735651a274da05e3a845fcdd54907a3179be601729
5a7aea6e614acb9166508ed9172b92f4c754a16584e73627328977cacdb14211
5b4193177648417e17da707747acda78e90718511762a9e69781fa468c57cc65
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
63936296619a48a6f9dd7b8e0b69436210c11078007ce8e677979cd31ce78ea8
64e8d63a8ddbf2cfd854bc145282726aade1d38c1b3443e9d438ed7d40b36d06
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
688e1a13a6ab7e1a00ca53de2288ddc2abcaedb690040b04803cd22ce9334332
68a8ab6242f9056e3cdb04e961e395a8287d2cc1d1867baf86acc8c1a3a9432a
68c075ee7e13f2fe52b6aa4ef68a41cbe78e67bcd9657e5732e4016e6c7baccb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
702fcc2a9725b111636e6efcd6341a2be095863f47e39a6955192bcd533ede5a
76590e3dca8549fbba94ac046a832c4cbb05d87ed23101e620e3e8bf8cfdaaf0
7ed2da08ad214b0da61050d4da8d4d17334fdcac1dc2c31dade9fa01d2727f5f
817a2f457779685f0a052a5fc81296161afddf33f5436683320a4a8891f29713
81a2c3ca203e7db165a1553343fa24ca268c73f49f74b5a89e37845a2044c9be
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe955ebf97a92a0932e49c6c9afb0f0a5c2879b3df8c853393ac8b0e756c4d
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8c6fd8717d86c8dfe9a40fdc7b86770c0581553efebc75894fa8cf9f2bc501d6
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d75c8c16c4f55e81e13b1fd8655d4ebc93582d1eecbe2895589f895125e9ef7
9479d4a7e784576b492462479316c21df3c761c36c67a99320d3684b10716c0a
969759485872387d62513332cd0a0619407cf99f5d34180fb0f2ab4bac77fc96
98c24d56dfeed6465fbbe7ddc50f13abb54216fb87eab2621db1ea780654ac68
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6
a771df1440af0eed3cbf20c50769a0fda215b50666ade95d57b9bc95cda35c24
a89080d240a1758a65d4d23d28e52f668a623ae77e77c080dc0948bacdf9ab4d
ae61c3aefc698f6a628f150f210bad9caef45b0d2b431401287e0836be7d0d05
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e714cacd64d510c4f6a5fce9333a7e5c547daf0113944c6ddb25a041331570
b301995ea6cfc1e520a7fdf267e26b60dfa9eaf40c313b236d7db34126027075
b3562502adba80475e10a8ed1e6d3fdc795aa09b0bb83ed02099d6298f2fb69c
b97e05411def19f898ee5b52a8241d47780894133d4176dbafd074fbc9f90af6
bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d
bd9b92f43d70e4ce63895eeff5050a60c23d68c04db3e1bd01bcee7e1d4f5ba0
bde02ae501da9b3a9d23abd317e2d6730aa840c244fb7bb25b9a6774528ede44
bf03ee51bc597e3bc10b8aa8f07d1a68139e08bb26adc5be4466e6480b5fe3d6
bf0ecf4878802d7c9bb2c3c3c9c7e53fd12f832257ae8b743087ad88063f608e
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6519d6a796a5ef0daa0e7628812ffc354d25635216b7aaafda7cd58a958dc6f
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
c96c898bbbc607a70dbc662fea01d51db64b45771b963f7713ba67cd2f3d8472
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d490f2efc64637640a21c5282a89dd22344e58974641bc7bbbfa4c7e4dc8648e
d82efa509f154d1fdc5cb2e1c357964aca8cd3cba871ed300aef074bfe955115
d837a8bd2d9d0030c7dc50304ecc5f7c83ca5d0992cf58eecd61079d35f83dba
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfb960708f21dacc14075fc67ea9702df9dd19126dcdd95031511179f449bb1c
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e78b9e8880c05ff7c2509c05d3cf596650da68062d7dba912805da0f3e1e74e8
e8fb26d2655283adfcb14077c9a7a20e719fc0fb14a898a41606c0923b61c50f
ebb580b12e94a3d62df495261282c30d367f6d32b8fb754f2cdb16f775898637
ee767c06cce5f4e1d52a0d654a509eeca9e8e8d5053c569aeb219814b48d1129
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
f5842e3039b52c77a907edb3e4c5702e2819f70353e79834b7bc9afef473bf16
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
fe995e4a77e0247cc060ddf1418dce41f899f5e06b83d096c797c7c47b32c70b