urlscan.io logo urlscan.io
SecurityTrails logo

www.theonion.com Open in urlscan Pro
151.101.130.166  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Submission: On November 23 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 127 IPs in 11 countries across 124 domains to perform 549 HTTP transactions. The main IP is 151.101.130.166, located in United States and belongs to FASTLY, US. The main domain is www.theonion.com. The Cisco Umbrella rank of the primary domain is 129312.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on August 2nd 2023. Valid for: a year.
This is the only time www.theonion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54 151.101.130.166 54113 (FASTLY)
9 151.101.194.166 54113 (FASTLY)
1 3 18.160.96.18 16509 (AMAZON-02)
1 151.101.2.217 54113 (FASTLY)
5 2607:f8b0:400... 15169 (GOOGLE)
2 151.101.2.166 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
19 151.101.65.44 54113 (FASTLY)
1 2600:9000:204... 16509 (AMAZON-02)
6 151.101.129.44 54113 (FASTLY)
16 141.226.124.48 200478 (TABOOLA-AS)
1 18.160.96.98 16509 (AMAZON-02)
2 2 211.120.53.205 4694 (IDCF IDC ...)
2 12 141.226.224.48 200478 (TABOOLA-AS)
3 6 23.83.76.85 395954 (LEASEWEB-...)
10 17 8.43.72.97 26667 (RUBICONPR...)
1 1 35.208.249.213 19527 (GOOGLE-2)
17 38 142.251.16.157 15169 (GOOGLE)
1 2 54.165.15.229 14618 (AMAZON-AES)
12 13 8.28.7.83 62713 (AS-PUBMATIC)
20 21 35.71.131.137 16509 (AMAZON-02)
6 7 198.148.27.131 19189 (PULSEPOINT)
2 2 143.244.208.184 14061 (DIGITALOC...)
9 9 141.95.33.120 16276 (OVH)
18 21 68.67.160.75 29990 (ASN-APPNEX)
3 3 63.251.86.49 10913 (INTERNAP-BLK)
1 3 44.205.97.183 14618 (AMAZON-AES)
9 9 52.22.94.120 14618 (AMAZON-AES)
1 2 8.28.7.81 62713 (AS-PUBMATIC)
13 14 35.211.178.172 15169 (GOOGLE)
2 2 5.161.92.137 213230 (HETZNER-C...)
2 2 35.207.24.140 15169 (GOOGLE)
6 10 35.71.139.29 16509 (AMAZON-02)
5 8 34.98.64.218 396982 (GOOGLE-CL...)
1 141.226.224.32 200478 (TABOOLA-AS)
5 13.227.37.32 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 104.18.38.76 13335 (CLOUDFLAR...)
3 13.227.42.218 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:21f... 16509 (AMAZON-02)
2 7 2606:4700:440... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 34.120.155.137 396982 (GOOGLE-CL...)
1 34.202.199.100 14618 (AMAZON-AES)
1 3.223.198.8 14618 (AMAZON-AES)
1 13.227.37.86 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
8 18.160.97.132 16509 (AMAZON-02)
2 54.204.169.211 14618 (AMAZON-AES)
1 35.174.214.9 14618 (AMAZON-AES)
1 18.160.96.67 16509 (AMAZON-02)
1 23.218.1.25 16625 (AKAMAI-AS)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 52.45.97.77 14618 (AMAZON-AES)
1 104.36.115.111 62713 (AS-PUBMATIC)
2 199.250.161.129 26459 (TTD-ASN-01)
1 34.231.249.50 14618 (AMAZON-AES)
1 2620:100:a001... 19750 (AS-CRITEO)
1 54.243.45.130 14618 (AMAZON-AES)
1 2602:803:c002... 26667 (RUBICONPR...)
2 5 172.64.151.101 13335 (CLOUDFLAR...)
1 35.211.5.82 15169 (GOOGLE)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.251.163.149 15169 (GOOGLE)
2 7 34.117.77.79 396982 (GOOGLE-CL...)
1 2600:9000:204... 16509 (AMAZON-02)
1 2 35.244.193.51 15169 (GOOGLE)
2 26 52.46.130.91 16509 (AMAZON-02)
1 18.245.96.4 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
2 3 18.204.167.253 14618 (AMAZON-AES)
2 3 35.244.154.8 15169 (GOOGLE)
3 3 3.215.27.95 14618 (AMAZON-AES)
2 3 3.234.8.37 14618 (AMAZON-AES)
3 25 104.18.41.104 13335 (CLOUDFLAR...)
1 1 23.219.8.22 16625 (AKAMAI-AS)
7 18.160.96.14 16509 (AMAZON-02)
1 1 216.22.16.36 30633 (LEASEWEB-...)
15 34.86.30.129 396982 (GOOGLE-CL...)
2 6 3.220.202.247 14618 (AMAZON-AES)
8 23.220.124.197 16625 (AKAMAI-AS)
1 54.174.197.164 14618 (AMAZON-AES)
16 23.55.205.215 16625 (AKAMAI-AS)
8 9 34.200.65.202 14618 (AMAZON-AES)
22 54.147.116.174 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
14 3.214.33.241 14618 (AMAZON-AES)
1 1 51.68.39.188 16276 (OVH)
1 1 54.198.207.123 14618 (AMAZON-AES)
2 5 2600:1f18:4e9... 14618 (AMAZON-AES)
4 4 52.2.49.56 14618 (AMAZON-AES)
2 8.18.47.7 398989 (DEEPINTENT)
2 2 64.74.236.223 22075 (AS-OUTBRAIN)
5 5 185.167.164.49 198622 (ADFORM)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
8 8 23.1.200.83 16625 (AKAMAI-AS)
2 2 52.22.32.84 14618 (AMAZON-AES)
2 2 18.67.39.95 16509 (AMAZON-02)
2 2 199.38.167.130 54312 (ROCKETFUEL)
1 107.178.254.65 396982 (GOOGLE-CL...)
4 4 35.214.220.104 15169 (GOOGLE)
4 4 138.201.8.249 24940 (HETZNER-AS)
15 15 199.127.204.171 26120 (RHYTHMONE)
5 5 2620:112:f002... 6336 (TURN-US-ASN)
1 1 139.162.78.222 63949 (AKAMAI-LI...)
2 2 34.192.242.192 14618 (AMAZON-AES)
2 2 172.240.127.128 7979 (SERVERS-COM)
2 2 82.145.213.8 39832 (NO-OPERA)
1 192.132.33.69 18568 (BIDTELLECT)
1 2 74.119.119.150 19750 (AS-CRITEO)
4 6 34.111.113.62 396982 (GOOGLE-CL...)
3 6 34.204.239.76 14618 (AMAZON-AES)
12 19 8.43.72.98 26667 (RUBICONPR...)
10 11 67.202.105.22 32748 (STEADFAST)
2 23.220.112.22 16625 (AKAMAI-AS)
13 17 8.28.7.82 62713 (AS-PUBMATIC)
1 34.235.189.242 14618 (AMAZON-AES)
2 2 69.166.1.34 27630 (AS-XFERNET)
4 4 63.251.28.233 13789 (INTERNAP-...)
1 2 37.157.6.243 198622 (ADFORM)
2 3 63.251.86.50 32475 (SINGLEHOP...)
1 2 67.202.105.33 32748 (STEADFAST)
1 67.202.105.34 32748 (STEADFAST)
3 174.137.133.32 27257 (WEBAIR-IN...)
9 10 34.234.39.43 14618 (AMAZON-AES)
1 2a02:6ea0:e20... 60068 (CDN77 ^_^)
4 25 51.222.239.230 16276 (OVH)
1 4 23.105.12.172 30633 (LEASEWEB-...)
1 1 3.138.212.158 16509 (AMAZON-02)
2 2 151.101.194.49 54113 (FASTLY)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 40.76.134.238 8075 (MICROSOFT...)
1 1 35.194.66.159 396982 (GOOGLE-CL...)
1 2 38.98.69.175 174 (COGENT-174)
1 162.248.18.34 62713 (AS-PUBMATIC)
8 8 2606:ae80:145... 25751 (VALUECLICK)
3 3 207.198.113.86 13768 (COGECO-PEER1)
2 2 74.121.140.211 30419 (MEDIAMATH...)
1 2 213.19.162.80 3356 (LEVEL3)
2 3 23.83.76.84 395954 (LEASEWEB-...)
2 2 35.211.233.246 19527 (GOOGLE-2)
12 147.28.129.37 54825 (PACKET)
9 3.222.15.142 14618 (AMAZON-AES)
2 2 35.227.252.103 15169 (GOOGLE)
5 34.117.239.71 396982 (GOOGLE-CL...)
1 2a04:4e42:400... 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:1408:c40... 20940 (AKAMAI-ASN1)
1 67.220.224.150 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 2600:9000:26c... 16509 (AMAZON-02)
1 2 2600:9000:21f... 16509 (AMAZON-02)
1 13.227.37.11 16509 (AMAZON-02)
1 23.222.5.138 20940 (AKAMAI-ASN1)
2 2620:100:a001::4 19750 (AS-CRITEO)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2620:100:a001::c 19750 (AS-CRITEO)
1 13.227.37.59 16509 (AMAZON-02)
2 2 104.18.36.155 13335 (CLOUDFLAR...)
12 172.64.146.152 13335 (CLOUDFLAR...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
1 13.227.37.107 16509 (AMAZON-02)
2 2 34.225.57.219 14618 (AMAZON-AES)
1 1 143.244.220.80 14061 (DIGITALOC...)
1 1 142.234.204.77 396362 (LEASEWEB-...)
1 1 131.153.242.59 19437 (SS-ASH)
1 8.28.7.105 62713 (AS-PUBMATIC)
1 54.230.202.117 16509 (AMAZON-02)
1 44.193.54.186 14618 (AMAZON-AES)
1 1 3.229.230.187 14618 (AMAZON-AES)
1 34.236.96.120 14618 (AMAZON-AES)
549 127
54    151.101.130.166 (United States)

ASN54113 (FASTLY, US)
www.theonion.com
kinja.com
x.kinja-static.com
i.kinja-img.com
9    151.101.194.166 (United States)

ASN54113 (FASTLY, US)
f.kinja-static.com
www.theonion.com
3    18.160.96.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-96-18.msp50.r.cloudfront.net
sb.scorecardresearch.com
1    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
5    2607:f8b0:4004:c09::64 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    151.101.2.166 (United States)

ASN54113 (FASTLY, US)
x.kinja-static.com
1    2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
19    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
15.taboola.com
match.taboola.com
imprnjmp.taboola.com
vidanalytics.taboola.com
1    2600:9000:2044:1000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
6    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
cdn.taboola.com
vidstat.taboola.com
pips.taboola.com
16    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
1    18.160.96.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-96-98.msp50.r.cloudfront.net
d24zb9qreavi2u.cloudfront.net
2    211.120.53.205 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
12    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
us-match.taboola.com
us-vid-events.taboola.com
6    23.83.76.85 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync.smartadserver.com
17    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
38    142.251.16.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
cm.g.doubleclick.net
securepubads.g.doubleclick.net
2    54.165.15.229 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-15-229.compute-1.amazonaws.com
jadserve.postrelease.com
13    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
21    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
7    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    143.244.208.184 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sid.storygize.net
9    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
21    68.67.160.75 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    63.251.86.49 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
3    44.205.97.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-97-183.compute-1.amazonaws.com
rtb.gumgum.com
9    52.22.94.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-94-120.compute-1.amazonaws.com
match.prod.bidr.io
2    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
14    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    5.161.92.137 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.137.92.161.5.clients.your-server.de
sync-dmp.mobtrakk.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
10    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
5    13.227.37.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-37-32.msp50.r.cloudfront.net
tagan.adlightning.com
3    2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
3    13.227.42.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-42-218.msp50.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700:20::681a:832 (United States)

ASN13335 (CLOUDFLARENET, US)
kinja-com.videoplayerhub.com
1    2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2600:9000:21fa:400:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
7    2606:4700:4400::6812:249b (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
1    34.202.199.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-199-100.compute-1.amazonaws.com
id.sv.rkdms.com
1    3.223.198.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-198-8.compute-1.amazonaws.com
idx.liadm.com
1    13.227.37.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-37-86.msp50.r.cloudfront.net
config.aps.amazon-adsystem.com
2    2607:f8b0:4004:c09::63 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.com
8    18.160.97.132 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-97-132.msp50.r.cloudfront.net
aax.amazon-adsystem.com
2    54.204.169.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-169-211.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    35.174.214.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-214-9.compute-1.amazonaws.com
ping.chartbeat.net
1    18.160.96.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-96-67.msp50.r.cloudfront.net
ats.rlcdn.com
1    23.218.1.25 (Mount Prospect, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-1-25.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    52.45.97.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-97-77.compute-1.amazonaws.com
hb.yellowblue.io
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    199.250.161.129 (United States)

ASN26459 (TTD-ASN-01, US)
direct.adsrvr.org
ny1-bid.adsrvr.org
1    34.231.249.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-249-50.compute-1.amazonaws.com
tlx.3lift.com
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
1    54.243.45.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-45-130.compute-1.amazonaws.com
krk2.kargo.com
1    2602:803:c002:200::52 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
1    35.211.5.82 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 82.5.211.35.bc.googleusercontent.com
grid.bidswitch.net
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.251.163.149 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f149.1e100.net
ad.doubleclick.net
7    34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com
1    2600:9000:2044:7e00:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-magiclinks.trackonomics.net
2    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
26    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    18.245.96.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-96-4.yto50.r.cloudfront.net
geo.privacymanager.io
3    2607:f8b0:4004:c1d::9d (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)
16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
3    18.204.167.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-167-253.compute-1.amazonaws.com
dpm.demdex.net
3    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
3    3.215.27.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-27-95.compute-1.amazonaws.com
sync.crwdcntrl.net
3    3.234.8.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-8-37.compute-1.amazonaws.com
ps.eyeota.net
25    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
cd.connatix.com
cds.connatix.com
ins.connatix.com
cks.connatix.com
1    23.219.8.22 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-8-22.deploy.static.akamaitechnologies.com
cs.media.net
7    18.160.96.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-96-14.msp50.r.cloudfront.net
ms-cookie-sync.presage.io
1    216.22.16.36 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
15    34.86.30.129 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 129.30.86.34.bc.googleusercontent.com
ssp.api.tappx.com
6    3.220.202.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-202-247.compute-1.amazonaws.com
match.sharethrough.com
8    23.220.124.197 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-124-197.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    54.174.197.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-197-164.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
16    23.55.205.215 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-205-215.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
9    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
22    54.147.116.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-116-174.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
3    2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
14    3.214.33.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-33-241.compute-1.amazonaws.com
usersync.gumgum.com
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
1    54.198.207.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-207-123.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    2600:1f18:4e9:5a02:2d35:9b03:a9f9:e139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
4    52.2.49.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-49-56.compute-1.amazonaws.com
sync.ipredictive.com
2    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    64.74.236.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
5    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
8    23.1.200.83 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-200-83.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    52.22.32.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-32-84.compute-1.amazonaws.com
i.liadm.com
2    18.67.39.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-39-95.yto50.r.cloudfront.net
live.rezync.com
2    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
4    35.214.220.104 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 104.220.214.35.bc.googleusercontent.com
csync.loopme.me
4    138.201.8.249 (Ergolding, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.8.201.138.clients.your-server.de
sync.richaudience.com
15    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    139.162.78.222 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1558-222.members.linode.com
s.c.appier.net
2    34.192.242.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-242-192.compute-1.amazonaws.com
ad.360yield.com
2    172.240.127.128 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    192.132.33.69 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.69.bidtellect.com
bttrack.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
6    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
6    34.204.239.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-239-76.compute-1.amazonaws.com
ads.yieldmo.com
19    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
token.rubiconproject.com
11    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    23.220.112.22 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-112-22.deploy.static.akamaitechnologies.com
contextual.media.net
17    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    34.235.189.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-189-242.compute-1.amazonaws.com
rtb.adentifi.com
2    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    63.251.28.233 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
2    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    63.251.86.50 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
1    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
hde.tynt.com
3    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
10    34.234.39.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-39-43.compute-1.amazonaws.com
cookies.nextmillmedia.com
1    2a02:6ea0:e200::2 (Ashburn, United States)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
25    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
4    23.105.12.172 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
1    3.138.212.158 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-138-212-158.us-east-2.compute.amazonaws.com
visitor.omnitagjs.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
1    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
2    38.98.69.175 (North Bergen, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
1    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
8    2606:ae80:1451:19::1400 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
prebid-match.dotomi.com
33across-match.dotomi.com
3    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    213.19.162.80 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
3    23.83.76.84 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync-global.smartadserver.com
2    35.211.233.246 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
12    147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
9    3.222.15.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-15-142.compute-1.amazonaws.com
pbs.nextmillmedia.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
5    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2600:1408:c400:29::17da:da4e (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    67.220.224.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2600:9000:26c2:ac00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
2    2600:9000:21fa:ae00:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    13.227.37.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-37-11.msp50.r.cloudfront.net
sync1.intentiq.com
1    23.222.5.138 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-5-138.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
1    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    13.227.37.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-37-59.msp50.r.cloudfront.net
choices.truste.com
2    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
12    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
cks.connatix.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
i.ctnsnet.com
1    2600:1f18:612b:4280:65cc:ec18:ffd9:693 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
connatix-supply-partners.tremorhub.com
1    13.227.37.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-37-107.msp50.r.cloudfront.net
tags.crwdcntrl.net
2    34.225.57.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-57-219.compute-1.amazonaws.com
vop.sundaysky.com
1    143.244.220.80 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.resetdigital.co
1    142.234.204.77 (Edison, United States)

ASN396362 (LEASEWEB-USA-NYC, US)
xsync.iqzone.com
1    131.153.242.59 (United States)

ASN19437 (SS-ASH, US)
id.a-mx.com
1    8.28.7.105 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
1    54.230.202.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-202-117.msp50.r.cloudfront.net
choices.trustarc.com
1    44.193.54.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-54-186.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    3.229.230.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-230-187.compute-1.amazonaws.com
usermatch.krxd.net
1    34.236.96.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-96-120.compute-1.amazonaws.com
beacon.krxd.net
Apex Domain
Subdomains		 Transfer
63 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
eus.rubiconproject.com — Cisco Umbrella Rank: 602
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
126 KB
54 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
pm-widget.taboola.com — Cisco Umbrella Rank: 3595
trc.taboola.com — Cisco Umbrella Rank: 705
ch-trc-events.taboola.com — Cisco Umbrella Rank: 3996
15.taboola.com — Cisco Umbrella Rank: 6402
sync.taboola.com — Cisco Umbrella Rank: 1322
sync-t1.taboola.com — Cisco Umbrella Rank: 1630
match.taboola.com — Cisco Umbrella Rank: 5178
vidstat.taboola.com — Cisco Umbrella Rank: 3029
pips.taboola.com — Cisco Umbrella Rank: 1694
cds.taboola.com — Cisco Umbrella Rank: 1933
imprnjmp.taboola.com — Cisco Umbrella Rank: 10650
us-match.taboola.com — Cisco Umbrella Rank: 10719
us-vid-events.taboola.com — Cisco Umbrella Rank: 10162
vidanalytics.taboola.com — Cisco Umbrella Rank: 10191
420 KB
43 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image6.pubmatic.com — Cisco Umbrella Rank: 823
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
ads.pubmatic.com — Cisco Umbrella Rank: 534
image8.pubmatic.com — Cisco Umbrella Rank: 662
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com — Cisco Umbrella Rank: 1184
ow.pubmatic.com — Cisco Umbrella Rank: 1796
59 KB
41 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
ad.doubleclick.net — Cisco Umbrella Rank: 154
306 KB
39 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
95 KB
37 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
cd.connatix.com — Cisco Umbrella Rank: 3425
cds.connatix.com — Cisco Umbrella Rank: 3536
ins.connatix.com — Cisco Umbrella Rank: 4651
cks.connatix.com — Cisco Umbrella Rank: 5071
vid.connatix.com Failed
416 KB
36 theonion.com
www.theonion.com — Cisco Umbrella Rank: 129312
349 KB
26 kinja-static.com
f.kinja-static.com — Cisco Umbrella Rank: 32070
x.kinja-static.com — Cisco Umbrella Rank: 30373
334 KB
25 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
12 KB
23 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 2448
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
cs.yellowblue.io — Cisco Umbrella Rank: 1590
10 KB
23 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
insight.adsrvr.org — Cisco Umbrella Rank: 584
direct.adsrvr.org — Cisco Umbrella Rank: 3477
ny1-bid.adsrvr.org — Cisco Umbrella Rank: 2227
15 KB
21 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
16 KB
19 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2836
pbs.nextmillmedia.com — Cisco Umbrella Rank: 3246
9 KB
19 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
lexicon.33across.com — Cisco Umbrella Rank: 1497
ssc-cms.33across.com — Cisco Umbrella Rank: 923
events-ssc.33across.com — Cisco Umbrella Rank: 1543
14 KB
17 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1589
usersync.gumgum.com — Cisco Umbrella Rank: 2098
5 KB
15 tappx.com
ssp.api.tappx.com — Cisco Umbrella Rank: 4487
8 KB
15 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
grid.bidswitch.net — Cisco Umbrella Rank: 1165
6 KB
14 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
assets.a-mo.net — Cisco Umbrella Rank: 1715
c3.a-mo.net Failed
8 KB
14 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
5 KB
14 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
htlb.casalemedia.com — Cisco Umbrella Rank: 511
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
ssum.casalemedia.com — Cisco Umbrella Rank: 1451
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
10 KB
14 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6263
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
4 KB
11 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
8 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
54 KB
11 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
tlx.3lift.com — Cisco Umbrella Rank: 572
4 KB
10 openx.net
u.openx.net — Cisco Umbrella Rank: 659
us-u.openx.net — Cisco Umbrella Rank: 522
rtb.openx.net — Cisco Umbrella Rank: 695
2 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
5 KB
9 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 440
13 KB
8 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
prebid-match.dotomi.com — Cisco Umbrella Rank: 2253
33across-match.dotomi.com — Cisco Umbrella Rank: 3517
3 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
cm.adform.net — Cisco Umbrella Rank: 1267
3 KB
7 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5555
ads.yieldmo.com — Cisco Umbrella Rank: 657
4 KB
7 presage.io
ms-cookie-sync.presage.io — Cisco Umbrella Rank: 7764
5 KB
7 ml314.com
ml314.com — Cisco Umbrella Rank: 1908
12 KB
7 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
5 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
6 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
2 KB
6 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
ap.lijit.com — Cisco Umbrella Rank: 683
4 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
2 KB
5 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
14 KB
5 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 957
ats.rlcdn.com — Cisco Umbrella Rank: 3275
idsync.rlcdn.com — Cisco Umbrella Rank: 415
id.rlcdn.com — Cisco Umbrella Rank: 728
38 KB
5 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2185
126 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
2 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
2 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1851
1 KB
4 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
1 KB
4 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
2 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com Failed
7 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 877
api.btloader.com — Cisco Umbrella Rank: 948
18 KB
3 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 886
sync1.intentiq.com — Cisco Umbrella Rank: 2801
3 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
2 KB
3 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
2 KB
3 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1605
hde.tynt.com — Cisco Umbrella Rank: 4166
3 KB
3 media.net
cs.media.net — Cisco Umbrella Rank: 1513
contextual.media.net — Cisco Umbrella Rank: 691
2 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1148
2 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
2 KB
3 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2376
i.liadm.com — Cisco Umbrella Rank: 539
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
192 KB
3 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 587
pixel.adsafeprotected.com — Cisco Umbrella Rank: 736
20 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1979
beacon.krxd.net — Cisco Umbrella Rank: 758
558 B
2 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2704
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
csm.va.us.criteo.net Failed
62 KB
2 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 496
tps.doubleverify.com Failed
104 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2529
967 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4887
967 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
693 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
1 KB
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 781
690 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
2 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
2 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
883 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
586 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 946
1 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 kinja-img.com
i.kinja-img.com — Cisco Umbrella Rank: 25419
4 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
816 B
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2315
553 B
2 storygize.net
sid.storygize.net — Cisco Umbrella Rank: 1564
570 B
2 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1122
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
2 KB
1 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 872
987 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3513
179 B
1 iqzone.com
xsync.iqzone.com — Cisco Umbrella Rank: 5639
511 B
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2782
418 B
1 tremorhub.com
connatix-supply-partners.tremorhub.com — Cisco Umbrella Rank: 10730
425 B
1 ctnsnet.com
i.ctnsnet.com — Cisco Umbrella Rank: 5849
454 B
1 truste.com
choices.truste.com — Cisco Umbrella Rank: 883
19 KB
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
648 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
557 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
516 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
64 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
10 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
657 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4024
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1617
3 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
430 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2189
18 KB
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1218
36 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 826
306 B
1 appier.net
s.c.appier.net — Cisco Umbrella Rank: 4672
392 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 988
573 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
1 KB
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3111
581 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1825
608 B
1 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 6223
28 KB
1 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 2762
468 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155
17 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1376
202 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5530
274 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1585
15 KB
1 videoplayerhub.com
kinja-com.videoplayerhub.com — Cisco Umbrella Rank: 36549
453 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
14 KB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
370 B
1 cloudfront.net
d24zb9qreavi2u.cloudfront.net
429 B
1 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 447
126 KB
1 kinja.com
kinja.com — Cisco Umbrella Rank: 30306
1 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 6204
9 KB
0 rtb.mx Failed
id.rtb.mx Failed
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 brandcdn.com Failed
ads.brandcdn.com Failed
549 124
Domain Requested by
36 www.theonion.com 1 redirects www.theonion.com
26 s.amazon-adsystem.com 2 redirects tagan.adlightning.com
s.amazon-adsystem.com
rtb.gumgum.com
ssum-sec.casalemedia.com
u.openx.net
ssp.api.tappx.com
match.sharethrough.com
sync-amz.ads.yieldmo.com
cs-server-s2s.yellowblue.io
ms-cookie-sync.presage.io
ads.pubmatic.com
onetag-sys.com
25 onetag-sys.com 4 redirects cs-server-s2s.yellowblue.io
onetag-sys.com
sync.adkernel.com
24 cm.g.doubleclick.net 17 redirects www.theonion.com
rtb.gumgum.com
u.openx.net
onetag-sys.com
s.amazon-adsystem.com
20 match.adsrvr.org 19 redirects js-sec.indexww.com
de.tynt.com
19 x.kinja-static.com www.theonion.com
x.kinja-static.com
tagan.adlightning.com
18 cks.connatix.com 1 redirects blank
17 image8.pubmatic.com 13 redirects ads.pubmatic.com
onetag-sys.com
blank
17 pixel.rubiconproject.com 10 redirects onetag-sys.com
s.amazon-adsystem.com
16 eus.rubiconproject.com s.amazon-adsystem.com
rtb.gumgum.com
eus.rubiconproject.com
ssp.api.tappx.com
cs-server-s2s.yellowblue.io
ms-cookie-sync.presage.io
cookies.nextmillmedia.com
hde.tynt.com
tagan.adlightning.com
assets.a-mo.net
16 ch-trc-events.taboola.com cdn.taboola.com
www.theonion.com
15 ssp.api.tappx.com s.amazon-adsystem.com
ssp.api.tappx.com
cookies.nextmillmedia.com
hde.tynt.com
eus.rubiconproject.com
sync.adkernel.com
15 ib.adnxs.com 12 redirects x.kinja-static.com
s.amazon-adsystem.com
14 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
eus.rubiconproject.com
14 cs-server-s2s.yellowblue.io s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
tagan.adlightning.com
14 securepubads.g.doubleclick.net www.theonion.com
securepubads.g.doubleclick.net
tagan.adlightning.com
14 x.bidswitch.net 13 redirects onetag-sys.com
12 prebid.a-mo.net cookies.nextmillmedia.com
s.amazon-adsystem.com
assets.a-mo.net
12 token.rubiconproject.com 5 redirects eus.rubiconproject.com
12 cdn.taboola.com www.theonion.com
cdn.taboola.com
11 ssc-cms.33across.com 10 redirects cookies.nextmillmedia.com
de.tynt.com
11 sync.1rx.io 11 redirects
11 capi.connatix.com 2 redirects cds.connatix.com
blank
cs-server-s2s.yellowblue.io
10 cookies.nextmillmedia.com 9 redirects ssp.api.tappx.com
10 eb2.3lift.com 6 redirects ads.pubmatic.com
cookies.nextmillmedia.com
blank
9 pbs.nextmillmedia.com cookies.nextmillmedia.com
eus.rubiconproject.com
s.amazon-adsystem.com
9 ups.analytics.yahoo.com 8 redirects onetag-sys.com
9 match.prod.bidr.io 9 redirects
9 id5-sync.com 9 redirects ssbsync.smartadserver.com
8 cs.yellowblue.io ssp.api.tappx.com
sync-amz.ads.yieldmo.com
cs-server-s2s.yellowblue.io
onetag-sys.com
eus.rubiconproject.com
8 secure-assets.rubiconproject.com 8 redirects
8 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
ssp.api.tappx.com
ms-cookie-sync.presage.io
ads.pubmatic.com
hde.tynt.com
tagan.adlightning.com
8 aax.amazon-adsystem.com c.amazon-adsystem.com
8 simage2.pubmatic.com 7 redirects www.theonion.com
8 sync.taboola.com 2 redirects www.theonion.com
7 pixel-us-east.rubiconproject.com 7 redirects
7 ms-cookie-sync.presage.io s.amazon-adsystem.com
ms-cookie-sync.presage.io
ssbsync.smartadserver.com
eus.rubiconproject.com
7 ml314.com 2 redirects www.theonion.com
ml314.com
7 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
blank
7 bh.contextweb.com 6 redirects www.theonion.com
7 f.kinja-static.com www.theonion.com
6 ads.yieldmo.com 3 redirects sync-amz.ads.yieldmo.com
6 pixel.tapad.com 4 redirects sync-amz.ads.yieldmo.com
ads.pubmatic.com
6 secure.adnxs.com 6 redirects
6 match.sharethrough.com 2 redirects s.amazon-adsystem.com
match.sharethrough.com
6 ssbsync.smartadserver.com 3 redirects www.theonion.com
ssp.api.tappx.com
ms-cookie-sync.presage.io
5 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
5 image2.pubmatic.com 5 redirects
5 ad.turn.com 5 redirects
5 c1.adform.net 5 redirects
5 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
u.openx.net
ads.pubmatic.com
5 us-u.openx.net 3 redirects u.openx.net
5 cds.connatix.com cd.connatix.com
cds.connatix.com
tagan.adlightning.com
5 16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
5 tagan.adlightning.com www.theonion.com
tagan.adlightning.com
16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
5 trc.taboola.com cdn.taboola.com
www.theonion.com
5 www.google-analytics.com www.theonion.com
www.google-analytics.com
www.googletagmanager.com
4 prebid-match.dotomi.com 4 redirects
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 ads.stickyadstv.com 4 redirects
4 sync.targeting.unrulymedia.com 4 redirects
4 sync.richaudience.com 4 redirects
4 csync.loopme.me 4 redirects
4 sync.ipredictive.com 4 redirects
3 ssum.casalemedia.com 3 redirects
3 ssbsync-global.smartadserver.com 2 redirects onetag-sys.com
3 pixel-sync.sitescout.com 3 redirects de.tynt.com
3 sync.adkernel.com ssp.api.tappx.com
sync.adkernel.com
onetag-sys.com
3 ap.lijit.com 2 redirects cookies.nextmillmedia.com
3 tpc.googlesyndication.com tagan.adlightning.com
16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
3 ps.eyeota.net 2 redirects
3 sync.crwdcntrl.net 3 redirects
3 dpm.demdex.net 2 redirects
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
tagan.adlightning.com
3 api.btloader.com kinja-com.videoplayerhub.com
3 c.amazon-adsystem.com www.theonion.com
c.amazon-adsystem.com
3 www.googletagmanager.com www.theonion.com
www.googletagmanager.com
3 u.openx.net 2 redirects s.amazon-adsystem.com
3 rtb.gumgum.com 1 redirects s.amazon-adsystem.com
rtb.gumgum.com
3 ce.lijit.com 3 redirects
3 sb.scorecardresearch.com 1 redirects www.theonion.com
2 vop.sundaysky.com 2 redirects
2 ins.connatix.com cds.connatix.com
2 assets.a-mo.net prebid.a-mo.net
assets.a-mo.net
2 static.criteo.net x.kinja-static.com
static.criteo.net
2 sync.intentiq.com 1 redirects
2 cdn.doubleverify.com 16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
tagan.adlightning.com
2 33across-match.dotomi.com 2 redirects
2 rtb.openx.net 2 redirects
2 a.sportradarserving.com 2 redirects
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 sync.mathtag.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 sync-tm.everesttech.net 2 redirects
2 de.tynt.com 1 redirects tagan.adlightning.com
2 cm.adform.net 1 redirects ssp.api.tappx.com
2 sync.go.sonobi.com 2 redirects
2 contextual.media.net cs-server-s2s.yellowblue.io
2 dis.criteo.com 1 redirects match.sharethrough.com
2 t.adx.opera.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 ad.360yield.com 2 redirects
2 p.rfihub.com 2 redirects
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 creativecdn.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
ssum-sec.casalemedia.com
2 ssum-sec.casalemedia.com s.amazon-adsystem.com
ssum-sec.casalemedia.com
2 idsync.rlcdn.com 2 redirects
2 lexicon.33across.com 1 redirects
2 ad-delivery.net
2 pixel.adsafeprotected.com x.kinja-static.com
tagan.adlightning.com
2 www.google.com tagan.adlightning.com
2 i.kinja-img.com
2 stats.g.doubleclick.net www.google-analytics.com
2 rtb.mfadsrvr.com 2 redirects
2 sync-t1.taboola.com
2 sync-dmp.mobtrakk.com 2 redirects
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 sid.storygize.net 2 redirects
2 jadserve.postrelease.com 1 redirects www.theonion.com
2 tg.socdm.com 2 redirects
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
1 beacon.krxd.net blank
1 usermatch.krxd.net 1 redirects
1 dsum.casalemedia.com 1 redirects
1 vidanalytics.taboola.com cdn.taboola.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 choices.trustarc.com 16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
1 ow.pubmatic.com s.amazon-adsystem.com
1 id.a-mx.com 1 redirects
1 id.rlcdn.com
1 xsync.iqzone.com 1 redirects
1 sync.resetdigital.co 1 redirects
1 tags.crwdcntrl.net tagan.adlightning.com
1 connatix-supply-partners.tremorhub.com 1 redirects
1 i.ctnsnet.com 1 redirects
1 ny1-bid.adsrvr.org tagan.adlightning.com
1 choices.truste.com tagan.adlightning.com
1 gum.criteo.com tagan.adlightning.com
1 hb.yahoo.net s.amazon-adsystem.com
1 sync1.intentiq.com s.amazon-adsystem.com
1 live.primis.tech 1 redirects
1 px.ads.linkedin.com s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 www.googletagservices.com 16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
1 cdn.jsdelivr.net 16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
1 image4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi 1 redirects
1 us01.z.antigena.com ads.pubmatic.com
1 sync.technoratimedia.com 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 vid.vidoomy.com ssp.api.tappx.com
1 hde.tynt.com ssp.api.tappx.com
1 rtb.adentifi.com cs-server-s2s.yellowblue.io
1 bttrack.com match.sharethrough.com
1 s.c.appier.net 1 redirects
1 pippio.com ssum-sec.casalemedia.com
1 sync.srv.stackadapt.com 1 redirects de.tynt.com
1 dsp.nrich.ai 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 ssbsync-us.smartadserver.com 1 redirects
1 cs.media.net 1 redirects
1 cd.connatix.com www.theonion.com
1 geo.privacymanager.io ats.rlcdn.com
1 cdn-magiclinks.trackonomics.net tagan.adlightning.com
1 ad.doubleclick.net
1 grid.bidswitch.net x.kinja-static.com
1 htlb.casalemedia.com x.kinja-static.com
1 fastlane.rubiconproject.com x.kinja-static.com
1 krk2.kargo.com x.kinja-static.com
1 bidder.criteo.com x.kinja-static.com
1 tlx.3lift.com x.kinja-static.com
1 direct.adsrvr.org x.kinja-static.com
1 hbopenbid.pubmatic.com x.kinja-static.com
1 hb.yellowblue.io x.kinja-static.com
1 cdn-ima.33across.com tagan.adlightning.com
1 secure.cdn.fastclick.net tagan.adlightning.com
1 ats.rlcdn.com tagan.adlightning.com
1 ping.chartbeat.net
1 config.aps.amazon-adsystem.com tagan.adlightning.com
1 idx.liadm.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 us-vid-events.taboola.com
1 us-match.taboola.com vidstat.taboola.com
1 imprnjmp.taboola.com vidstat.taboola.com
1 insight.adsrvr.org 1 redirects
1 static.chartbeat.com www.theonion.com
1 btloader.com
1 kinja-com.videoplayerhub.com 1 redirects
1 js-sec.indexww.com www.theonion.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 vidstat.taboola.com cdn.taboola.com
1 match.taboola.com
1 trace.mediago.io 1 redirects
1 d24zb9qreavi2u.cloudfront.net www.theonion.com
1 15.taboola.com cdn.taboola.com
1 static.adsafeprotected.com www.theonion.com
tagan.adlightning.com
1 imasdk.googleapis.com www.theonion.com
cds.connatix.com
1 kinja.com www.theonion.com
1 cdn.speedcurve.com www.theonion.com
0 csm.va.us.criteo.net Failed gum.criteo.com
0 id.rtb.mx Failed assets.a-mo.net
0 tps.doubleverify.com Failed tagan.adlightning.com
0 vid.connatix.com Failed cds.connatix.com
0 mug.criteo.com Failed
0 match.adsby.bidtheatre.com Failed s.amazon-adsystem.com
0 c3.a-mo.net Failed s.amazon-adsystem.com
0 ads.brandcdn.com Failed tagan.adlightning.com
549 213

This site contains no links.

Subject Issuer Validity Valid
*.avclub.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-02 -
2024-09-02		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-19 -
2024-05-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
rkdms.com
Amazon RSA 2048 M03		 2023-10-04 -
2024-11-01		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-10-10 -
2024-01-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
event-horizon.gcp.bomm.in
GTS CA 1D4		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.trackonomics.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-17 -
2024-12-17		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
connatix.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
*.ogury.co
Amazon RSA 2048 M01		 2023-07-19 -
2024-08-16		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
ssp.api.tappx.com
R3		 2023-10-19 -
2024-01-17		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-10-06		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
pbs.nextmillmedia.com
Amazon RSA 2048 M01		 2023-06-13 -
2024-07-12		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.truste.com
Amazon RSA 2048 M02		 2023-11-18 -
2024-12-15		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2023-04-17 -
2024-05-14		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh

This page contains 79 frames:

Primary Page: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Frame ID: C5750C79E449D8B9EDCC87825570F9EB
Requests: 221 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZV9VZMCo5uYAALKMH-cAAAAA
Frame ID: FC1468B60A4537A25608AB349595535E
Requests: 16 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66629203&crid=6966598&dast=V8_tECLAYkdOxnpYjNARFI6NjPShGbAyoAAABgYID-AEkZNwvbZrFZ6xa-2Vo0GYzWEtvI41atNsbhbrLxDAazISCRyXC0MplGa9XEOVuLFp6VW-EwWdYy23I1s5hcLttuMQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yh6XT4XPd63e93Fx1dfrvTb7dr_G6_5vQ6Od8yp93keYuddq9b4jL9Xi67W2R3uBV2k1vjsNsdFqfnrTCZnB7T0293K4arxWC0Wc02cwAAAADwAECtyQjCDyAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIABYIFZUgPA-AYBZ5ZDgvw9Rpfn9LL8AwDAAwQIAAABDBIACP08JQBkSARPAAAAAAAAAACw-P___48xgO86JYOA4Aq2B8CDD4AHIgRrRRgBAAAAAEvINzkySSeoWFQBACBItwJwBQAgYJG_zNEwDAAAQMCYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEIseuFphDc9cNX8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBwORYTy2izMgxnI9dg4_INlwuTazcZbgaz2WS3PSz1AjlclXRgfUKEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQcmHyLXeLtWQws7lFM8vCLbGMTGvZxrcY-VbGlWHlcYteH9PHNRw5XJ4tEgyI2ovgIp3o_G6XyelwrEVHl9_u9NstYonmZJFOZJd9w-VYTCyjzcownI1cg43LN1wuTK7dZLgZzGaT3b60XJh8y91iLRnMbG7RzLJwSywj01q28S1GvpVxZVh53KLXx_RxDUcOl2ff2A0Gu9FstVztG7vBYDearZarfYfO8F19zkZrTHz56Cxr2fXntzkNCpfB4p0WLdLW4egz6ry2ibB0FOZcE6vKd_EaFJ6DxzRzDh-e82Xbc5au3YNREUsEp4t0InoZTxexRPK0SCfKwcJjmDhnw9XG5XH4Fp7ZzGJYDjfLhW1jshgGE7FEabpIJ3rN6XVyvmVOu8nzFjvtXrfEZfq9XHa3yO5wK-wmt8ZhtzssTs9bYTI5Paan3-5WDFeLwWizmm0m6j9ayNlcOZeMlnPNcJUAAAAAAAAAACzBJNNNAAAAAJwMarhcLGbLBXDhSabrZ3xv8Gmu92nXvvMlTnP8Q0-xxh6LOL_bZXI6HGvR0eW3O_12KwO48LRitplnBLFWq2UNAABAABsAAIAAN914E3BmydkHBDV_rdADR8qPIIez0f4BqBBrtVo-X6zVagn8____Bw!&cmcv=&pix=undefined&cb=1700746596711&uv=3359&tms=1700746596711&abt=adxsub-out_vA!adxsub-out_vB!mprdct01val_vA!ufm_vE!uftchrwf_vC!unf_vC&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=e83a6313-7a76-4204-b6dc-55c8872c3006&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: E4F3CCC548F59E3888FEA8CA328F3183
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V8_tECLAYkdOxnpYjNARFI6NjPShGbAyoAAABgYID-AEkZNwvbZrFZ6xa-2Vo0GYzWEtvI41atNsbhbrLxDAazISCRyXC0MplGa9XEOVuLFp6VW-EwWdYy23I1s5hcLttuMQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yh6XT4XPd63e93Fx1dfrvTb7dr_G6_5vQ6Od8yp93keYuddq9b4jL9Xi67W2R3uBV2k1vjsNsdFqfnrTCZnB7T0293K4arxWC0Wc02cwAAAADwAECtyQjCDyAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIABYIFZUgPA-AYBZ5ZDgvw9Rpfn9LL8AwDAAwQIAAABDBIACP08JQBkSARPAAAAAAAAAACw-P___48xgO86JYOA4Aq2B8CDD4AHIgRrRRgBAAAAAEvINzkySSeoWFQBACBItwJwBQAgYJG_zNEwDAAAQMCYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEIseuFphDc9cNX8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBwORYTy2izMgxnI9dg4_INlwuTazcZbgaz2WS3PSz1AjlclXRgfUKEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQcmHyLXeLtWQws7lFM8vCLbGMTGvZxrcY-VbGlWHlcYteH9PHNRw5XJ4tEgyI2ovgIp3o_G6XyelwrEVHl9_u9NstYonmZJFOZJd9w-VYTCyjzcownI1cg43LN1wuTK7dZLgZzGaT3b60XJh8y91iLRnMbG7RzLJwSywj01q28S1GvpVxZVh53KLXx_RxDUcOl2ff2A0Gu9FstVztG7vBYDearZarfYfO8F19zkZrTHz56Cxr2fXntzkNCpfB4p0WLdLW4egz6ry2ibB0FOZcE6vKd_EaFJ6DxzRzDh-e82Xbc5au3YNREUsEp4t0InoZTxexRPK0SCfKwcJjmDhnw9XG5XH4Fp7ZzGJYDjfLhW1jshgGE7FEabpIJ3rN6XVyvmVOu8nzFjvtXrfEZfq9XHa3yO5wK-wmt8ZhtzssTs9bYTI5Paan3-5WDFeLwWizmm0m6j9ayNlcOZeMlnPNcJUAAAAAAAAAACzBJNNNAAAAAJwMarhcLGbLBXDhSabrZ3xv8Gmu92nXvvMlTnP8Q0-xxh6LOL_bZXI6HGvR0eW3O_12KwO48LRitplnBLFWq2UNAABAABsAAIAAN914E3BmydkHBDV_rdADR8qPIIez0f4BqBBrtVo-X6zVagn8____Bw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: B979CE976F78ED1AD4E3EC823C9E65E3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&dcc=t
Frame ID: 6A5DAABBFFCA6EA2AA60B0CA6420A417
Requests: 1 HTTP requests in this frame

Frame: https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BFFFD85320C739ADBACFE7FFABA329AC
Requests: 1 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js?cid=a2d35740-1866-416b-92dc-399b9121b597
Frame ID: 7AFC0D676A37C2603F46029CCFD07835
Requests: 18 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 95E8D95FAF73BF3356B96F56711B5C5F
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 3694F56F60609DAF08731F3DD1A8110F
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 88CDE54EF622006C8763716BA7BECFC2
Requests: 10 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Frame ID: 31A5CCE029CE42779E9291F9785B0726
Requests: 7 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: AA4FB97F44B3910ACB2DAA788A733D07
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1520263800190791698&gdpr=0&gdpr_consent=
Frame ID: 0EF39227F523C893D13E6B587AA4E196
Requests: 1 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Frame ID: 8A9AEFEA18BBB520DA96C3CBBA578C2E
Requests: 13 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 4011B906EEE6445F7DCE804B81393254
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: FE71E2A64D94A0D39D7B160F7BB858B3
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: F9DA28299B7C19D4F38352F76952DC49
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 54C5499156CEFDD6F6B63E13AFF34647
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS10OXhYeG9sRTJ1TDZ4SkVjMWJrWGhFd2J3MVpRTHI0Yn5B
Frame ID: 43BDF5DF13715F081BA35B156A146751
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=5965519997845925682&ex=appnexus.com
Frame ID: 2E582AC15AD186E1E7EEA1C91AEF7064
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Frame ID: 77B93B01AB7B49C683E343B204586090
Requests: 16 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=659112826076576016317
Frame ID: 2132AC358D3710E653F093C4C601D363
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=5395937650229903807&gdpr=&gdpr_consent=
Frame ID: 89FDEE316606EE572938C1AD9DDFD812
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jNzk5ZDFmNC01YjM4LTRhOTYtOWFkNS1mZGEyMTg1ODM1ZGQ=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: DF69FA6240042B4A088033A277D3EBA5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 919C018B03B7FAC3C29351CA2F2E3061
Requests: 13 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
Frame ID: BA627E5FDB2522A3F7E57D1136254C87
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZV9VZMCo5uYAALKMH-cAAAAA
Frame ID: 1CF87B203E210505D245CFBA7DF19A33
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=f3S2S0BxxNDBzSAhNI25g0Mp3egngjIIvfJZlCO4SrI&pi=gumgum&tc=1
Frame ID: 1AAB10FC5BCBC541E30D407B7FCC1AE0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 6F34D349BA4441B65923169532EEE2D7
Requests: 4 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D50%26type%3Diframe%26id%3D%24UID%26auxuid%3D
Frame ID: 56748FAFCC058C59E4F409B8CECEAC71
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Frame ID: 09BEC2D2B475E1D0078110B12A532043
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Frame ID: 75BEA1B11E5112948EAEA792F21237C9
Requests: 4 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HtFwhRZHc4ldxZ4dTD-iUtLg&auxuid=
Frame ID: 291103FF7FAF8DE6B0C945A6E9A359D9
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
Frame ID: 0DC84906E7ED77D68D7524669F51650F
Requests: 6 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=1111&type=iframe&id=A387348083428015618&auxuid=
Frame ID: AF4089A73026343BB582FA978A682921
Requests: 3 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Frame ID: 8A873CCB84E3EF05CD2D7589172CC65A
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D380%26type%3Diframe%26id%3D%7B%7BVID%7D%7D%26auxuid%3D
Frame ID: 0A302ADE8FFA1FC80D227FC2C30C4D61
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: ABE6C36EF4973B00FAD698A04C768A68
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 358802E13344E0EEC5977C6F9624F103
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Frame ID: 0E036B6B07180072B6D780699F6516D3
Requests: 4 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Frame ID: 19A31ECEC78592A6D603520AC0C29A19
Requests: 6 HTTP requests in this frame

Frame: https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C326B2E2A9CA7A81634D2C6BA5D57EE0
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=71A53502-0352-4DDA-BC37-6369BFD775C2&redir=true&gdpr=0&gdpr_consent=
Frame ID: 7F285109076E0D26AFBDB6EF8E65799A
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
Frame ID: 41D7298179477A5FE2622C6E04F05C25
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 301EE6B0FA1762223671CDDED9E738B4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=71A53502-0352-4DDA-BC37-6369BFD775C2
Frame ID: E6CA8DC5039B728E363F3C268A8E6E21
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 87D2AB0BEF18884AD6948B127E943D61
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FAE433AF04FFB747C73817B134434289
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Frame ID: 5D0AEDA5CEE4BAB188EF32F14FF871C5
Requests: 17 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=1060&type=iframe&id=&auxuid=
Frame ID: A9C681887BD09AA9511C63B626162B8A
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Frame ID: 02E45C47EACCC782C934FB6F7E716C12
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24UID
Frame ID: 993CA6D8DC01798B3F1161EFFC71C5FB
Requests: 19 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5965519997845925682
Frame ID: 1E6CE1F061362E682FB0D1C1DB343675
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8
Frame ID: D616B2450ACCF253BDFFEB4F32DB46DB
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZV9VZf8jDOcP96AbbzfkBwAA&1434
Frame ID: A0E189F2C371980A164513509F8E1C07
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=7e5c97a5-6a6a-4c79-a636-1ad4942b5056
Frame ID: B61239F057C6335D63A0D973DABBCC88
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=883c4ab6-26e1-0526-2650-2307920763a0
Frame ID: D45FB0EBC5E5AA1744E7B450188ADAAF
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=71A53502-0352-4DDA-BC37-6369BFD775C2
Frame ID: 141551534CC445812CE6AEC13689370D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Frame ID: DD3CE922A8A1E9101896281A4854A269
Requests: 4 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24UID
Frame ID: DF71EA237D86634474B03D1CDE6AEC20
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy={{US_PRIVACY}}&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24UID
Frame ID: 20C073270E882D381044E21664C59786
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=3F30DVV880VBCWyYXWKp
Frame ID: D2A6BC5A7FBB38F23D84D44C6B18DC9D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 82BB2BA5EF7C849DE9364C350840528D
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 4FD891169972CA596CEBD2D3E8678EFA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Frame ID: F813922CD62111DE76C5C2AD5D2B6883
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
Frame ID: 1F399985685AE81D693D0A0A7BECE89C
Requests: 4 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931294&campId=1x1&pubId=5282684063&chanId=22443057970&placementId=6249408446&pubCreative=138425937821&pubOrder=3169522532&cb=1076801462&adsafe_par&impId=5340f6ff-8a05-11ee-a94c-0a1c55ec3143&custom2=top&custom3=&custom4=american-voices&custom5=top-01
Frame ID: BF92217BEA8F6F6EA99A841280C3C284
Requests: 2 HTTP requests in this frame

Frame: https://ads.brandcdn.com/html/7089951_728x90_63a35f0fbdd69.html?fas_c=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D5a18a223-56f6-481c-bd7f-3dedf484952f%26ag%3Ds4ihwt5%26sfe%3D1796d565%26sig%3DFRRd9G-nVtgMfwi3O0hoYOcf93aod4nAq4kACstUKoI.%26crid%3D4cafjgm0%26cf%3D4404119%26fq%3D0%26t%3D1%26td_s%3Dwww.theonion.com%26rcats%3D%26mste%3Dtheonion.com%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dgomedia%26uhow%3D104%26agsa%3D%26wp%3D0.65%26rgz%3D14202%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D1%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D4.760000000000048%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCg1Vbml0ZWQgU3RhdGVzEghOZXcgWW9yaxoDNTE0IgdCdWZmYWxvOAFQAYABAIgBAZABALABALoBBAhBGASSAhdmbWcub25pb24vYXJ0aWNsZS8xL3RvcNgCiA7gAogO-AIBgAMBiAMDkAMBmAMEoAM9uAP40AQ.%26dur%3DCkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQpICiFjaGFyZ2UtYWxsTW9hdFZpZXdhYmlsaXR5VHJhY2tpbmciIwil__________8BEg5tb2F0LXJlcG9ydGluZyoGCKCNBhgM%26durs%3DA8szsB%26crrelr%3D%26npt%3D%26fpa%3D929%26pcm%3D3%26ict%3DUnknown%26said%3D59604c1a536853%26auct%3D1%26us_privacy%3D1YNY%26tail%3D1%26r%3D&oid=7813216&fas_m=16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com&fas_r=16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com&impid=5a18a223-56f6-481c-bd7f-3dedf484952f
Frame ID: 97716584F16840ADA5271A38D725EE98
Requests: 1 HTTP requests in this frame

Frame: https://choices.truste.com/ca?pid=brandcdn01&aid=brandcdn01&cid=0701&c=brandcdn01cont2&w=728&h=90
Frame ID: 6314EDCA8B46B57CF7801DFE9E6273B0
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4951.js
Frame ID: 6108FA292F909E5CB00099FE9CF72447
Requests: 2 HTTP requests in this frame

Frame: https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 585F25C79C16EDEACAC89DC6E48206D7
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Frame ID: DDBB8C1E8F439AC3C319F758A32CB4E0
Requests: 2 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D1cdad28202b44ab296a78c54a72058de%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0
Frame ID: 96A24CFCEEF2B7E045FE1683925D890B
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1cdad28202b44ab296a78c54a72058de%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Frame ID: A07383C692F8E4C64AD0677B349C89C4
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d1cdad28202b44ab296a78c54a72058de%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Frame ID: 0C358D185FE6654D3F7C3691FB8D9D7B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Frame ID: 422EBB386AD043AF0371E5326678529F
Requests: 2 HTTP requests in this frame

Frame: https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 20A5CA3E4C79477D038B45DEBE05D51A
Requests: 1 HTTP requests in this frame

Frame: https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 801BA3D66C6DFF5D10C5A5F8DFDE6C44
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?us_privacy=&ts=1700746599476.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D
Frame ID: 2E9720E10A41E9F74D445EEF08A954E2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

549
Requests

63 %
HTTPS

18 %
IPv6

124
Domains

213
Subdomains

127
IPs

11
Countries

3173 kB
Transfer

9875 kB
Size

272
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://www.theonion.com/undefined HTTP 301
  • https://www.theonion.com/
Request Chain 28
  • https://sb.scorecardresearch.com/b?c1=2&c2=6770184&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700746595408&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&c8=Study%20Finds%20Link%20Between%20DNA%20And%20Cannabis%20Addiction&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700746595408&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&c8=Study%20Finds%20Link%20Between%20DNA%20And%20Cannabis%20Addiction&c9=
Request Chain 51
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZV9VZMCo5uYAALKMH-cAAAAA
Request Chain 53
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LPB8M0BO-E-37IV
Request Chain 54
  • https://trace.mediago.io/ju/cs/taboola HTTP 302
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1b7de7e8c21423022jb8kt00lpb8m0ch
Request Chain 55
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENn99p5oKUDQIXyjUQ9df9g&google_cver=1
Request Chain 58
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3
Request Chain 59
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
Request Chain 61
  • https://sid.storygize.net/ccm/8a5f7a0b-b1ad-46dc-a085-63906ab7b98c HTTP 302
  • https://sid.storygize.net/csr?r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstorygize-network%2F1%2Frtb-h%3Ftaboola_hm%3D95314614-9b3c-448a-ae24-dfbbdcdac958 HTTP 302
  • https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=95314614-9b3c-448a-ae24-dfbbdcdac958
Request Chain 62
  • https://id5-sync.com/s/464/9.gif?puid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F464%2F2%2F6%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/2/6/2.gif?puid=5965519997845925682&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F1244%2F5%2F3.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F1244%2F5%2F3.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5&dnr=1 HTTP 302
  • https://id5-sync.com/c/464/1244/5/3.gif?puid=HtFwhRZHc4ldxZ4dTD-iUtLg&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/441/4/4.gif?puid=u_c799d1f4-5b38-4a96-9ad5-fda2185835dd&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAAWOk7KvqsAABKdyZEUAg&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&ttl=%%TTL%% HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=5965519997845925682&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F1246%2F1%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/464/1246/1/7.gif?puid=HtFwhRZHc4ldxZ4dTD-iUtLg&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F0%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/429/0/8.gif?puid=71A53502-0352-4DDA-BC37-6369BFD775C2&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ee80AvH94oJ4u5hAbjVXQ8GWEr6Lkcw1rWp30FAN4w
Request Chain 63
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=taboola&bsw=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=taboola&bsw=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=MTAxOGY1MWQyNzg4ZWIxNw&gdpr=0&gdpr_consent=&us_privacy=&ssp=taboola&bsw_param=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 64
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=2c04ab40-49db-462f-8fb7-e222430fb4d8 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=2c04ab40-49db-462f-8fb7-e222430fb4d8&tbid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&query=taboola_hm%3D2c04ab40-49db-462f-8fb7-e222430fb4d8&isDirect=0
Request Chain 65
  • https://eb2.3lift.com/xuid?mid=7772&xuid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 66
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=36d8265a-757f-0798-3f72-e294b2210599
Request Chain 117
  • https://kinja-com.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=kinja-com&upapi=true
Request Chain 119
  • https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZjNlM2U0ZTQtYWE0ZS00YzkwLWFiZjctZWU4ODE0ZTkzNzRi&gdpr=0&gdpr_consent=&ttd_tdid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&google_gid=CAESENdeewX2PvsdctHvkQNFVhM&google_cver=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&expiration=1703338596&gdpr=0&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&expiration=1703338596&gdpr=0&gdpr_consent=&C=1
Request Chain 174
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002e4dyMAAQ&src=aps&ver=1.2.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002e4dyMAAQ&src=aps&ver=1.2.0&b=1&g=AE4kAaML0Y3DEZuQXkXCrgMhYBeGKHEJlHYbHnB%2FCvo%3D
Request Chain 178
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&dcc=t
Request Chain 188
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3640140528887529519&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3640140528887529519&redir=
Request Chain 189
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3640140528887529519 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0MDE0MDUyODg4NzUyOTUxORAAGg0I5ar9qgYSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=9e489814dc1f587b838a1c821e49a2b26dd5b63397e66ca19e057f8ef8e3710df4cb09cee1a4f8eb&person_id=3640140528887529519&eid=50082
Request Chain 190
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
Request Chain 191
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3640140528887529519 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3640140528887529519 HTTP 302
  • https://ml314.com/csync.ashx?fp=c3ccbfed6496b580c65721ec6c55ef32&eid=50146&person_id=3640140528887529519
Request Chain 192
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2dY6hE-yDvmcp5oROlnK150peziJiBqF7zHareo5XJHQ&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
  • https://ml314.com/csync.ashx?fp=2dY6hE-yDvmcp5oROlnK150peziJiBqF7zHareo5XJHQ&person_id=3640140528887529519&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Request Chain 196
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3437481986634230000V10
Request Chain 197
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=db6a8b0a-bdfb-46e8-9ff3-da85b7ab6ce8
Request Chain 202
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1520263800190791698&gdpr=0&gdpr_consent=
Request Chain 208
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS10OXhYeG9sRTJ1TDZ4SkVjMWJrWGhFd2J3MVpRTHI0Yn5B
Request Chain 209
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=5965519997845925682&ex=appnexus.com
Request Chain 211
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=659112826076576016317
Request Chain 214
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5965519997845925682
Request Chain 215
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_c799d1f4-5b38-4a96-9ad5-fda2185835dd&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=32886513-7f4a-469c-86f0-9c6a3a50af00&expires=1&user_group=5&ssp=gumgum2&bsw_param=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=&gdpr_consent=&us_privacy=
Request Chain 216
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=46df6109-b76b-0e99-2aa7-f3ffdb0ca06b
Request Chain 217
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38
Request Chain 218
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-jgsFizhE2pdVjVxlEFPuCN2XY_7exbt0swFH~A
Request Chain 219
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=72374bf9-0da0-4f2c-a88a-08aa198513d1
Request Chain 221
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_c799d1f4-5b38-4a96-9ad5-fda2185835dd&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=u_c799d1f4-5b38-4a96-9ad5-fda2185835dd&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=IJKr-MNp3ZvAgzNvsqEw
Request Chain 222
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=0lkYl0LklrOt&ev=1&pid=558355
Request Chain 223
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1520263800190791698
Request Chain 225
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=5395937650229903807&gdpr=&gdpr_consent=
Request Chain 228
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
Request Chain 229
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZV9VZMCo5uYAALKMH-cAAAAA
Request Chain 230
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=f3S2S0BxxNDBzSAhNI25g0Mp3egngjIIvfJZlCO4SrI&pi=gumgum&tc=1
Request Chain 231
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV9VZf8jDOcP96AbbzfkBwAABZoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEH0linWtPGUphwrFdQQP504&google_cver=1
Request Chain 234
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZV9VZf8jDOcP96AbbzfkBwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOhRJCZAkYMrHwPv5Nl4Bbw&google_cver=1
Request Chain 235
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV9VZf8jDOcP96AbbzfkBwAA%261434&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=492e2545-4cdc-4552-a7e2-a2f073bfbbb3 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=28e8594e-12c5-438f-aee8-514a9389362e%3A1700746598.274225&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D28e8594e-12c5-438f-aee8-514a9389362e%253A1700746598.274225%26pid%3D500040%26it%3D1%26iv%3D28e8594e-12c5-438f-aee8-514a9389362e%253A1700746598.274225%26_%3D1700746598.2764926&cb=1700746598.276534 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968907272543872689&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D28e8594e-12c5-438f-aee8-514a9389362e%253A1700746598.274225%26pid%3D500040%26it%3D1%26iv%3D28e8594e-12c5-438f-aee8-514a9389362e%253A1700746598.274225%26_%3D1700746598.2764926 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=28e8594e-12c5-438f-aee8-514a9389362e%3A1700746598.274225&pid=500040&it=1&iv=28e8594e-12c5-438f-aee8-514a9389362e%3A1700746598.274225&_=1700746598.2764926 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1700746598.2764926&iv=28e8594e-12c5-438f-aee8-514a9389362e:1700746598.274225
Request Chain 237
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=9047554035501915527&expiration=1701956198
Request Chain 239
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5965519997845925682
Request Chain 244
  • https://match.adsrvr.org/track/cmf/openx?oxid=b1e2c579-9f7e-36cf-4ddc-e312135ca12d&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&ttd_puid=b1e2c579-9f7e-36cf-4ddc-e312135ca12d&gdpr=0&gdpr_consent=
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENQvXeh9QtvNcvXQEjEGmUg&google_cver=1
Request Chain 249
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D32%26type%3Diframe%26id%3D%24UID%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=32&type=iframe&id=5965519997845925682&auxuid=
Request Chain 250
  • https://csync.loopme.me/?pubid=11227&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D109%26type%3Diframe%26id%3D%7Bdevice_id%7D%26auxuid%3D HTTP 307
  • https://ssp.api.tappx.com/cs/usync?idmn=109&type=iframe&id=604ca7de-8027-4646-8063-3767ab6a977a&auxuid=&gdpr_consent=null&gdpr=0
Request Chain 252
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=skJudSCZ30&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D108%26type%3Diframe%26id%3D%5BPDID%5D%26auxuid%3D HTTP 302
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=skJudSCZ30&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D108%26type%3Diframe%26id%3D%5BPDID%5D%26auxuid%3D&rd=1 HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=108&type=iframe&id=d0b88fd7-2313-43b7-83c8-1zz1700746585&auxuid=
Request Chain 253
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3D%5BRX_UUID%5D%26auxuid%3D HTTP 302
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3D%5BRX_UUID%5D%26auxuid%3D&cb=1700746598128 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=21327353 HTTP 302
  • https://sync.1rx.io/usersync/turn/8968903625304496429?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-905b5109-b08e-4801-96f3-68aa3693ea87-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-905b5109-b08e-4801-96f3-68aa3693ea87-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005
Request Chain 254
  • https://match.sharethrough.com/universal/v1?supply_id=49574e61&gdpr=0&gdpr_consent=&tappx=1 HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=80&id=2775a971-6181-4c64-be1d-a2861ce7f36f&gdpr=0
Request Chain 255
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D28%26type%3Diframe%26id%3D%24UID%26auxuid%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=28&type=iframe&id=659112826076576016317&auxuid=
Request Chain 256
  • https://s.c.appier.net/tappx HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=728&id=k-Olyo6lCzakzPPjZlVfZQ
Request Chain 257
  • https://ad.360yield.com/server_match?partner_id=1934&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D253%26type%3Diframe%26id%3D%7BPUB_USER_ID%7D%26auxuid%3D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1934&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D253%26type%3Diframe%26id%3D%7BPUB_USER_ID%7D%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=253&type=iframe&id=0087d201-0a94-499d-8070-181696fff66c&auxuid=
Request Chain 258
  • https://ads.betweendigital.com/match?bidder_id=43929&callback_url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D724%26type%3Diframe%26id%3D%24%7BUSER_ID%7D%26auxuid%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43929&callback_url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D724%26type%3Diframe%26id%3D%24%7BUSER_ID%7D%26auxuid%3D&crf=1&rts=-8150587698844000563 HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=724&type=iframe&id=18d83ebd-abf7-5347-b165-4806d43a1d60&auxuid=
Request Chain 259
  • https://t.adx.opera.com/pub/sync?pubid=pub6192414557248&gdpr=0&consent=&us_privacy={{US_PRIVACY}} HTTP 302
  • https://ssp.api.tappx.com/cs/usync?consent=&gdpr=0&id=OPUd3f1c928ded74fb388bc782ca51b6572&idmn=1135&us_privacy=%7B%7BUS_PRIVACY%7D%7D
Request Chain 262
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=Mjc3NWE5NzEtNjE4MS00YzY0LWJlMWQtYTI4NjFjZTdmMzZm HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 267
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3F30DVV880VBCWyYXWKp HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3F30DVV880VBCWyYXWKp HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a3086665-47d6-49d0-ba6d-402927fddd3e%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&ttd_puid=a3086665-47d6-49d0-ba6d-402927fddd3e%2C%2C
Request Chain 268
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1700746598130 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3876515211 HTTP 302
  • https://sync.1rx.io/usersync/turn/9185076407418280237?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-905b5109-b08e-4801-96f3-68aa3693ea87-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-905b5109-b08e-4801-96f3-68aa3693ea87-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005
Request Chain 269
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=5965519997845925682&pn_id=an
Request Chain 270
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LPB8M0BO-E-37IV
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEDiQz_3iRL52HfcVog1IMHo&google_cver=1
Request Chain 272
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=2775a971-6181-4c64-be1d-a2861ce7f36f&gdpr=0
Request Chain 273
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212354975239421
Request Chain 274
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=5965519997845925682&gdpr=0&gdpr_consent=
Request Chain 276
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3F30DVV880VBCWyYXWKp&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 277
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=72374bf9-0da0-4f2c-a88a-08aa198513d1&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Request Chain 278
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11600&id=1520263800190791698&gdpr=0&gdpr_consent=
Request Chain 279
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=59e2d9ef-4891-0b8a-069b-bf8032f5756e
Request Chain 280
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=8ad7315b-ac9b-4399-b1f5-5c9722c9ea70
Request Chain 281
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=7e5c97a5-6a6a-4c79-a636-1ad4942b5056&gdpr_consent=null&gdpr=0
Request Chain 282
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8
Request Chain 283
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1700746598137 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=983589744 HTTP 302
  • https://sync.1rx.io/usersync/turn/2987841845179767085?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-905b5109-b08e-4801-96f3-68aa3693ea87-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-905b5109-b08e-4801-96f3-68aa3693ea87-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005
Request Chain 284
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=bd9676847ce152021c622d16cba02c&gdpr_consent=&gdpr=0
Request Chain 285
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=0lkYl0LklrOt&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Request Chain 289
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=tappx&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Request Chain 290
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D13%26type%3Diframe%26id%3D%24UID%26auxuid%3D HTTP 307
  • https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HtFwhRZHc4ldxZ4dTD-iUtLg&auxuid=
Request Chain 291
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
Request Chain 295
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 303
  • https://t.adx.opera.com/pub/sync?pubid=pub9858090441216&gdpr=0&consent=undefined HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?consent=undefined&gdpr=0&gdpr_consent=&opera_id=OPUd470c2a509dc4e4eb60a0cab3891e2dd
Request Chain 304
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=undefined&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26gdpr_consent%3Dundefined HTTP 302
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=undefined&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26gdpr_consent%3Dundefined&rd=1 HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?raudience_id=d0b88fd7-2313-43b7-83c8-1zz1700746585&gdpr=0&gdpr_consent=undefined
Request Chain 308
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Request Chain 312
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D200784%26dsp%3D541704%26t%3Dimage%26uid%3D%24UID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=200784&dsp=541704&t=image&uid=5965519997845925682
Request Chain 315
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ee80AvH94oJ4u5hAbjVXQ8GWEr6Lkcw1rWp30FAN4w&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/8/2.gif?puid=1520263800190791698&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/102/10/7/3.gif?puid=9047554035501915527&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ee80AvH94oJ4u5hAbjVXQ8GWEr6Lkcw1rWp30FAN4w&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F6%2F4.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/6/4.gif?puid=1520263800190791698&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F5%2F5.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/123/5/5.gif?puid=18bfc6595d9-74900000010a5def&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F4%2F6.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/104/4/6.gif?puid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/112/3/7.gif?puid=1A453196640F0FE9&gdpr=0&gdpr_consent=
Request Chain 316
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5965519997845925682&gdpr=0&gdpr_consent=
Request Chain 317
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=b1909214b92eb6624c0b7b606f679127&gdpr=0&gdpr_consent=0
Request Chain 318
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZV9VZgAByG6BTABH HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZV9VZgAByG6BTABH&gdpr=0&gdpr_consent=&_test=ZV9VZgAByG6BTABH
Request Chain 319
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LPB8M0BO-E-37IV HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LPB8M0BO-E-37IV&ex=d-rubiconproject.com&status=ok
Request Chain 321
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5965519997845925682&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
Request Chain 322
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBV09rN0t2cXNBQUJLZHlaRVVBZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAAWOk7KvqsAABKdyZEUAg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAWOk7KvqsAABKdyZEUAg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAAWOk7KvqsAABKdyZEUAg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1520263800190791698&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAAWOk7KvqsAABKdyZEUAg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D1520263800190791698%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=1520263800190791698&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAWOk7KvqsAABKdyZEUAg&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 324
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=caU1AgNSTdq8N2Npv9d1wg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 325
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=71A53502-0352-4DDA-BC37-6369BFD775C2 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Da3086665-47d6-49d0-ba6d-402927fddd3e%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5965519997845925682&pt=a3086665-47d6-49d0-ba6d-402927fddd3e%2C%2C
Request Chain 328
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzFBNTM1MDItMDM1Mi00RERBLUJDMzctNjM2OUJGRDc3NUMy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
Request Chain 329
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEk3I9jakdWYA3zYDSZRwBg&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
Request Chain 330
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2140A94FBC324532807E7B743EE659A3 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10C999B5C_2112C74E&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 331
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
Request Chain 332
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=71A53502-0352-4DDA-BC37-6369BFD775C2&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-aZUphCFE2uWlrPP27KuoHQStPEr_9No-~A&gdpr=0
Request Chain 334
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=71A53502-0352-4DDA-BC37-6369BFD775C2&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1b827c6c8c01489&is_secure=true&networkId=17100&version=1&nuid=71A53502-0352-4DDA-BC37-6369BFD775C2&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHS7AGDgcmPAM9lSz2AAAAAAA&expiration=1700832998&nuid=71A53502-0352-4DDA-BC37-6369BFD775C2&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2987841845179767085&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9047554035501915527 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 337
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=70e7655f-5566-4d00-b5b0-5ec6fb1ffda0&gdpr=0&gdpr_consent=
Request Chain 338
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LPB8M0BO-E-37IV&gdpr=0
Request Chain 339
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5965519997845925682
Request Chain 340
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=bd9676847ce152021c622d16cba02c&gdpr_consent=&gdpr=0
Request Chain 342
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_xlmGCAajazeTiFInDHMiVZthPyrw_fDg
Request Chain 343
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=1520263800190791698
Request Chain 344
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xFqxkvWpHy1VFyDwjkVOKDjPMCrEOvd8223rAhGK81s
Request Chain 345
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=71A53502-0352-4DDA-BC37-6369BFD775C2
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBFZ-VOxvuc9ZXjjVVYUxGo&google_cver=1
Request Chain 347
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0lkYl0LklrOt&ev=1&us_privacy=&pid=562985
Request Chain 348
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=5eb4a953b4771164&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGdGSlAoQiPwNPVMoGAAAAAAA&expiration=1700832998
Request Chain 349
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-Q4ti76pE2uGP73LP.X5fK6h2bhsFufcTVnWIX3Y-~A
Request Chain 350
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
Request Chain 351
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a2647777-af24-46eb-8cf5-4bb4e6e8269c&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=&gdpr_consent=&us_privacy=
Request Chain 359
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&uid=5965519997845925682 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5965519997845925682
Request Chain 360
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}} HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=grid&nmuid=&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8
Request Chain 361
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D HTTP 302
  • https://cookies.nextmillmedia.com/setuid?gpp=%7B%7B.GPP%7D%7D&bidder=ix&nmuid=&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&uid=ZV9VZf8jDOcP96AbbzfkBwAA%261434 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZV9VZf8jDOcP96AbbzfkBwAA&1434
Request Chain 362
  • https://csync.loopme.me/?pubid=11364&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%7Bviewer_token%7D HTTP 307
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=0&gdpr_consent=&us_privacy={%7BUS_PRIVACY%7D}&uid=7e5c97a5-6a6a-4c79-a636-1ad4942b5056&gdpr_consent=null&gdpr=0 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=7e5c97a5-6a6a-4c79-a636-1ad4942b5056
Request Chain 363
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24%7BUID%7D HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=openx&nmuid=&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&uid=883c4ab6-26e1-0526-2650-2307920763a0 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=883c4ab6-26e1-0526-2650-2307920763a0
Request Chain 364
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%23PMUID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=pubmatic&nmuid=&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&uid=71A53502-0352-4DDA-BC37-6369BFD775C2 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=71A53502-0352-4DDA-BC37-6369BFD775C2
Request Chain 365
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Request Chain 368
  • https://ads.yieldmo.com/pbsync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=yieldmo&nmuid=&uid=3F30DVV880VBCWyYXWKp&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}} HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=3F30DVV880VBCWyYXWKp
Request Chain 370
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 371
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1700746598340.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 372
  • https://ssc-cms.33across.com/ps/?_=1700746598340.&ri=0010b00001siQHqAAM&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=58&type=iframe&id=212354975239421&auxuid=
Request Chain 373
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968907272543872689&expires=30&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 374
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-joY4A2dE2uEr6CrPQe38tsdxM7Uz5g8m~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-joY4A2dE2uEr6CrPQe38tsdxM7Uz5g8m%7EA&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 375
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=5a42324066ae1489&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAF2dmf_cl4-wNg_hC3AAAAAAA&expiration=1700832998&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAF2dmf_cl4-wNg_hC3AAAAAAA&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 376
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=659112826076576016317 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=659112826076576016317&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 387
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=tappx&khaos=LPB8M0BO-E-37IV HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=52&id=LPB8M0BO-E-37IV
Request Chain 388
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=&expires=30
Request Chain 389
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MSjbyzz3Q_KxXriW4Ab10A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MSjbyzz3Q_KxXriW4Ab10A
Request Chain 390
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBCOE0wQk8tRS0zN0lW HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB0iO3UBNe7xrXH7i3HxT-I&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCOE0wQk8tRS0zN0lW&google_push=
Request Chain 391
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/P1GZ767xhNPKerxJbRU-6w?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-b.EOGkJE2oJ18_N7hSKEDAsU8oGEuf8A7r_ulA--~A
Request Chain 393
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGY0ODE2YTY3YmM5MTI5NjgwM2QxN2QxZDBhOTRiYjRmMjQxMTkxMA
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENQwX276a-8zf2YJ6N3lLTE&google_cver=1
Request Chain 395
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LPB8M0BO-E-37IV&ex=d-rubiconproject.com&status=ok
Request Chain 396
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPB8M0BO-E-37IV
Request Chain 397
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAWOk7KvqsAABKdyZEUAg&expires=30
Request Chain 398
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPB8M0BO-E-37IV HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPB8M0BO-E-37IV HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPB8M0BO-E-37IV&ckls=true&ci=nP4mHM0vGX&nc=false&trid=-1512653646
Request Chain 399
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPB8M0BO-E-37IV
Request Chain 400
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LPB8M0BO-E-37IV
Request Chain 401
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=72374bf9-0da0-4f2c-a88a-08aa198513d1&expires=30
Request Chain 402
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPB8M0BO-E-37IV
Request Chain 403
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPB8M0BO-E-37IV&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPB8M0BO-E-37IV&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS10T1R5LnRkRTJ1RWZ5a1lMd3Mzbl9VZUhDWTg2UEVUdn5B&ovsid=LPB8M0BO-E-37IV&dpid=58160
Request Chain 404
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LPB8M0BO-E-37IV HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LPB8M0BO-E-37IV
Request Chain 409
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LPB8M0BO-E-37IV HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LPB8M0BO-E-37IV
Request Chain 413
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_xlmX_kH8z8RCd0MJ1_h3LQ7pU5lW8KyQ
Request Chain 414
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=670bc134c9db122b&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHS7AGDgcmTAMLWLeJAAAAAAA&expiration=1700832998
Request Chain 415
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=70e7655f-5566-4d00-b5b0-5ec6fb1ffda0&gdpr=1&gdpr_consent=
Request Chain 417
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5965519997845925682
Request Chain 418
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=bd9676847ce152021c622d16cba02c&gdpr_consent=&gdpr=1
Request Chain 420
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ChkcC3hX3kjyf_fJDKHeJEJRqZDPGNPZjJSKe5tjTAQ
Request Chain 422
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBFZ-VOxvuc9ZXjjVVYUxGo&google_cver=1
Request Chain 423
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0lkYl0LklrOt&ev=1&us_privacy=&pid=562985
Request Chain 425
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
Request Chain 428
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=ogury&gdpr_consent=undefined&gdpr_consent=undefined&khaos=LPB8M0BO-E-37IV HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?magnite_id=LPB8M0BO-E-37IV&gdpr_consent=undefined
Request Chain 434
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17888&nmuid=&khaos=LPB8M0BO-E-37IV HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=rubicon&uid=LPB8M0BO-E-37IV&nmuid= HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LPB8M0BO-E-37IV
Request Chain 435
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LPB8M0BO-E-37IV HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LPB8M0BO-E-37IV HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LPB8M0BO-E-37IV&ts=1700746599&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 436
  • https://capi.connatix.com/core/sync HTTP 302
  • https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
Request Chain 453
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=17&ev=1cdad28202b44ab296a78c54a72058de&pname=Index&api-tier=2&uid=ZV9VZf8jDOcP96AbbzfkBwAA%261434
Request Chain 454
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0 HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=1cdad28202b44ab296a78c54a72058de&pname=Beeswax&api-tier=2&uid=AAAWOk7KvqsAABKdyZEUAg&gdpr=0
Request Chain 455
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&ttl=1703338599
Request Chain 456
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DAmobee%26api-tier%3D2%26uid%3D%23USER_ID%23&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=21&ev=1cdad28202b44ab296a78c54a72058de&pname=Amobee&api-tier=2&uid=2987841845179767085
Request Chain 457
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=25&ev=1cdad28202b44ab296a78c54a72058de&pname=TripleLift&api-tier=2&uid=659112826076576016317
Request Chain 458
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DAppNexus%26api-tier%3D2%26uid%3D%24UID=&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=1cdad28202b44ab296a78c54a72058de&pname=AppNexus&api-tier=2&uid=5965519997845925682=&gdpr=0
Request Chain 459
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7994213480 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-905b5109-b08e-4801-96f3-68aa3693ea87-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpuid%3DRX-905b5109-b08e-4801-96f3-68aa3693ea87-005%26pId%3D44 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005&pId=44
Request Chain 460
  • https://ssbsync.smartadserver.com/api/sync?callerId=6&gdpr=0&gdpr_consent=null HTTP 302
  • https://capi.connatix.com/us/pixel?puid=1520263800190791698&pId=40&gdpr=0&gdpr_consent=
Request Chain 461
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Request Chain 462
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D1cdad28202b44ab296a78c54a72058de%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0 HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D1cdad28202b44ab296a78c54a72058de%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0
Request Chain 464
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DPulsePoint%26api-tier%3D2%26uid%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=13&ev=1cdad28202b44ab296a78c54a72058de&pname=PulsePoint&api-tier=2&uid=0lkYl0LklrOt
Request Chain 465
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DCrimtan%26api-tier%3D2%26uid%3D%5Buser_id%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=28&ev=1cdad28202b44ab296a78c54a72058de&pname=Crimtan&api-tier=2&uid=b4c58cf361b34d86bbea2a63ad8d7462
Request Chain 466
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DLoopMe%26api-tier%3D2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0 HTTP 307
  • https://cks.connatix.com/cks?pid=18&ev=1cdad28202b44ab296a78c54a72058de&pname=LoopMe&api-tier=2&uid=7e5c97a5-6a6a-4c79-a636-1ad4942b5056&pubid=11186&gdpr=0
Request Chain 467
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D1cdad28202b44ab296a78c54a72058de%2526pname%253DCentro%2526api-tier%253D2%2526uid%253D9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553%2526gdpr%253D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DCentro%26api-tier%3D2%26uid%3D9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553%26gdpr%3D0 HTTP 302
  • https://cks.connatix.com/cks?pid=9&ev=1cdad28202b44ab296a78c54a72058de&pname=Centro&api-tier=2&uid=9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553&gdpr=0
Request Chain 468
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DYieldMo%26api-tier%3D2%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=39&ev=1cdad28202b44ab296a78c54a72058de&pname=YieldMo&api-tier=2&uid=3F30DVV880VBCWyYXWKp&gdpr=0
Request Chain 469
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=1cdad28202b44ab296a78c54a72058de&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DTelaria%26api-tier%3D2%26uid%3D%5BTVUSER_ID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=5&ev=1cdad28202b44ab296a78c54a72058de&pname=Telaria&api-tier=2&uid=88847728943745d39fa115a314d9380b
Request Chain 470
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=bd9676847ce152021c622d16cba02c&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Request Chain 473
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0&_cvt=t HTTP 302
  • https://cks.connatix.com/cks?pid=1&ev=1cdad28202b44ab296a78c54a72058de&pname=SundaySky&api-tier=2&uid=d6.2c767aa1dcbf4caca524c8ef8d8d5ea2
Request Chain 474
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DResetDigital%26api-tier%3D2%26uid%3D%24USER_ID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=35&ev=1cdad28202b44ab296a78c54a72058de&pname=ResetDigital&api-tier=2&uid=0000011E2DCE1E8E
Request Chain 475
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DSonobi%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=43&ev=1cdad28202b44ab296a78c54a72058de&pname=Sonobi&api-tier=2&uid=8ad7315b-ac9b-4399-b1f5-5c9722c9ea70
Request Chain 476
  • https://xsync.iqzone.com/psync?t=s&e=376&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D42%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DIqZone%26api-tier%3D2%26uid%3D%25USER_ID%25&gdpr=0 HTTP 307
  • https://cks.connatix.com/cks?pid=42&ev=1cdad28202b44ab296a78c54a72058de&pname=IqZone&api-tier=2&uid=229745e4-8b4f-4753-ba4b-cedaad9831c8
Request Chain 477
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DAdelphic%26api-tier%3D2%26uid%3D%24%7BADELPHIC_CUID%7D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=29&ev=1cdad28202b44ab296a78c54a72058de&pname=Adelphic&api-tier=2&uid=72374bf9-0da0-4f2c-a88a-08aa198513d1
Request Chain 478
  • https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d1cdad28202b44ab296a78c54a72058de%26DemandPartnerName%3dOpenX%26tier%3d2%26DemandPartnerUserId%3d HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=8&UserId=1cdad28202b44ab296a78c54a72058de&DemandPartnerName=OpenX&tier=2&DemandPartnerUserId=7dd8b5de-36e2-0b20-03cd-402e87d7ca53
Request Chain 479
  • https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D31%26UserId%3D1cdad28202b44ab296a78c54a72058de%26DemandPartnerName%3DMediaNet%26tier%3D2%26DemandPartnerUserId%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=31&UserId=1cdad28202b44ab296a78c54a72058de&DemandPartnerName=MediaNet&tier=2&DemandPartnerUserId=3437481986634263000V10
Request Chain 481
  • https://capi.connatix.com/us/google/pixel?tier=2&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=MWNkYWQyODIwMmI0NGFiMjk2YTc4YzU0YTcyMDU4ZGU&extra1=1cdad28202b44ab296a78c54a72058de&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport HTTP 302
  • https://capi.connatix.com/us/google/report?extra1=1cdad28202b44ab296a78c54a72058de&gdpr=0
Request Chain 482
  • https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=1cdad28202b44ab296a78c54a72058de&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D34%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DColossus%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=34&ev=1cdad28202b44ab296a78c54a72058de&pname=Colossus&api-tier=2&uid=fa0145d5-6dea-41c2-a612-b0ded0b2e3af
Request Chain 484
  • https://id.a-mx.com/sync?tao=1&&do=www.theonion.com HTTP 302
  • https://c3.a-mo.net/b?uid=7fade971-a5a2-4e70-83be-ba1535b28ce7&sh=id.a-mx.com&
Request Chain 485
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Request Chain 486
  • https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&uid=cddbd60e-5371-4e27-8ec9-892f1ea338ba&do=www.theonion.com HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=amx&uid=cddbd60e-5371-4e27-8ec9-892f1ea338ba
Request Chain 487
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=cddbd60e-5371-4e27-8ec9-892f1ea338ba&gdpr=0&us_privacy=1---&gpp={{.GPP}} HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=adaptmx&user_id=k-TEii7cmCzeayN0ph2ge6CAe-ig2KgOm71lqMUQ&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 488
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=cddbd60e-5371-4e27-8ec9-892f1ea338ba HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-Q4ti76pE2uGP73LP.X5fK6h2bhsFufcTVnWIX3Y-~A
Request Chain 489
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&gpp={{.GPP}}&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%26bidder%3Damx_com%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=amx_com&uid=
Request Chain 490
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=openx&uid=883c4ab6-26e1-0526-2650-2307920763a0
Request Chain 491
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&gpp={{.GPP}}&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%26bidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=adform&uid=9047554035501915527
Request Chain 492
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=smartadserver&uid=1520263800190791698
Request Chain 493
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 494
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?us_privacy=1---&A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=index_rtb&uid=ZV9VZf8jDOcP96AbbzfkBwAA%261434
Request Chain 495
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&gpp={{.GPP}}&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=sovrn&uid=HtFwhRZHc4ldxZ4dTD-iUtLg
Request Chain 496
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=appnexus&uid=5965519997845925682
Request Chain 499
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=hCcQLHxZNUMxVEdYMWc1V2k3V2E1ZkNkOWJOZFBIeW1tbEZJT0tFczlvTElKWmRQNHlvbm5BUVhXZ0ZaclFaWXZ0NjNxU0U2dDg0TWRydHp2RGxScWtSU2dNOHFOUFBOanFtS01KZkEwVlJmTUYyNjAxRDBYOGNUeklrRE5tRU44a0s1R2NRT1FyRzF5QXVTajJOK1ExaWZmTUlpYUZtbk9wOE1jaFlDNS9lOUFISlhjeWtKZFUzNTExc3E1Tncwa1ZZRVJKUGlZd3Y3ZEhTZ05DQXB1OFlNT1dadlBtaVpVYUxhTHRDNkt1a0o2elZPUkFkTldWMWtPUVh5b0NUS3NSTlhhOGI3cFJuYnJJSmZBUUdyalhQOW1Hdz09fA&cppv=2
Request Chain 511
  • https://cks.connatix.com/cks?pid=24&ev=1cdad28202b44ab296a78c54a72058de&pname=IronSource&api-tier=2&uid=x53NyBr-kp_s&direct=1 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=x53NyBr-kp_s&UserId=&tier=2
Request Chain 514
  • https://i.liadm.com/s/81549?bidder_id=246480&bidder_uuid=1cdad28202b44ab296a78c54a72058de HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Request Chain 536
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=1YNY HTTP 302
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5965519997845925682&us_privacy=1YNY
Request Chain 538
  • https://eb2.3lift.com/sync?px=1&src=prebid&us_privacy=1YNY& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 539
  • https://match.adsrvr.org/track/usersync?us_privacy=1YNY&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b

549 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request study-finds-link-between-dna-and-cannabis-addiction-1851043563
www.theonion.com/ 		268 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
ef673ac1a0f4fedbcd42ebefaa3b9100bb9b543212b57137d2864286fe65db60
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
stale-if-error=86400, stale-while-revalidate=300
content-encoding
gzip
content-length
62922
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 13:36:35 GMT
etag
W/"43030-AtUNcKsdkXKnZntt2jf2CSHSPQc"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-UA-Device, X-Kinja-GDPR, X-Kinja-CCPA, X-Kinja-Location, Authorization
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
26, 0
x-cdn-fetch
mantle-default
x-content-type-options
nosniff
x-exp-id
tgs0ab4MLPvGYtW0gf7NK6
x-exp-variant
0
x-frame-options
deny
x-googlenews-bot
false
x-kinja
kinja-magma-kube01-ccb5ff9fd-lc8cj #4601
x-kinja-build
4601
x-kinja-country
US
x-kinja-revision
054c774aad7c403f9473c23c0f59d7af73ce2ab1
x-kinja-server
kinja-magma-kube01-ccb5ff9fd-lc8cj
x-kinja-superheroloaded
true
x-powered-by
Express
x-served-by
cache-iad-kiad7000083-IAD, cache-yyz4526-YYZ
x-timer
S1700746595.196911,VS0,VE26
x-ua-device
desktop
x-xss-protection
1; mode=block
roboto_condensed_ext_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg-webfont.woff2?11012022
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
E520RSDZ4X8G5EB2
age
23
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
22464
x-amz-id-2
LV56npgQamKGo4MLdl0umnrV+pk0KshfGOYsBapR6XfmKHDv6fPqrYS+sviUSSyuUmMqVrYkZBM=
x-served-by
cache-yyz4570-YYZ
last-modified
Thu, 10 Aug 2023 17:07:53 GMT
server
AmazonS3
x-timer
S1700746595.297332,VS0,VE0
etag
"07a9822d47ff9a6f495d0f1c04d185c8"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
roboto_condensed_ext_reg_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg_it-webfont.woff2?11012022
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d87c7ff3d2452025a212149a7dac507a9c36b0dcc9f851a52a29d2d87e8ba2b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
JGR02FS3B2CKSYE2
age
106
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
24548
x-amz-id-2
hTvRAS5VGtt4TTN0CYBEOAmkex5oD5MH/EvOJy4v5Nig+WdHhRYIB0ufmiBmva/zod4tw/cOmuY=
x-served-by
cache-yyz4570-YYZ
last-modified
Thu, 10 Aug 2023 17:07:53 GMT
server
AmazonS3
x-timer
S1700746595.296849,VS0,VE0
etag
"f8702959a16d4d4310dc4090c484eaf0"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
3
roboto_condensed_ext_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold-webfont.woff2?11012022
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
6RSPX5AW1B8H5YQ8
age
23
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
22308
x-amz-id-2
62ISNWCOe2NIX+cC7dVEHU7HZ1heu75NUw1L+zlaE5cjX0cMMiqAPtYDkz6LX1qhm64yw+kHvs4VyToMzLdZ7g==
x-served-by
cache-yyz4570-YYZ
last-modified
Thu, 10 Aug 2023 17:07:51 GMT
server
AmazonS3
x-timer
S1700746595.297373,VS0,VE0
etag
"5b89baa90ed9f475cc75193a4873c51a"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
roboto_condensed_ext_bold_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold_it-webfont.woff2?11012022
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32a4f630fcc22ae4d318d9d3a94ab47e165cb2026c21e58de13260c54d4eba74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
F1DC5RRT8G1PY6DH
age
83
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
24352
x-amz-id-2
fJoo2seTQh4nTP5POOGJS721nd7X+s5LneFNUmosDCBKyfDr6k03APTOQb4N12boQsgOUcBW8nE=
x-served-by
cache-yyz4570-YYZ
last-modified
Thu, 10 Aug 2023 17:07:50 GMT
server
AmazonS3
x-timer
S1700746595.296866,VS0,VE0
etag
"3ea5bce10a12f4f87d3ca8e37e94fb83"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
3
libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
QZ56XD9VAZTYVQHE
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
17984
x-amz-id-2
ZvV2ryOt0mpjYIiKtz0CBAlPTC+PLjTTcI0e+vBis4BfijfYmHbc14iftQf6EF+3b6lep+9PWkg=
x-served-by
cache-yyz4570-YYZ
last-modified
Tue, 14 Nov 2023 05:48:05 GMT
server
AmazonS3
x-timer
S1700746595.297312,VS0,VE52
etag
"0518781cd45a71291d17ea1febfcc5fe"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-96-18.msp50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:29:06 GMT
content-encoding
gzip
via
1.1 e32e2bffc79fb8fcf5f4db62ca190200.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
MSP50-P1
age
450
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
3SDo38qISVVTrJSUINFvXpVZrPvtRbbYFrclHnPTW9lTEaWVpIVJRQ==
lux.js
cdn.speedcurve.com/js/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=527761496
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
9f415e7fe835a3f7a109c97a300be83e41b0c880fd57914376c0b076b0b9eac3

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 13:16:17 GMT
date
Thu, 23 Nov 2023 13:36:35 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
1218
x-cache
HIT
content-length
8051
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700745377&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=s5HH%2BzNx371FHWG7Pu9S0j%2Bt%2B86ob5EuaUGeL5gouK4%3D
x-served-by
cache-yyz4543-YYZ
last-modified
Thu, 23 Nov 2023 13:16:17 GMT
server
Apache
x-timer
S1700746595.335236,VS0,VE0
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700745377&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=s5HH%2BzNx371FHWG7Pu9S0j%2Bt%2B86ob5EuaUGeL5gouK4%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 12:48:47 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2868
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 23 Nov 2023 14:48:47 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~251de3ca.8ad766a322c348abd8a2.js
www.theonion.com/x-kinja-static/assets/new-client/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~251de3ca.8ad766a322c348abd8a2.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b3e7f6528c49730d8109c98014ee95a319a7d1d8a08cb6d4a268dd0918553c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-amz-request-id
4325P6W06K85GN91
age
1920883
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
5542
x-amz-id-2
pLd/48+07jFyDWCoicFu69Sk4ou+0XzPQg5nkXjaLwpPZvEhi8Qdt8ECz5KF/WMU+8f4jro6sd1zKP/gwKiLmFgHPuBT6AC6
x-served-by
cache-yyz4529-YYZ, cache-yyz4526-YYZ
last-modified
Wed, 01 Nov 2023 05:21:26 GMT
server
AmazonS3
x-timer
S1700746595.289587,VS0,VE4
etag
"f2e6d95ea79aa90ecc3335977ec6037e"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
2, 0, 1
vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~8b2687c0.8653cfdb00c890a8e687.js
www.theonion.com/x-kinja-static/assets/new-client/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~8b2687c0.8653cfdb00c890a8e687.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
353c493b7ff3cc76c99b3fb094406e6536a6623344919dfa1f0f175c3bd2916c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id
WGF0E2SNHQWPEXHA
age
2495673
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1729
x-amz-id-2
Tyy3FWGKRY4zWeXk8DdlxNK5WXCrbJ5Vhu1alLfS6z+RzW30fu5HkS0EUnrHU1JZzpy64x3K9iY=
x-served-by
cache-yyz4532-YYZ, cache-yyz4526-YYZ
last-modified
Wed, 25 Oct 2023 16:18:36 GMT
server
AmazonS3
x-timer
S1700746595.289544,VS0,VE1
etag
"0b7f37a8e0f013f57fc9706b2e420a76"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 0, 1
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~1a7700aa.e1cabbc1d3ae99833f4a.js
www.theonion.com/x-kinja-static/assets/new-client/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~1a7700aa.e1cabbc1d3ae99833f4a.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
557f64e58e17972bffbe930e0534973a28d06da7e906ee34414a57d6cc245ccd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ZPHKKT078N2Q5MGT
age
709889
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
2243
x-amz-id-2
YtQDKi0+dN0hbxZH3B28wb5vBgJHeiZzrDNsmy9fO1CVfdUDGgZuHubRLVQiNNDSHgGraQ0RyPE=
x-served-by
cache-yyz4522-YYZ, cache-yyz4526-YYZ
last-modified
Tue, 14 Nov 2023 21:17:41 GMT
server
AmazonS3
x-timer
S1700746595.289535,VS0,VE1
etag
"63d556cb17935da61ca9cb9d30f20b34"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
0, 1
runtime~ga4.4fa95d1880e01ab1fed8.js
x.kinja-static.com/assets/new-client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/runtime~ga4.4fa95d1880e01ab1fed8.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63710710890c4cb490bcbb990c93396d49f05cff1a2f7206d5de257107939d6b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
Y6XECJMBVYDJ6YQC
age
50
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
686
x-amz-id-2
PIYAvSFpwb9BxEOjzan7j+LM1QSZoZbOQBcOFySQroYoIpP+QZdufIMbw311p14ueo2JpXuEsZU=
x-served-by
cache-yyz4561-YYZ
last-modified
Tue, 31 Oct 2023 06:03:36 GMT
server
AmazonS3
x-timer
S1700746595.335149,VS0,VE0
etag
"e171d6d4875754d065c7446f329e6e90"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
ga4.b60369697f1d1eb7bc00.js
x.kinja-static.com/assets/new-client/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/ga4.b60369697f1d1eb7bc00.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c8e3116a2a89e1f2aeb829f9f6f5a846a1af34238435f7c80dff700787a4d03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
RHGJ855A27HNB54G
age
72
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
2551
x-amz-id-2
ckzsd9ubiDzMZpCbTCeysyx8G64GLmyMo2qbwLo5u6UoeEpgBE4m1uuM2ocfL6mscu8bD75Nlm0=
x-served-by
cache-yyz4561-YYZ
last-modified
Mon, 23 Oct 2023 20:22:14 GMT
server
AmazonS3
x-timer
S1700746595.335662,VS0,VE0
etag
"e07e73766b4fc9046ad4f5ce1c7ab9ee"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
adManager~video-html5-playlist~videoHtml5.f8ca5d1b7c1c3b8152c1.js
www.theonion.com/x-kinja-static/assets/new-client/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adManager~video-html5-playlist~videoHtml5.f8ca5d1b7c1c3b8152c1.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e600bcf2ed8f86a2a1ed40e71039df73a9bbd9800fcac01d960f0a133521f660
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
GMEQYGTFF4PXVFR5
age
901525
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
2059
x-amz-id-2
09LqhZDkYc/PI/JBWGsmngCezpBzQGZThBP6xCxFG+HUZqh4RcZpJBYaXurQnwqCNmrB90UOO8Y=
x-served-by
cache-yyz4527-YYZ, cache-yyz4526-YYZ
last-modified
Mon, 13 Nov 2023 03:04:38 GMT
server
AmazonS3
x-timer
S1700746595.289499,VS0,VE1
etag
"c39630b890ced0152f8f25b88b613eb0"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 1
vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~c0e5e8c7.2affe01a1383941b28fa.js
www.theonion.com/x-kinja-static/assets/new-client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~c0e5e8c7.2affe01a1383941b28fa.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
742bdcd300d7076fe7fffd2a846e4a47944030dfea4eabb1a93daf236bdb4782
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-amz-request-id
NF32KTGF33DZQ596
age
3717242
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
975
x-amz-id-2
PUG8vH32VzPjYGEXGvNZO3XFUocfl0KYFTiAg7KzjX383K5miSyn3tFgs8VP5pQLPMXnSggZ8kc=
x-served-by
cache-yyz4541-YYZ, cache-yyz4526-YYZ
last-modified
Wed, 11 Oct 2023 12:58:54 GMT
server
AmazonS3
x-timer
S1700746595.289473,VS0,VE1
etag
"e3e45564a481be4d9688417438c51a46"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 0, 1
runtime~taboolaLoader.683b559fe2d66b7544b6.js
www.theonion.com/x-kinja-static/assets/new-client/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~taboolaLoader.683b559fe2d66b7544b6.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3e6ff2649ac9a0611e35d957b3a5b693d0efb3a53c2ebe79e990f178a7e5768
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id
FGYTQ3G852YH17J4
age
2012362
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1220
x-amz-id-2
dWjofKKAJ3H1rWTtDxsvpSA+vw8pNeksq2RI4OIhkAz53RIgR+jg1EpdzkCp15l1JewcCB2HTPc2FhfuM4GfKQ==
x-served-by
cache-yyz4533-YYZ, cache-yyz4526-YYZ
last-modified
Tue, 31 Oct 2023 06:03:37 GMT
server
AmazonS3
x-timer
S1700746595.289451,VS0,VE1
etag
"831d5c285111156a63ab4d5bd231daac"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
0, 0, 1
taboolaLoader.3c56ecb82aa09a2d6112.js
www.theonion.com/x-kinja-static/assets/new-client/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/taboolaLoader.3c56ecb82aa09a2d6112.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b4bd8a10e3c42db650d2b1de8861c1356ab421d4329b9b4a04aeab88349e01c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-amz-request-id
QQ3CEJ1YPDF593DA
age
1810475
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
5159
x-amz-id-2
e98xCkz9iIhzApRPWGLpX0EZHoAlXy7no86gQ1HcOCRHzBQ31VFnad7fMna7NsZbeMagGHtGioZtpBUOnSVMk7UzG0yjVg0r
x-served-by
cache-yyz4540-YYZ, cache-yyz4526-YYZ
last-modified
Thu, 02 Nov 2023 14:39:04 GMT
server
AmazonS3
x-timer
S1700746595.290541,VS0,VE1
etag
"3b72c1b576b450f0167c74b93d720cc8"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 0, 1
runtime~videoMediaQuerySupport.87053d08d5634a107c35.js
www.theonion.com/x-kinja-static/assets/new-client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoMediaQuerySupport.87053d08d5634a107c35.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
V3Y8GJRT8APY30VQ
age
800459
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
690
x-amz-id-2
0nxOnLMG4I2d3mnOFVGy3v42GP5KXYSed9o0n3lJTC+zcePE1tuVKuVec+6+PsmfgyaEkrfHcNQ=
x-served-by
cache-yyz4530-YYZ, cache-yyz4526-YYZ
last-modified
Tue, 14 Nov 2023 05:48:54 GMT
server
AmazonS3
x-timer
S1700746595.290482,VS0,VE1
etag
"2713af88646e7e34f4b1b3cac71ba209"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
2, 1
videoMediaQuerySupport.b68e2424feab32dd0c91.js
www.theonion.com/x-kinja-static/assets/new-client/ 		1 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/videoMediaQuerySupport.b68e2424feab32dd0c91.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
CYYTFSEX78K808AQ
age
706748
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
574
x-amz-id-2
dERO4JEw5PWYP92Q576/UbsWPg4R8NfemAI/pvdbMBlcCO9Vl1B/46RjHXd9f3G52XhFEXSBu4Q=
x-served-by
cache-yyz4542-YYZ, cache-yyz4526-YYZ
last-modified
Wed, 15 Nov 2023 04:42:17 GMT
server
AmazonS3
x-timer
S1700746595.290465,VS0,VE1
etag
"b950657438a705736bf327866495bfe8"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
0, 1
runtime~videoHtml5.9d1a68a0784c206c05bf.js
www.theonion.com/x-kinja-static/assets/new-client/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoHtml5.9d1a68a0784c206c05bf.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c47e677440f4efdd47797b9bde0400163100ea387b2b8dbcb0e9d2c5e2f62a5a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
TDQW8GGXN3DV4J6S
age
596442
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1921
x-amz-id-2
QEQ3t625JtsgVRuHwua7Aj7MwyN9SuRn2iBFT7Ywulxz3HB8NJtVTdZY0m+tjn7kyFSTgeUpC9g=
x-served-by
cache-yyz4542-YYZ, cache-yyz4526-YYZ
last-modified
Thu, 16 Nov 2023 15:50:20 GMT
server
AmazonS3
x-timer
S1700746595.290444,VS0,VE1
etag
"f113ec7a65d8ae16cdbdcfff99734ff4"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 1
vendor~video-html5-playlist~videoHtml5.d8af3e4197ba529c0bd4.js
www.theonion.com/x-kinja-static/assets/new-client/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~video-html5-playlist~videoHtml5.d8af3e4197ba529c0bd4.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab6de8eec44f4e06e08799f338541cc03952d7e2522ffd3f3b113a2c1a01cd14
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
2482711RYYMCQYVF
age
751098
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
2188
x-amz-id-2
CZa0oM/gW6vBy6t7MqjVbOAhaW71twu99YpXo+GOBbJFSCZbr5laY5rd8QHFgMi6ZcsbHOZdN94=
x-served-by
cache-yyz4544-YYZ, cache-yyz4526-YYZ
last-modified
Tue, 14 Nov 2023 20:51:47 GMT
server
AmazonS3
x-timer
S1700746595.307445,VS0,VE1
etag
"5e4139cf5491f3d40e4d8f3fc1b52fc9"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 1
video-html5-playlist~videoHtml5.eddc6f9132c4681259c4.js
www.theonion.com/x-kinja-static/assets/new-client/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.eddc6f9132c4681259c4.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ee729052c49b8104ebd6ec49249d6383a982afc8b1e08905f1f00ace536a62d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-amz-request-id
MK6YASS4BEQHQQ33
age
1920883
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
13368
x-amz-id-2
IQ8tOS8jyk4+jeUc+Tiebkt1DdtdnblH6Wf5h7oqGToN0t1PeLobvGnZz9zu6Z+MnL6Qs2XsDB8=
x-served-by
cache-yyz4529-YYZ, cache-yyz4526-YYZ
last-modified
Wed, 01 Nov 2023 05:21:28 GMT
server
AmazonS3
x-timer
S1700746595.307436,VS0,VE1
etag
"825a0787bb636588fcee75c1cd668333"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
2, 0, 1
videoHtml5.a9ba8849357e3598586e.js
www.theonion.com/x-kinja-static/assets/new-client/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/videoHtml5.a9ba8849357e3598586e.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2344d02f9553821a1a2c157f178ea59766ca0a789ddfcf64d6cb5423ccece952
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
93PH0VK9C5TA4J0T
age
594534
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
3618
x-amz-id-2
W7oELCPQrV/Z3h4/zsJkCJKMZarGoweDJGkpqrK9oi2vRElZgIULoWkpYXodEAA1BxONsnH8CH8=
x-served-by
cache-yyz4548-YYZ, cache-yyz4526-YYZ
last-modified
Thu, 16 Nov 2023 16:23:50 GMT
server
AmazonS3
x-timer
S1700746595.307463,VS0,VE1
etag
"f0bbfeb0379a9e61774d82e4e26cbae1"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 1
accountwithtoken
kinja.com/api/profile/ 		256 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kinja.com/api/profile/accountwithtoken?jsonp=_thirdPartyFastToken&newFollows=true
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bcd2ecc52ad0323b73c0a91a2bcbf3eb4fe807ead91cfa5304ee9321746c0ad6
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 13:36:35 GMT
via
1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
master-only
x-cache
MISS, MISS
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device
desktop
x-kinja-superheroloaded
true
x-kinja-continent
NA
x-cdn-fetch
mantle-setcookie
content-length
238
x-xss-protection
1; mode=block
x-kinja-region
US-NY
x-served-by
cache-iad-kiad7000143-IAD, cache-yyz4526-YYZ
x-exp-variant
0
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-exp-id
tgs0ab4MLPvGYtW0gf7NK6
x-timer
S1700746595.307371,VS0,VE20
x-frame-options
DENY
vary
Accept-Encoding,Origin
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, no-store, private
accept-ranges
bytes
x-kinja-country
US
x-robots-tag
noindex, nofollow
x-cache-hits
0, 0
/
www.theonion.com/
Redirect Chain
  • https://www.theonion.com/undefined
  • https://www.theonion.com/
51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theonion.com/
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-kinja-server
kinja-magma-kube03-c946f446b-dxlp2
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-kinja-build
4601
x-powered-by
Express
age
0
x-cache
HIT, MISS
x-ua-device
desktop
x-kinja-superheroloaded
true
x-kinja
kinja-magma-kube03-c946f446b-dxlp2 #4601
x-cdn-fetch
mantle-default
content-length
64187
x-xss-protection
1; mode=block
x-exp-variant
0
x-served-by
cache-iad-kiad7000116-IAD, cache-yyz4526-YYZ
x-googlenews-bot
false
x-exp-id
tgs0ab4MLPvGYtW0gf7NK6
x-timer
S1700746595.408683,VS0,VE23
etag
W/"62919-S3NYlgp3dEra+ECkAL+PhufTh/c"
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-UA-Device, X-Kinja-GDPR, X-Kinja-CCPA, X-Kinja-Location, Authorization
content-type
text/html; charset=utf-8
cache-control
stale-if-error=86400, stale-while-revalidate=300
accept-ranges
bytes
x-kinja-country
US
x-kinja-revision
054c774aad7c403f9473c23c0f59d7af73ce2ab1
x-cache-hits
6, 0

Redirect headers

x-kinja-server
kinja-magma-kube01-ccb5ff9fd-9fl7b
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 13:36:35 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-kinja-build
4601
x-powered-by
Express
x-cache
HIT, MISS
x-ua-device
desktop
x-kinja-superheroloaded
true
x-kinja
kinja-magma-kube01-ccb5ff9fd-9fl7b #4601
x-cdn-fetch
mantle-default
content-length
35
x-xss-protection
1; mode=block
x-exp-variant
0
x-served-by
cache-iad-kiad7000150-IAD, cache-yyz4526-YYZ
x-googlenews-bot
false
x-exp-id
tgs0ab4MLPvGYtW0gf7NK6
x-timer
S1700746595.364542,VS0,VE23
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-UA-Device, X-Kinja-GDPR, X-Kinja-CCPA, X-Kinja-Location, Accept, Authorization
content-type
text/plain; charset=utf-8
location
/
cache-control
stale-if-error=86400, stale-while-revalidate=300
accept-ranges
bytes
x-kinja-country
US
x-kinja-revision
054c774aad7c403f9473c23c0f59d7af73ce2ab1
x-cache-hits
2, 0
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.eddc6f9132c4681259c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Thu, 23 Nov 2023 13:36:35 GMT
loader.js
cdn.taboola.com/libtrc/gomedia1-network/ 		344 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
caf4b166e94b9c939010f51318063e5c7103009e583a1fc87179ffcd824acbe5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
mwBKZvOKr7iJeLfR4nxbBdW5ngHrzg7H
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Nov 2023 13:36:35 GMT
x-amz-request-id
BRZT9M25WK170HNW
age
114
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
105069
x-amz-id-2
bmHVgPRf1rxxm/iSlT6lxYdQKDuuVyKdEH0P0Ah6ksOxa8Ci6WjF9MX8y3fTZPA2Y8F6QMHNpMw=
x-served-by
cache-yyz4550-YYZ
last-modified
Tue, 21 Nov 2023 11:54:12 GMT
server
AmazonS3
x-timer
S1700746595.429304,VS0,VE2
etag
"e64ed31788e4abed3c0a670522ab6f88"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
33
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6770184&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700746595408&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addict...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700746595408&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addic...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700746595408&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&c8=Study%20Finds%20Link%20Between%20DNA%20And%20Cannabis%20Addiction&c9=
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Server
18.160.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-96-18.msp50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:35 GMT
via
1.1 e32e2bffc79fb8fcf5f4db62ca190200.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
MSP50-P1
x-amz-cf-id
tdT0R72l8XgIoIw5QycAO2rBSgZ1suqdy_BFgjxfDbeSMIbKWO_MDg==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 23 Nov 2023 13:36:35 GMT
via
1.1 e32e2bffc79fb8fcf5f4db62ca190200.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
MSP50-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6770184&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700746595408&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&c8=Study%20Finds%20Link%20Between%20DNA%20And%20Cannabis%20Addiction&c9=
content-length
0
x-amz-cf-id
vNbovqgHfRSqo2JJYmjhL64UPxhnt4EOI6chMVnX6b6TQ0oZOoVgfQ==
load.js
pm-widget.taboola.com/gomedia1-network/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/gomedia1-network/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e2558431fa15502b287eaffaf838d80ecad4bfcd26ce1543bcb206ca98dcb83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
EorerB.D3w_N35bqJQH23FSZ.N.fIup4
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Nov 2023 13:36:35 GMT
x-amz-request-id
6CSQP1GVXK7G92BT
age
1062
x-cache
HIT
content-length
1106
x-amz-id-2
GZ6+EjQIWO8P7GpIPVDqWFxa4A4KNN7b2s+kld6zXGuXF8C8oUpb40WRmMW/54S6hznf90mSvJ0=
x-served-by
cache-yyz4550-YYZ
last-modified
Wed, 27 Sep 2023 08:06:45 GMT
server
AmazonS3
x-timer
S1700746596.551450,VS0,VE1
etag
"942403da10227099832480d4c9d0208c"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
impl.20231121-7-RELEASE.js
cdn.taboola.com/libtrc/ 		819 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ca0c978c9d8361a0509dad2dfac066d4a8968fc6a870bc893c4b5f40cff42419

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
Goo1gyH5Mb13alrQ0W6zOWkgXcD8DEn0
content-encoding
br
via
1.1 varnish
date
Thu, 23 Nov 2023 13:36:35 GMT
x-amz-request-id
YQ0WY2C1EVAYD14W
age
10221
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173606
x-amz-id-2
MTmZMalMBULX5RkzfYTgMOnDeBsgbZJRx2DIDikJEu0Z00V9zLpsbPN+4p6Fvf8QILUoWwlECB8=
x-served-by
cache-yyz4550-YYZ
last-modified
Tue, 21 Nov 2023 10:24:38 GMT
server
AmazonS3-br
x-timer
S1700746596.551075,VS0,VE0
etag
"e14d5158d1e05939397417dd5bb9b1d9"
vary
Accept-Encoding
content-type
application/javascript
abp
56
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
5911
json
trc.taboola.com/gomedia1-theonion/trc/3/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gomedia1-theonion/trc/3/json?llvl=2&tim=03%3A36%3A35.542&lti=trecs&pubit=n&t=1&data=%7B%22cmps%22%3A2%2C%22id%22%3A%2274487%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1700746595543%2C%22cv%22%3A%2220231121-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563%22%2C%22vpi%22%3A%22%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8304%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22gomedia1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22cd%22%3A2264%2C%22mw%22%3A800%7D%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1700567646446%2C%22wc%22%3Atrue%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
203377898c32d8acb925c909d57508c6b43b048b71f01b07c83e65819cbd0f71

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
350
date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.30979166666666663
x-fastly-to-nlb-rtt
15196
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4550-YYZ
x-log-content-encoding
gzip
server
nginx
x-timer
S1700746596.568387,VS0,VE350
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
vans-adapter-google-ima.js
static.adsafeprotected.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.eddc6f9132c4681259c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2044:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding
gzip
via
1.1 4074a79e28cc4b1a455d24b3546c6c94.cloudfront.net (CloudFront)
date
Fri, 17 Nov 2023 13:14:38 GMT
x-amz-cf-pop
YTO50-C2
age
519718
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 19:25:58 GMT
server
AmazonS3
etag
W/"8ec0c211dda60907ae57f46e621bc794"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
xmbOe0FTcWIoEGzv9kJqnZnyhwsxAUIZXqiKx59b2tH6_WIt1seRKQ==
pmk-20220605.2.js
pm-widget.taboola.com/gomedia1-network/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/gomedia1-network/pmk-20220605.2.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/gomedia1-network/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4edc4e8c804d59ff0dbb24ca8d4a6c9c4f25ed238e353426e6eaf7bcda88df3c

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
7jIm5sY5l9qw.61OrHjZvFYwnPjaKWSP
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Nov 2023 13:36:35 GMT
x-amz-request-id
747NSQRPMN3FVC5R
age
3816091
x-cache
HIT
content-length
28810
x-amz-id-2
CrxPZaXaztsy2Kh0+eQwadiA9P1oYUoqNIvWHQTuciOLhedbeuziFTVl/bIrwwr5Tn/hlIWZpJI=
x-served-by
cache-yyz4546-YYZ
last-modified
Wed, 27 Sep 2023 08:06:44 GMT
server
AmazonS3
x-timer
S1700746596.642686,VS0,VE0
etag
"ec013cc2f4a091f102d60309b9313da0"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
990
card-interference-detector.20231121-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20231121-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa5d358f6f6f121919bb293c3c01de8dccaa421eb7aa0ef0c28756fcad4865ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
vtqVKpx8v2_BDNiQ_n4iYmoJpO41fII0
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Nov 2023 13:36:35 GMT
x-amz-request-id
ZYKE02GCQG3CXXQ6
age
93291
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2180
x-amz-id-2
X24RuEnOJllLSzpWSydl80CiF+s5XhcY2OWZHWpP9Hfch0CZQ76/ReeYKfcICcfv9m2vd5yQm5Y=
x-served-by
cache-yyz4550-YYZ
last-modified
Wed, 22 Nov 2023 11:41:43 GMT
server
AmazonS3
x-timer
S1700746596.652364,VS0,VE0
etag
"4c8cc25d10f69755f64ccb719134863c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
19
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
10834
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Nov 2023 13:36:35 GMT
x-amz-request-id
Q89PZAPY13C01VBS
age
314
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
WyW+sQit27+5QQaPOprDWlxQkOlwneaUZDqksoV7u0dxhY+oAngI45yJEW41JVZdfQSdWufJIXs=
x-served-by
cache-yyz4546-YYZ
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1700746596.949443,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
16
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
505
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Nov 2023 13:36:35 GMT
x-amz-request-id
F0ERNPAEKW73Z8P2
age
8404
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
plsZvdnyCt2i8Bpor4XZ/Hw8FQ82hV+hAUU7z72e8PcCioobdkLHvDkUimb10ggYrfGsRVEk5hI=
x-served-by
cache-yyz4546-YYZ
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1700746596.949474,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
47
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
7778
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Nov 2023 13:36:35 GMT
x-amz-request-id
S9J5BFAA7WPTMDGJ
age
7234
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
wWtPRy+nUtfHDp77gPzlWCF3v6EWhngazARKv0aGBw+bq/wfsPbkn4AZ0roXloZfIZagWP16wbs=
x-served-by
cache-yyz4546-YYZ
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1700746596.949460,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
41
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
6225
social
ch-trc-events.taboola.com/gomedia1-theonion/log/3/ 		0
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/3/social?lti=trecs&ri=90ac0b9685ceca7a36fb09839a6cdb00&sd=v2_ae11b243e086d50ce789ad5728306627_49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3_1700746595_1700746595_CNawjgYQ5LxeGNeZluO_MSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGiLspCgye6O3i5wAQ&ui=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&pi=%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&wi=-302137854758154435&pt=text&vi=1700746595543&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Study%20Finds%20Link%20Between%20DNA%20And%20Cannabis%20Addiction%22%2C%22sec%22%3A%22dna%22%2C%22aut%22%3A%5B%22The%20Onion%22%5D%2C%22img%22%3A%22https%3A%2F%2Fi.kinja-img.com%2Fimage%2Fupload%2Fc_fill%2Ch_675%2Cpg_1%2Cq_80%2Cw_1200%2Fabwm6w3prjmdcyvoqfxn.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.theonion.com
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
tb
15.taboola.com/ 		30 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=gomedia1-theonion&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&encoded=1&uid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1700746595948&tagid=&cntry=US&platform=1&sesid=ae11b243e086d50ce789ad5728306627&itemid=/study-finds-link-between-dna-and-cannabis-addiction-1851043563&viewid=1700746595543&geolat=&geoing=&deviceifa=&appid=&sd=v2_ae11b243e086d50ce789ad5728306627_49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3_1700746595_1700746595_CNawjgYQ5LxeGNeZluO_MSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGiLspCgye6O3i5wAQ&ri=90ac0b9685ceca7a36fb09839a6cdb00&appname=&cdb=&gdprApplies=false&rid=&sii=-302137854758154435&oee=true&tpubid=1547876&uis=2&fagg=2&ccpaDns=false&ccpaPrivacy=1---&region=NY&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1547862&prcnt=&layer=&normp=1&gvv=9864
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d7aeb680d9acf5df26c086e9378cd53d738b9c4a8ed89e377121aaf505450daa

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 23 Nov 2023 13:36:35 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1131
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-yyz4550-YYZ
pragma
no-cache
server
nginx
x-timer
S1700746596.961164,VS0,VE35
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://us-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20231121-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231121-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e996a0721e504efb3a2614ffebf96811dc56a2cb84a585ae495d146f8e43035c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
WX751I9f.e2ZcIK4Rn3YkLAajqvc6qM_
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Nov 2023 13:36:35 GMT
x-amz-request-id
J3ZGDSCZVA6T0QQ6
age
93279
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1261
x-amz-id-2
i+1br8AnAFm/FNl6a08YREIm0lfSyFUOi22jnl/ahVNoY9MBUqC/eWLIxTPSefRB4jBto+joq8A=
x-served-by
cache-yyz4550-YYZ
last-modified
Wed, 22 Nov 2023 11:41:57 GMT
server
AmazonS3
x-timer
S1700746596.961747,VS0,VE0
etag
"9c15de28849e65a17e95bb39ea85ea2b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
51
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
35639
userx.20231121-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231121-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9426567f042fca32ee04034ef8c83cf73aa1f698f8bf465a72671de0ecaaad74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
RxRMbH9S9NiszpcL4leWiKH6iH.0nkhp
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Nov 2023 13:36:35 GMT
x-amz-request-id
JH66KC45JD6PVNJZ
age
93244
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5396
x-amz-id-2
XAZZqzm7h1A0gbACCHPF00x0YrcXxnwGdG5/9hPNbY2VMVXnTwHKqq9xUWx1LoojmbEVjF7pGZU=
x-served-by
cache-yyz4550-YYZ
last-modified
Wed, 22 Nov 2023 11:42:32 GMT
server
AmazonS3
x-timer
S1700746596.982582,VS0,VE0
etag
"e04922542f64625b1a6e8ed0a5a5d7b1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
18
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
10990
distance-from-article.20231121-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231121-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d523aae1d54605fc3dabf35448e4e4892eaefacaa33f086943d8b9aedd9c9f36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
VUNySeRZoo_G_IkRHyPbA2J1GWj8uf2O
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Nov 2023 13:36:35 GMT
x-amz-request-id
P086EYPQF2J55TQB
age
93287
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
y6F3n60y+KRHbe4JzkItnem+XG/aIv2grbnPHYiz9s7aITWNnrdUTF5kiut31VyFDDwuDAn2GUI=
x-served-by
cache-yyz4550-YYZ
last-modified
Wed, 22 Nov 2023 11:41:48 GMT
server
AmazonS3
x-timer
S1700746596.983156,VS0,VE0
etag
"3156426a0edaa42aa2bf567f4a5c596f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
26
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
41279
article-detection.20231121-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231121-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ebecabde36c90a8dd9a2f347e1e633087b143ba28dcacdf58528da0b26cb5791

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
2I1kn3jVLr9JdAH6q.GGYa0xyWcAOZLL
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Nov 2023 13:36:35 GMT
x-amz-request-id
XRX7PYSKEFHYZA5Q
age
93297
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
V7I85UmWwggueC4Drr3+rZB2dpcHUbyfyfdUYVJpr/RUAweLJXqxL6HBXZaLXV+qDheJGiXq6/M=
x-served-by
cache-yyz4550-YYZ
last-modified
Wed, 22 Nov 2023 11:41:38 GMT
server
AmazonS3
x-timer
S1700746596.983479,VS0,VE0
etag
"36b721518a3b258033d725e6c90d0fd9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
13
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
41238
pubs-generic
trc.taboola.com/gomedia1-theonion/log/3/ 		0
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/gomedia1-theonion/log/3/pubs-generic?route=US:CH:V&tvi48=11616&tvi50=9864&lti=trecs&ri=90ac0b9685ceca7a36fb09839a6cdb00&sd=v2_ae11b243e086d50ce789ad5728306627_49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3_1700746595_1700746595_CNawjgYQ5LxeGNeZluO_MSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGiLspCgye6O3i5wAQ&ui=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&pi=/study-finds-link-between-dna-and-cannabis-addiction-1851043563&wi=-302137854758154435&pt=text&vi=1700746595543&d=%7B%22data%22%3A%22%5C%22true%5C%22%22%2C%22type%22%3A%22DEDUP_DEBUG%22%2C%22eventTime%22%3A1700746595951%7D&tim=03%3A36%3A35.952&id=3170&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Thu, 23 Nov 2023 13:36:36 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
14116
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4550-YYZ
pragma
no-cache
server
nginx
x-timer
S1700746596.012141,VS0,VE18
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
ch-trc-events.taboola.com/gomedia1-theonion/log/2/ 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/2/debug?tim=03%3A36%3A35.952&type=warn&msg=Duplicated%20items%20monitoring%20enabled&llvl=2&id=2818&cv=20231121-7-RELEASE&lt=trecs&pcs=%5Bdata-feed-main-container-id%3D%22taboola-below-article-thumbnails%22%5D&vi=1700746595543
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27688
abtests
ch-trc-events.taboola.com/gomedia1-theonion/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/3/abtests?route=US:CH:V&tvi48=11616&tvi50=9864&lti=trecs&ri=90ac0b9685ceca7a36fb09839a6cdb00&sd=v2_ae11b243e086d50ce789ad5728306627_49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3_1700746595_1700746595_CNawjgYQ5LxeGNeZluO_MSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGiLspCgye6O3i5wAQ&ui=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&pi=/study-finds-link-between-dna-and-cannabis-addiction-1851043563&wi=-302137854758154435&pt=text&vi=1700746595543&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1700746595962%7D&tim=03%3A36%3A35.962&id=7248&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
1x1.png
d24zb9qreavi2u.cloudfront.net/ 		95 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d24zb9qreavi2u.cloudfront.net/1x1.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.96.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-96-98.msp50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:06:53 GMT
via
1.1 d62ba4ef94e0bb48bd2d705b2bb52dc2.cloudfront.net (CloudFront)
last-modified
Mon, 16 May 2022 07:24:25 GMT
server
AmazonS3
x-amz-cf-pop
MSP50-P1
age
23383
etag
"71a50dbba44c78128b221b7df7bb51f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
TN2RhxfwniK2kMV00Q-2z2yQjNARkh9xrvlWiUCsrtQ1aaU3VvcOwQ==
metrics
ch-trc-events.taboola.com/gomedia1-theonion/log/3/ 		0
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/3/metrics?route=US%3ACH%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.theonion.com
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/gomedia1-theonion/log/3/ 		0
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/3/abtests?route=US%3ACH%3AV&lti=trecs&tvi48=11616&tvi50=9864&ri=90ac0b9685ceca7a36fb09839a6cdb00&sd=v2_ae11b243e086d50ce789ad5728306627_49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3_1700746595_1700746595_CNawjgYQ5LxeGNeZluO_MSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGiLspCgye6O3i5wAQ&ui=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&pi=%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&wi=-302137854758154435&pt=text&vi=1700746595543&tim=03%3A36%3A35.941&id=71147&llvl=2&cv=20231121-7-RELEASE&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22brsd%22%2C%22type%22%3A%7B%22esv%22%3A%22ES2021%22%2C%22c%22%3Atrue%2C%22ss%22%3Atrue%2C%22ls%22%3Atrue%7D%2C%22eventTime%22%3A1700746595941%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.theonion.com
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Nov 2023 13:36:36 GMT
x-amz-request-id
9BPQZ63BHD09JRXV
age
27
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
MwjYnA5hwniF9XuGLAjIhlWD7ZXGH0RpAO2i04xyymkna3fvAm83neYK5SrOeJYKvmPfYsr8rOM=
x-served-by
cache-yyz4550-YYZ
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1700746596.015536,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
16
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
6
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame FC14
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZV9VZMCo5uYAALKMH-cAAAAA
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZV9VZMCo5uYAALKMH-cAAAAA
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
43038

Redirect headers

X-SO-Cluster-ID
0
Date
Thu, 23 Nov 2023 13:36:36 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.38","key":"ZV9VZMCo5uYAALKMH-cAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40260"}
X-SO-Key
ZV9VZMCo5uYAALKMH-cAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40260
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZV9VZMCo5uYAALKMH-cAAAAA
Cache-Control
private
X-SO-HostName
a-ad40260.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
X-SO-IP
96.9.249.38
sync
ssbsync.smartadserver.com/api/ Frame FC14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.85 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame FC14
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LPB8M0BO-E-37IV
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LPB8M0BO-E-37IV
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33452

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LPB8M0BO-E-37IV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame FC14
Redirect Chain
  • https://trace.mediago.io/ju/cs/taboola
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1b7de7e8c21423022jb8kt00lpb8m0ch
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1b7de7e8c21423022jb8kt00lpb8m0ch
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33685

Redirect headers

date
Thu, 23 Nov 2023 13:36:36 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1b7de7e8c21423022jb8kt00lpb8m0ch
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
sync.taboola.com/sg/google-network/1/rtb-h/ Frame FC14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
  • https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENn99p5oKUDQIXyjUQ9df9g&google_cver=1
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENn99p5oKUDQIXyjUQ9df9g&google_cver=1
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33883

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENn99p5oKUDQIXyjUQ9df9g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
101956
jadserve.postrelease.com/dmp/ Frame FC14 		43 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/dmp/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.15.229 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-15-229.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:36 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FC14 		42 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3:$UID
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 13:36:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame FC14
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3
170 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3
date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33452
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame FC14
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
13
date
Thu, 23 Nov 2023 13:36:36 GMT
via
1.1 varnish
x-served-by
cache-yyz4550-YYZ
server
nginx
x-timer
S1700746596.281117,VS0,VE13
x-fastly-to-nlb-rtt
12074
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
date
Thu, 23 Nov 2023 13:36:36 GMT
server
Kestrel
content-length
239
rtset
bh.contextweb.com/bh/ Frame FC14 		49 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-sqmgx
expires
-1
rtb-h
sync.taboola.com/sg/storygize-network/1/ Frame FC14
Redirect Chain
  • https://sid.storygize.net/ccm/8a5f7a0b-b1ad-46dc-a085-63906ab7b98c
  • https://sid.storygize.net/csr?r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstorygize-network%2F1%2Frtb-h%3Ftaboola_hm%3D95314614-9b3c-448a-ae24-dfbbdcdac958
  • https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=95314614-9b3c-448a-ae24-dfbbdcdac958
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=95314614-9b3c-448a-ae24-dfbbdcdac958
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
38156

Redirect headers

location
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=95314614-9b3c-448a-ae24-dfbbdcdac958
date
Thu, 23 Nov 2023 13:36:36 GMT
content-length
0
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame FC14
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F464%2F2%2F6%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/2/6/2.gif?puid=5965519997845925682&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F1244%2F5%2F3.gif%3Fpuid%3D%5...
  • https://ce.lijit.com/merge?pid=42&3pid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F1244%2F5%2F3.gif%3Fpuid%3D%5...
  • https://id5-sync.com/c/464/1244/5/3.gif?puid=HtFwhRZHc4ldxZ4dTD-iUtLg&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/441/4/4.gif?puid=u_c799d1f4-5b38-4a96-9ad5-fda2185835dd&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
  • https://id5-sync.com/k/155.gif?puid=AAAWOk7KvqsAABKdyZEUAg&id5AccountNum=155&numCascadesAllowed=9
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&ttl=%%TTL%%
  • https://ce.lijit.com/merge?pid=92&3pid=5965519997845925682&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F1246%2F1%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/464/1246/1/7.gif?puid=HtFwhRZHc4ldxZ4dTD-iUtLg&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F0%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/429/0/8.gif?puid=71A53502-0352-4DDA-BC37-6369BFD775C2&gdpr=0&gdpr_consent=
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ee80AvH94oJ4u5hAbjVXQ8GWEr6Lkcw1rWp30FAN4w
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ee80AvH94oJ4u5hAbjVXQ8GWEr6Lkcw1rWp30FAN4w
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
43669

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ee80AvH94oJ4u5hAbjVXQ8GWEr6Lkcw1rWp30FAN4w
date
Thu, 23 Nov 2023 13:36:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame FC14
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=taboola&bsw=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=taboola&bsw=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=MTAxOGY1MWQyNzg4ZWIxNw&gdpr=0&gdpr_consent=&us_privacy=&ssp=taboola&bsw_param=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
41898

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Thu, 23 Nov 2023 13:36:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame FC14
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=2c04ab40-49db-462f-8fb7-e222430fb4d8
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=2c04ab40-49db-462f-8fb7-e222430fb4d8&tbid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&query=taboola_hm%3D2c04ab40-49db-...
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=2c04ab40-49db-462f-8fb7-e222430fb4d8&tbid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&query=taboola_hm%3D2c04ab40-49db-462f-8fb7-e222430fb4d8&isDirect=0
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 23 Nov 2023 13:36:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1700746596.466504,VS0,VE20
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yyz4550-YYZ

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=2c04ab40-49db-462f-8fb7-e222430fb4d8&tbid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&query=taboola_hm%3D2c04ab40-49db-462f-8fb7-e222430fb4d8&isDirect=0
date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
38901
xuid
eb2.3lift.com/ Frame FC14
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Nov 2023 13:36:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Thu, 23 Nov 2023 13:36:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame FC14
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=36d8265a-757f-0798-3f72-e294b2210599
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=36d8265a-757f-0798-3f72-e294b2210599
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
38901

Redirect headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=36d8265a-757f-0798-3f72-e294b2210599
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
social
ch-trc-events.taboola.com/gomedia1-theonion/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/3/social?route=US:CH:V&tvi48=11616&tvi50=9864&lti=trecs&ri=90ac0b9685ceca7a36fb09839a6cdb00&sd=v2_ae11b243e086d50ce789ad5728306627_49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3_1700746595_1700746595_CNawjgYQ5LxeGNeZluO_MSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGiLspCgye6O3i5wAQ&ui=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&pi=/study-finds-link-between-dna-and-cannabis-addiction-1851043563&wi=-302137854758154435&pt=text&vi=1700746595543&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Study%20Finds%20Link%20Between%20DNA%20And%20Cannabis%20Addiction%22%2C%22sec%22%3A%22dna%22%2C%22aut%22%3A%5B%22The%20Onion%22%5D%2C%22img%22%3A%22https%3A%2F%2Fi.kinja-img.com%2Fimage%2Fupload%2Fc_fill%2Ch_675%2Cpg_1%2Cq_80%2Cw_1200%2Fabwm6w3prjmdcyvoqfxn.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=03%3A36%3A36.031&id=2292&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
json
trc.taboola.com/gomedia1-theonion/trc/3/ 		55 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gomedia1-theonion/trc/3/json?llvl=2&tim=03%3A36%3A36.035&lti=trecs&pubit=n&t=1&data=%7B%22cmps%22%3A2%2C%22id%22%3A%2248439%22%2C%22sd%22%3A%22v2_ae11b243e086d50ce789ad5728306627_49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3_1700746595_1700746595_CNawjgYQ5LxeGNeZluO_MSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGiLspCgye6O3i5wAQ%22%2C%22ui%22%3A%2249ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3%22%2C%22ii%22%3A%22%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1700746595543%2C%22cv%22%3A%2220231121-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563%22%2C%22vpi%22%3A%22%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8304%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22gomedia1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22cd%22%3A2264%2C%22mw%22%3A800%2C%22fb%22%3A%221%22%2C%22fi%22%3A3%2C%22fti%22%3A%22delta-override%3A10747531%3APUBLISHED%22%7D%5D%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_2%22%2C%22lbt%22%3A1700567646446%2C%22uifp%22%3A%2249ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3%22%2C%22wc%22%3Atrue%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cd1ec5146dd8f3ab0ac4dff49a93b4fcac01e754731583813f1bfbb0560fd36d

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
408
date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.54125
x-fastly-to-nlb-rtt
14940
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4550-YYZ
x-log-content-encoding
gzip
server
nginx
x-timer
S1700746596.046537,VS0,VE408
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
ch-trc-events.taboola.com/gomedia1-theonion/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/2/debug?tim=03%3A36%3A36.037&type=usage&msg=New_CTA-event-1700746596037&llvl=2&id=7586&cv=20231121-7-RELEASE&lt=trecs&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-7345145209508777678~~dkEBQ_26u7OK%22%7D
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27688
debug
ch-trc-events.taboola.com/gomedia1-theonion/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/2/debug?tim=03%3A36%3A36.037&type=usage&msg=New_CTA-event-1700746596037&llvl=2&id=979&cv=20231121-7-RELEASE&lt=trecs&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-7345145209508777678~~dkEBQ_26u7OK%22%7D
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27716
debug
ch-trc-events.taboola.com/gomedia1-theonion/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/2/debug?tim=03%3A36%3A36.040&type=usage&msg=New_CTA-event-1700746596040&llvl=2&id=1015&cv=20231121-7-RELEASE&lt=trecs&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~3970404461556465460~~-8Baa-FnBCmL1%22%7D
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27716
debug
ch-trc-events.taboola.com/gomedia1-theonion/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/2/debug?tim=03%3A36%3A36.040&type=usage&msg=New_CTA-event-1700746596040&llvl=2&id=9684&cv=20231121-7-RELEASE&lt=trecs&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~3970404461556465460~~-8Baa-FnBCmL1%22%7D
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27716
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.9/ 		120 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a92d33f554ce1738ba8de92d34c2e82eb9aa06f4c29a530e7fe5348954dee07

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
via
1.1 dd96101693c9f13a5efc3b0280199938.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
YTO50-C2
age
436185
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34194
x-served-by
cache-yyz4546-YYZ
last-modified
Sat, 18 Nov 2023 10:01:07 GMT
server
AmazonS3
x-timer
S1700746596.284137,VS0,VE0
etag
"71c188f2046759c2140f9eafdaccf881"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Knfp1ZMWmEqq3Ug_4bHHMI_liKhSsupTjqM8jPAQVpAfgHrSWSuVOw==
x-cache-hits
17778
/
pips.taboola.com/ 		4 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
cache-yyz4546-YYZ
date
Thu, 23 Nov 2023 13:36:36 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.theonion.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
supply-feature
ch-trc-events.taboola.com/gomedia1-theonion/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/3/supply-feature?route=US:CH:V&tvi48=11616&tvi50=9864&lti=trecs&ri=90ac0b9685ceca7a36fb09839a6cdb00&sd=v2_ae11b243e086d50ce789ad5728306627_49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3_1700746595_1700746595_CNawjgYQ5LxeGNeZluO_MSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGiLspCgye6O3i5wAQ&ui=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&pi=/study-finds-link-between-dna-and-cannabis-addiction-1851043563&wi=-302137854758154435&pt=text&vi=1700746595543&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2240%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A36%3A36.114&id=5908&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
cds.taboola.com/ 		0
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:36 GMT
cache-control
no-store
server
nginx
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
9ddde0248526a92ea0f2a0c018a25d8a240df268917c78f95a0e5e1073762d8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31453
x-xss-protection
0
server
cafe
etag
49 / 19684 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 13:36:36 GMT
op.js
tagan.adlightning.com/gomedia/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/op.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.37.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-37-32.msp50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf192a93a0826875d80ff216dfea7b9b3490d74f2086d78a1da6c18d49ea2902

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
RT75.qOykwxor6WZkn3gSN5g9Ov6TLaL
content-encoding
gzip
via
1.1 db4dbc94ada3ec57403661fc29634ea8.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 13:23:36 GMT
x-amz-cf-pop
MSP50-C1
age
782
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
9028
x-amz-meta-git_commit
cf1706d
last-modified
Wed, 22 Nov 2023 20:41:41 GMT
server
AmazonS3
etag
"54d5b6976ce63e343cdd7610f6311af3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Dk3tgplDbEpJe3KVkfFW9XFIaDIZn2Uqh5J2otLAeij6mZ-kCqOBAQ==
runtime~adManager.da3db87d41ef042b00b0.js
www.theonion.com/x-kinja-static/assets/new-client/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.da3db87d41ef042b00b0.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
278297cb907ff7c5eb8f8444423995c281bc5fa6cf01ac31f5357e1dc3c25d1a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
V6PAR2VV9T36K1PW
age
140625
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1686
x-amz-id-2
tZ5QOLEPNNWZ+XQziOyld7XN0FoucvSfC5IRJXTRS6F+qnC5Pzs5Jao5lflyMTQanZZVo9c7AkQ=
x-served-by
cache-yyz4556-YYZ, cache-yyz4526-YYZ
last-modified
Tue, 21 Nov 2023 22:27:16 GMT
server
AmazonS3
x-timer
S1700746596.428751,VS0,VE1
etag
"68f53e4c142def61372f125d5054be6a"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 1
adManager.debf8438553c4c88fa24.js
www.theonion.com/x-kinja-static/assets/new-client/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adManager.debf8438553c4c88fa24.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d444c6857c7f163cc89eb91f9de7ccd7d038e8c2619d4d92d6d508ec285a1fe8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
WKG6HF649SM34474
age
77371
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
8589
x-amz-id-2
CEODZPj9QQYGqbBnfm2EK0keOt9UtL/WUz/lWk+314wjOvutfX1Jn32OU0Ocl8BIGCJSwoOErD2mhnIZoDCFK576X84DGEftwxtoNw5EVCo=
x-served-by
cache-yyz4525-YYZ, cache-yyz4526-YYZ
last-modified
Wed, 22 Nov 2023 16:02:33 GMT
server
AmazonS3
x-timer
S1700746596.428738,VS0,VE0
etag
"12158bc8b741a74f512a5fce664a83a0"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
2, 10
gtm.js
www.googletagmanager.com/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7ad86eb2db9f006202c8689b6d2f22bdeb8a1291d1b86a808f3b1b0769b58b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45360
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Nov 2023 13:36:36 GMT
183957-47751755686051.js
js-sec.indexww.com/ht/p/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4300454348aab742b1eff507c0bc32134b45a5d6aca003be799d9ff24af4a10d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 13:30:16 GMT
server
cloudflare
age
181
etag
W/"901b64-a904-60ad1d612b920"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
82a9cd543fa43905-YYZ
expires
Thu, 23 Nov 2023 17:36:36 GMT
runtime~trackers.cab236ddab54d9b50be3.js
www.theonion.com/x-kinja-static/assets/new-client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~trackers.cab236ddab54d9b50be3.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
684b4de220f2acb97bbd72a8d06ad77da72693f611a47ada428892ba3018c9d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
19N3RQDYEHQJTKKV
age
790087
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1078
x-amz-id-2
yi9ZUdKq7EWMMy0MNra2kS6ZhPW7iwtuL5Vs7/5RO4C0rqwRAek6KcMnBWQGuJZELO+CatVhkY0=
x-served-by
cache-yyz4574-YYZ, cache-yyz4526-YYZ
last-modified
Tue, 14 Nov 2023 05:48:54 GMT
server
AmazonS3
x-timer
S1700746596.459065,VS0,VE1
etag
"67666b48c2a640bf4ab12af28a0d2f64"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 1
vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~4ea66be1.bc22efab6ca478cb569c.js
www.theonion.com/x-kinja-static/assets/new-client/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~4ea66be1.bc22efab6ca478cb569c.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ace9e08da91ddfaadf070b93307666c4bbdbe83b14c975d703bbe884ae90926
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-amz-request-id
QBWFF5JJEEE49M28
age
1473056
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
13985
x-amz-id-2
elfArXhXqbRnKGRbfKf3XNyNAhIbC+Jzaxe+ln+qEvkrQGsYg0tQFfdbohtOiPWFGhdap4TouQA=
x-served-by
cache-yyz4547-YYZ, cache-yyz4526-YYZ
last-modified
Thu, 02 Nov 2023 19:57:43 GMT
server
AmazonS3
x-timer
S1700746596.460902,VS0,VE1
etag
"ff823184fadd2ca25405cfb78d0f2ac4"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
0, 0, 1
vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~3b8fb7c5.0ef97014e63785d98dba.js
www.theonion.com/x-kinja-static/assets/new-client/ 		179 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~3b8fb7c5.0ef97014e63785d98dba.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21a51bfa6dcd95b688f195e3290e70e30ab422101b86b5194143fb1aa364068e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
TAF58MVZAWWMY1AC
age
705513
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
48468
x-amz-id-2
skrfAb5S9crOG7R2KfEOqE8It9Lgr8c67fDZSBxxc/Dqo6tW21PzA2sxnBD1h90Z7qsEuvpiZSw=
x-served-by
cache-yyz4562-YYZ, cache-yyz4526-YYZ
last-modified
Tue, 14 Nov 2023 21:17:47 GMT
server
AmazonS3
x-timer
S1700746596.460887,VS0,VE2
etag
"5a7d82466c8d0558cd018e54de2e1cab"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
0, 1
vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~5dd230b7.946a9e54a94b06c2c450.js
www.theonion.com/x-kinja-static/assets/new-client/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~5dd230b7.946a9e54a94b06c2c450.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1e50535cd96094998245d0149c8eaf14e51fcd01a9b1286936ef2754b282823
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
1QP1TMV0HXBJE644
age
707198
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1943
x-amz-id-2
18Si/I/hm+FaC00OWt7bRMkZT0hidfO67wWj9jMsemGsyrJsEICkrmTq9FlKcSCALd1ZMv1cwNAxracK3TFvVgjg/p2rbQkJ/0calSa/OIM=
x-served-by
cache-yyz4542-YYZ, cache-yyz4526-YYZ
last-modified
Wed, 15 Nov 2023 04:42:16 GMT
server
AmazonS3
x-timer
S1700746596.460869,VS0,VE2
etag
"109584bc54edcf898439c176606e6565"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 1
vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~a57849c3.0b4e19480a094968d8c7.js
www.theonion.com/x-kinja-static/assets/new-client/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~a57849c3.0b4e19480a094968d8c7.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b58135e4d0d328264b9783a8dc11b875c3f2204279c44c9b6d2bf3d7b967e198
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
BEHV9FX7W1X97XWE
age
783256
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1659
x-amz-id-2
pAzZ08ec0EaipE5rc8nxsW32U4IiEOIFsX17mLW86xFAVJK+szA1VtdTjBG8GqeE0y4c93yrzhI=
x-served-by
cache-yyz4566-YYZ, cache-yyz4526-YYZ
last-modified
Tue, 14 Nov 2023 05:48:55 GMT
server
AmazonS3
x-timer
S1700746596.460844,VS0,VE1
etag
"eb48ccba646759bd354bafd17ea13102"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
0, 1
vendor~biztools~capPage~capRoundupPage~commerceDashboardClient~featureSwitchPageClient~renderThumbsM~fa7c618c.5bf9370c17b74188ad99.js
www.theonion.com/x-kinja-static/assets/new-client/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~biztools~capPage~capRoundupPage~commerceDashboardClient~featureSwitchPageClient~renderThumbsM~fa7c618c.5bf9370c17b74188ad99.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3808183c4e2a5463ca4622d4802e1c5ff8d668870a096ac90f281b886d6e0111
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
B360H2MR3FX6WCGA
age
781274
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
6269
x-amz-id-2
uaMilr0dc4W0W/Z7CIz3hMdiMpdDeuCAGevqxsxRUgd/P2Ky9yCw3GMmooL0v7E9Ta0zB2iDGp70M3sBCtRNqw==
x-served-by
cache-yyz4558-YYZ, cache-yyz4526-YYZ
last-modified
Mon, 13 Nov 2023 21:57:54 GMT
server
AmazonS3
x-timer
S1700746596.460818,VS0,VE1
etag
"247c645d249a8dbf51217cc1ba9e2d9f"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 1
vendor~trackers.3c1df5cad1584161e519.js
www.theonion.com/x-kinja-static/assets/new-client/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.3c1df5cad1584161e519.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dc9ce6ff07aa809dfdfad4e380d74ba7df1bcace68085a8ef1ac8b4ee785bae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
30YTRV9M8630Z59D
age
709890
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
35688
x-amz-id-2
jVJlZyK32U3qCpDee7oVeGJaMipywJIyGZpruHTQh22kaVqSV9Hu0EBwo6h7rDDtRvZ8vePw9PhMUxeG71YM1ScQ5DPjGWKkRtkY2TPtJJw=
x-served-by
cache-yyz4522-YYZ, cache-yyz4526-YYZ
last-modified
Wed, 15 Nov 2023 04:42:17 GMT
server
AmazonS3
x-timer
S1700746596.460809,VS0,VE2
etag
"b838b0611ef716ba82e1c0c4a8fcbc37"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 1
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~23711350.c837c84b6b92a4ccc895.js
www.theonion.com/x-kinja-static/assets/new-client/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~23711350.c837c84b6b92a4ccc895.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f02bbb488437048485111d3ecdb1136fae1261e5ba9295f7cb08e6e81cee81a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-amz-request-id
QRXEPY1JG5ZS16DC
age
1770522
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
4486
x-amz-id-2
heSoZgxAFZ9iwV4gqNuU4zkeRSO1vg2XDsoVrNG65FtzXt4KKrwrtnqOQ6gCk8lH9dln90N/vJ0Qz6jSTSVzhi55KNpby8frZngOg3yMbk4=
x-served-by
cache-yyz4529-YYZ, cache-yyz4526-YYZ
last-modified
Wed, 25 Oct 2023 13:32:36 GMT
server
AmazonS3
x-timer
S1700746596.460791,VS0,VE1
etag
"160a2f74fb9726fd010878be1fb758fb"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
0, 0, 1
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~fb1edace.48bfda91c7e94a9aa92b.js
www.theonion.com/x-kinja-static/assets/new-client/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~fb1edace.48bfda91c7e94a9aa92b.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2aafc3889b2ed0cdca5c90cd5369370bae84a7ca777e96fd082c7d4e9fc27ac6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-amz-request-id
7D5E3VC6S4DPSCHR
age
1386610
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
14089
x-amz-id-2
uEoRdPp4uqHeueC5WSZKfdwZFtsDhtnBhRz1ggCxpmp92eqaY0sGOOmYVKiU2FH+wz5A5naFIwM=
x-served-by
cache-yyz4543-YYZ, cache-yyz4526-YYZ
last-modified
Tue, 07 Nov 2023 04:28:12 GMT
server
AmazonS3
x-timer
S1700746596.460770,VS0,VE1
etag
"a7c48192fb6a8a336868fa4be75cba1e"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 0, 1
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~1e1f3b70.9da663e583a6a7ac7059.js
www.theonion.com/x-kinja-static/assets/new-client/ 		78 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~1e1f3b70.9da663e583a6a7ac7059.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51d62eb6d89c9f6ed16b87ce68a3a41e613f5972048674b41a5441032a5596e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
GMEWH889T02YYQZ1
age
901526
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
8464
x-amz-id-2
1dlnim0LzuTu3Hz7y4wZ7sVRMJQJX8tQwi9fFqRtsmK9wJdMwfWkXuA8lUT4+Y1zi8zVIZ/AECU=
x-served-by
cache-yyz4557-YYZ, cache-yyz4526-YYZ
last-modified
Mon, 13 Nov 2023 03:04:38 GMT
server
AmazonS3
x-timer
S1700746596.460756,VS0,VE1
etag
"32f4e8cfdc72be3128a72cad4c069e52"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 1
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~a0b3c1e7.6ac22456dd15439ffbb1.js
www.theonion.com/x-kinja-static/assets/new-client/ 		118 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~a0b3c1e7.6ac22456dd15439ffbb1.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
270f9ef779c1eec63161e63a842f95578aee0ede1b4e25559346ec71478612f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
F834HQSSY65YCT1Y
age
594553
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
28384
x-amz-id-2
WRZsjkJtdjygtmlj4Dqvc1SJPe3O1J9vKfvlSUmK38iqaHnYGOShr9HrUH9D6KqSZGth0NKPPdg=
x-served-by
cache-yyz4580-YYZ, cache-yyz4526-YYZ
last-modified
Thu, 16 Nov 2023 16:23:41 GMT
server
AmazonS3
x-timer
S1700746596.478531,VS0,VE1
etag
"f5292f252a5f657e16616cb3a7bdedac"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
2, 1
carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.430e633af3bf2dcd42d5.js
www.theonion.com/x-kinja-static/assets/new-client/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.430e633af3bf2dcd42d5.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4331bac2193cbde53c6e8bcd7f79ec503a4aec25a9eae47b557e4f118f5d2a9c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
B36DDGH96Z8EAQ3F
age
802601
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
3979
x-amz-id-2
I490VY7IsE4i9ldiJ1uWH8N7djYfHo0zrC4/sRGcLiCeU3NZQry90k59qpCpctuG+UJyAjsPzx4XBJhIV8vJ0THy4HJCInF0
x-served-by
cache-yyz4582-YYZ, cache-yyz4526-YYZ
last-modified
Mon, 13 Nov 2023 21:57:48 GMT
server
AmazonS3
x-timer
S1700746596.478480,VS0,VE1
etag
"4a907d32b257b9799ec37089e833b1f4"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 1
trackers.e750d524e2a62ab803a4.js
www.theonion.com/x-kinja-static/assets/new-client/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/trackers.e750d524e2a62ab803a4.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4928e318e24ee71aea66837ef00ec4a702cb700147993ce527db8710222e16db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
TDQZ9BTHF33RX8JS
age
596444
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
3981
x-amz-id-2
0WRsaVseQWC2KfSLv8lWtH+8d2cg4YiOnX55YH8EsKq17fFeMJUw9yqPN+v1L2d08AXT/0hqIjc=
x-served-by
cache-yyz4559-YYZ, cache-yyz4526-YYZ
last-modified
Thu, 16 Nov 2023 15:50:20 GMT
server
AmazonS3
x-timer
S1700746596.478453,VS0,VE1
etag
"a096e96b6ff3dab7d65322128ab5d82d"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 1
runtime~permalinkPage.a0e7e01dc9b004ec3483.js
x.kinja-static.com/assets/new-client/ 		33 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.a0e7e01dc9b004ec3483.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe00702e6401e80739fb894ce02be75ebbcee8712342cbc37a7571affbfca3e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
H0M0XMDE9ZEM911D
age
25
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
6063
x-amz-id-2
eHmT+rnVCAz/CzaXYoyZfycTKEMXgjZU/VYkNYzGciz4wW9pD2LcaqKT4P77V22pbbkrgQ0Uf/s=
x-served-by
cache-yyz4526-YYZ
last-modified
Mon, 20 Nov 2023 09:59:33 GMT
server
AmazonS3
x-timer
S1700746596.479732,VS0,VE1
etag
"9ddcd8c77854a01b63c0eb5913c75706"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~58afd02a.d643cf95185d98203e93.js
x.kinja-static.com/assets/new-client/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~58afd02a.d643cf95185d98203e93.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83992d5da583494b56f97997360b7299e8d666022125e0910d44fb765a7a227b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
G4Q1KAJGBA0QBBAS
age
89
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1036
x-amz-id-2
Skxd6ZtI/LgDWZwD8+JWFrQOAKvPbgLDFFJYH7/8I9RxuMIUMxTq+GOBnroRhybgzvKj1SautbcBFD/AIZqfJM/vOgVk1ZwLxYnXXwTcJ7s=
x-served-by
cache-yyz4526-YYZ
last-modified
Wed, 11 Oct 2023 12:58:54 GMT
server
AmazonS3
x-timer
S1700746596.478439,VS0,VE0
etag
"c3d4ecea770493510b5c0015e06f6d85"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~01efa28b.960d49be6904641cc1e5.js
x.kinja-static.com/assets/new-client/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~01efa28b.960d49be6904641cc1e5.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e26deffb409d54bad3ee0136cb720a41853e80674879efe763d44a80e079c2d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
FQ7WQEJ1AG9Z36CP
age
59
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
2112
x-amz-id-2
Qi0XHHexOVt8z3lzhl+yQnA9J81SlTCm5RtI3q1jRSCxrUwivui7EzeJwO0yAfh1o+BQYEP66V4=
x-served-by
cache-yyz4526-YYZ
last-modified
Tue, 31 Oct 2023 06:03:31 GMT
server
AmazonS3
x-timer
S1700746596.478414,VS0,VE1
etag
"317d47a6a0a62e3cd959c3c6019d9ea9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~editorPage~errorPage~featureSwit~35550ec2.d5e7dbe9606a54eeb519.js
x.kinja-static.com/assets/new-client/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~editorPage~errorPage~featureSwit~35550ec2.d5e7dbe9606a54eeb519.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da2086b575813b2305cccda2cd13e026bb10db9b0b8ad9a8052c154c2909c7b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
PGDCVW0KPXA4DBFV
age
99
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
12749
x-amz-id-2
0pvSGMf5tKsBFM7sHcj9rZInAElC8c5HAGJvj25sP7+VFge1EWvtq5MNQ2SgVPMKE1+1+z0mH8I=
x-served-by
cache-yyz4526-YYZ
last-modified
Thu, 16 Nov 2023 16:23:41 GMT
server
AmazonS3
x-timer
S1700746596.478380,VS0,VE0
etag
"4b7cd76f704bbdc8130b3ecadfcfdbe7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
3
featuredPermalinkPage~permalinkPage~slideshowPermalinkPage~videoPermalinkPage.02ae9c63089846badaac.js
x.kinja-static.com/assets/new-client/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/featuredPermalinkPage~permalinkPage~slideshowPermalinkPage~videoPermalinkPage.02ae9c63089846badaac.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37c39ff96587d3bbf3ff13d7e2d3d19ae903f54d90f2052efde272b8a47d1489
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
EP4V8D8PCAH8NWDD
age
99
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
4155
x-amz-id-2
p7+Iil58GuOaZgF0HJI6SBQ6fpOLA71hdrRU4iIWaAmWtqXQ9vXEoIMe6XA96bxsvdTdUNx1/Lbqo9ogQN66Dr4kiLOL3nxj
x-served-by
cache-yyz4526-YYZ
last-modified
Thu, 16 Nov 2023 15:50:17 GMT
server
AmazonS3
x-timer
S1700746596.478359,VS0,VE0
etag
"17580f90ad1a5e3308bb117a862479e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
3
permalinkPage.3d7923109634cf465d66.js
x.kinja-static.com/assets/new-client/ 		2 KB
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/permalinkPage.3d7923109634cf465d66.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0ab01d6625b0bfeefdb912790a26aa0fb117deb0b70add3fc4b616a23981242
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
EP4MRT1YW0QZDAWQ
age
59
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
509
x-amz-id-2
dQDnEbLBxA34bhPdLwcI5+J5jOiH8HFkpqMMgXTXmkUynlLeCUMp48GiGJJgUyxzUBQ9KhvZadzx3txNfvKakSKqIoIoWw8vmCMgAO43mQ8=
x-served-by
cache-yyz4526-YYZ
last-modified
Thu, 16 Nov 2023 15:50:18 GMT
server
AmazonS3
x-timer
S1700746596.478345,VS0,VE0
etag
"fb3b6d494d0b23b40c85200aa1ccdb52"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
runtime~connatixLoader.b7fa188f5acdb8ee0da4.js
www.theonion.com/x-kinja-static/assets/new-client/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~connatixLoader.b7fa188f5acdb8ee0da4.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70473dfc509c325ebee79d439e8745d52086498d1c9b6ff4d90a145d20a7f182
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id
G08VPSQJH7VD71RR
age
2528930
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1221
x-amz-id-2
Nb7/QppZVZ4PIZljsFk2+TJG64TLX1P6Qw0o3p4n2scvlHZ+fNY+PUs3j4pY7fbBYFEkO0hRKgk=
x-served-by
cache-yyz4540-YYZ, cache-yyz4526-YYZ
last-modified
Wed, 25 Oct 2023 05:03:01 GMT
server
AmazonS3
x-timer
S1700746596.479844,VS0,VE1
etag
"4265987da4f30e8d54ce01503763258e"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
1, 0, 1
connatixLoader.38915cdaf549293bc9db.js
www.theonion.com/x-kinja-static/assets/new-client/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/connatixLoader.38915cdaf549293bc9db.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c7704d78689dfe9732f77c09a20be32dbd5ef48e20a0ae84b84ea1a155d454d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-amz-request-id
EP1RJ4C9PXMFQWN3
age
800566
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
2217
x-amz-id-2
ZRIF5JkflHK34wLEFrY9x7jJlRCalncDFgRzYXw5B6/STayMfE1D+8g4FjjYZF0pvmImgK9XIxQ=
x-served-by
cache-yyz4530-YYZ, cache-yyz4526-YYZ
last-modified
Tue, 14 Nov 2023 05:48:50 GMT
server
AmazonS3
x-timer
S1700746596.479779,VS0,VE1
etag
"aada7062356bdd0e522f83b1038acc66"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-kinja-country
US
x-cache-hits
0, 1
vendor~browser-logs~datadog.b18b2c33d208a02a224c.js
x.kinja-static.com/assets/new-client/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendor~browser-logs~datadog.b18b2c33d208a02a224c.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4382d9e0849ba6fdaf86d0a396112ab11aeaedbb8cee35bb4ea992d019df91f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
F591SYA0Z8X7PB3F
age
92
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
14572
x-amz-id-2
SXSybE/jGs4xYXcLpgQeSDun31rQ+jsuDE1OdyD1rXoDiwQkhU4h2SVaCf2IgaWgde6PeoezhvU=
x-served-by
cache-yyz4526-YYZ
last-modified
Thu, 09 Nov 2023 18:27:19 GMT
server
AmazonS3
x-timer
S1700746596.479756,VS0,VE0
etag
"e54c8217ce9c2a8dfef877f38c249c85"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
ad-units-default.e36b81af0871a203faba.js
x.kinja-static.com/assets/new-client/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/ad-units-default.e36b81af0871a203faba.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.da3db87d41ef042b00b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9b3f4197084bab71820a0b8a569778cac6ce5dd6075726af7de203b50d9b39f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
ZMH43XFZBKE59ZCB
age
111
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
2683
x-amz-id-2
WYIraPW5334CI+APykDxG9d1Frdjt/tE/pZOujlEkBVOxHxAZkYsY4gJayxm8Grudu8r/oclRr0=
x-served-by
cache-yyz4526-YYZ
last-modified
Tue, 21 Nov 2023 22:27:11 GMT
server
AmazonS3
x-timer
S1700746596.479705,VS0,VE0
etag
"2e8fac8174e9bd7ee78516f3cd24d3d3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
3
display-theonion-desktop-config.c3ea742a568e1952e8fd.js
x.kinja-static.com/assets/new-client/ 		11 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/display-theonion-desktop-config.c3ea742a568e1952e8fd.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.da3db87d41ef042b00b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
622fb51880ca649d2bec903515a6ce45ceb17a8b146b38f1909f08cc96874c8f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
3AJSFGZH8TNVP3M2
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
919
x-amz-id-2
afwDBr2/3jWlIkVG+4OZgEwM4DM5IcNwauiY7lZOlmlG/Cnvcs2q8i+VbvGo9B6einXodfZqRPU=
x-served-by
cache-yyz4526-YYZ
last-modified
Wed, 22 Nov 2023 20:31:45 GMT
server
AmazonS3
x-timer
S1700746596.479680,VS0,VE59
etag
"9468c3e024d25849ffa665f5a086c9cb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/adManager.debf8438553c4c88fa24.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.42.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-42-218.msp50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:14:45 GMT
content-encoding
gzip
via
1.1 9fe9a07826bda1798cca2f24fd2907b0.cloudfront.net (CloudFront), 1.1 d3a9074a1f531605e56b4aa23b2d6af4.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:43 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5, MSP50-C1
age
1311
x-amz-server-side-encryption
AES256
etag
W/"08899ab5b5f986f64974630ad47b39a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
ofPu_6FJaryQD5e8iH20Iy7dCUvyp7CFHC_8zoOxNLaeOiNxmhW49g==
prebid-js-prod.a8306d741abb4944d94e.js
x.kinja-static.com/assets/new-client/ 		464 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.da3db87d41ef042b00b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3158a62a353701d639f6613783a002ad5d51429634080717bf973e887b8685ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
ZEHRFE13WRGZ0D9F
age
58
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
119075
x-amz-id-2
rumuh4ZfzZ9m90PGmXWBWFBexzxds2IsDUzuKpFTP8LBfgKvRv0mM95Q/oBDXj17wFO8zIrQenLYhuOk1V5bK/8jF6p9JoO6LC0WIc5k+JY=
x-served-by
cache-yyz4526-YYZ
last-modified
Tue, 14 Nov 2023 05:48:52 GMT
server
AmazonS3
x-timer
S1700746596.479666,VS0,VE0
etag
"59d007537119dd0df497d743b1a2ab0f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
metrics
ch-trc-events.taboola.com/gomedia1-theonion/log/3/ 		0
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/3/metrics?route=US%3ACH%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.theonion.com
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
ch-trc-events.taboola.com/gomedia1-theonion/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/2/debug?tim=03%3A36%3A36.527&type=usage&msg=New_CTA-event-1700746596527&llvl=2&id=8522&cv=20231121-7-RELEASE&lt=trecs&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~1308731239418939584~~XZDHThT-wIunc%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
34756
debug
ch-trc-events.taboola.com/gomedia1-theonion/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/2/debug?tim=03%3A36%3A36.527&type=usage&msg=New_CTA-event-1700746596527&llvl=2&id=2285&cv=20231121-7-RELEASE&lt=trecs&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~1308731239418939584~~XZDHThT-wIunc%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
34756
debug
ch-trc-events.taboola.com/gomedia1-theonion/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/2/debug?tim=03%3A36%3A36.536&type=usage&msg=New_CTA-event-1700746596536&llvl=2&id=233&cv=20231121-7-RELEASE&lt=trecs&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-991501947505728308~~nKcYbQSyN-UEp%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33876
debug
ch-trc-events.taboola.com/gomedia1-theonion/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/gomedia1-theonion/log/2/debug?tim=03%3A36%3A36.536&type=usage&msg=New_CTA-event-1700746596536&llvl=2&id=7238&cv=20231121-7-RELEASE&lt=trecs&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-991501947505728308~~nKcYbQSyN-UEp%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33876
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=878563414&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&ul=en-us&de=UTF-8&dt=Study%20Finds%20Link%20Between%20DNA%20And%20Cannabis%20Addiction&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aODACEABFAAAACAAI~&jid=1763331852&gjid=289685656&cid=1282057542.1700746597&tid=UA-223393-1&_gid=1399189417.1700746597&_r=1&_slc=1&cd34=Opinion&cd35=American%20Voices&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=1851043563&cd75=Logged%20out&cd76=none&cd78=standard&cd80=2023-11-23&cd82=Study%20Finds%20Link%20Between%20DNA%20And%20Cannabis%20Addiction&cd83=article&cd94=dna&cd97=69&cd99=The%20Onion&cd100=none&cd101=theonion&cd103=dna%2Ccannabis%2Caddiction%2Centertainmentculture%2Chelices%2Cbiotechnology%2Csethmendez%2Cjudyrobison%2Cgenetics%2Cweskonner&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=0%20-%20200&cd117=none&cd123=scroll&cd124=none&cd126=adblock%20off&cd130=none&cd131=article&cd132=undefined&cd136=The%20Onion&z=1271986440
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=878563414&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&ul=en-us&de=UTF-8&dt=Study%20Finds%20Link%20Between%20DNA%20And%20Cannabis%20Addiction&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aODACEABFAAAACAAI~&jid=925096024&gjid=1597585774&cid=1282057542.1700746597&tid=UA-142218-33&_gid=1399189417.1700746597&_r=1&_slc=1&cd34=Opinion&cd35=American%20Voices&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=1851043563&cd75=Logged%20out&cd76=none&cd78=standard&cd80=2023-11-23&cd82=Study%20Finds%20Link%20Between%20DNA%20And%20Cannabis%20Addiction&cd83=article&cd94=dna&cd97=69&cd99=The%20Onion&cd100=none&cd101=theonion&cd103=dna%2Ccannabis%2Caddiction%2Centertainmentculture%2Chelices%2Cbiotechnology%2Csethmendez%2Cjudyrobison%2Cgenetics%2Cweskonner&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=0%20-%20200&cd117=none&cd123=scroll&cd124=none&cd126=adblock%20off&cd130=none&cd131=article&cd132=undefined&cd136=The%20Onion&z=1433857585
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pid
www.theonion.com/api/magma/veritas/ 		40 B
850 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/api/magma/veritas/pid?cb=1700746596631
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.3c1df5cad1584161e519.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
8912e79c8609fdcf93a01d14b236bc0b2d218bd54baa00b69913cb49ea10574f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-kinja-server
kinja-magma-kube02-7dcdcdb687-wjkf2
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 13:36:36 GMT
via
1.1 varnish, 1.1 varnish
x-kinja-build
4601
x-powered-by
Express
x-cache
MISS, MISS
x-ua-device
desktop
x-kinja-superheroloaded
true
x-kinja
kinja-magma-kube02-7dcdcdb687-wjkf2 #4601
x-cdn-fetch
mantle-nocache
content-length
40
x-xss-protection
1; mode=block
x-exp-variant
0
x-served-by
cache-iad-kjyo7100157-IAD, cache-yyz4526-YYZ
x-googlenews-bot
false
x-exp-id
tgs0ab4MLPvGYtW0gf7NK6
x-timer
S1700746597.643520,VS0,VE55
etag
W/"28-+fqgFa2XOv24Cc4E6x2HHf+cI5Y"
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-UA-Device, X-Kinja-Location
content-type
text/html; charset=utf-8
cache-control
private, no-store, no-cache
accept-ranges
bytes
x-kinja-country
US
x-robots-tag
noindex, nofollow
x-kinja-revision
054c774aad7c403f9473c23c0f59d7af73ce2ab1
x-cache-hits
0, 0
tag
btloader.com/
Redirect Chain
  • https://kinja-com.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=kinja-com&upapi=true
53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=kinja-com&upapi=true
Protocol
H2
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78061b1127990e3338eb0ff5ee53461fb891cba7a061f9d8ef40b9007097c6ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 13:05:02 GMT
server
cloudflare
age
1823
etag
"c659e5cd3a1964ac9f8a18698fe7df9e"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
82a9cd566bfc4bc7-BUF
content-length
18186

Redirect headers

date
Thu, 23 Nov 2023 13:36:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrOMCQMeiI0U3a9dBWF6p2ZNHnvytbhNICYUUEaoxFoYdk7J7n2ANlXomjFi3S37m0X6C9B%2F9L1AqtGdBaIoFGkiNxyxu8HZOqytxHNZnczAjchMkynA2KJ2CuMNYw0LIC1mrQVg79Nx86tpfhEA3d5uAxms7Jej7tU%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=kinja-com&upapi=true
cache-control
max-age=3600
cf-ray
82a9cd558d804bd2-BUF
expires
Thu, 23 Nov 2023 14:36:36 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/trackers.e750d524e2a62ab803a4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21fa:400:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:48:39 GMT
content-encoding
gzip
via
1.1 24d5e218dcc2925d4bfa8f6456f56a36.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 01:59:58 GMT
server
nginx
x-amz-cf-pop
MSP50-C1
age
60477
etag
W/"6555779e-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
00XLZmLGgYxI3EOz_6lethjsLQVj7_F-0BroA3un3dG3cmupcDiKdA==
expires
Thu, 23 Nov 2023 20:48:39 GMT
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZjNlM2U0ZTQtYWE0ZS00YzkwLWFiZjctZWU4ODE0ZTkzNzRi&gdpr=0&gdpr_consent=&ttd_tdid=f3e3e4e4-aa4e-4c90-abf7-ee881...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&google_gid=CAESENdeewX2PvsdctHvkQNFVhM&google_cver=1
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&expiration=1703338596&gdpr=0&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&expiration=1703338596&gdpr=0&gdpr_consent=&C=1
43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&expiration=1703338596&gdpr=0&gdpr_consent=&C=1
Protocol
H2
Server
2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVTpPQmheCIWL1XOIbriXDH%2B4HPk8rrJc6b3Kie%2BiCVEFuGlUhK1b3ygGS2nbBvYzX5%2F3J4GWiSbENq4VDvgxwv%2Bagguc43uCRxp%2BJyCZfvm6tKD2ARzb8Iuiuc6ANG385rnh96g%2BMGosL5%2FoDgFMp7JkZ3DZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a9cd57f9364bd8-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MVr09UWwflPrnpfZ8S4kj14IJTQAghywoWm1rW9PYIChzuzpiCGsyS0fXMleVGMRkQLVnmqUZPDTkIcMBPskjJyahPKAY0fTg9Bvejf%2Br1DwGTbfPAEjdudgrocvD0Hs1VLR7hSQ%2FBJaX2M9kcFKZs3YfC2JA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=39&external_user_id=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&expiration=1703338596&gdpr=0&gdpr_consent=&C=1
cache-control
no-cache
cf-ray
82a9cd5779324bd8-BUF
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
iframe-communication.d153faead67976190b53.js
x.kinja-static.com/assets/new-client/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/iframe-communication.d153faead67976190b53.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.a0e7e01dc9b004ec3483.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a4a675c58ebdb96761ce6492beb887ce9cc56ad902827c7dca796681647add7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
XWZ0G0P17QYEJ3DT
age
44
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1136
x-amz-id-2
Hd6Dbk/8Pt7gRUS3eB/KqCeLWBBgp6oNpsShzjXsCcoBOV+OTCZi0Turc/Ma/rP/G+iDTwsUQKY=
x-served-by
cache-yyz4526-YYZ
last-modified
Fri, 03 Nov 2023 18:38:12 GMT
server
AmazonS3
x-timer
S1700746597.659522,VS0,VE0
etag
"8dc26d93f148352c24e486a521cb6dcb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
next-video-loader.8a22cb6e301f78d7fe09.js
x.kinja-static.com/assets/new-client/ 		2 KB
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/next-video-loader.8a22cb6e301f78d7fe09.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.a0e7e01dc9b004ec3483.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1baccffab1dae5da4fccd3ccafb523b84920e32bf6997653188b940850822746
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
EXXQDGVA4ZXMKW3M
age
19
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
690
x-amz-id-2
7F0cTG5pgPTYZXtfErqlx7IydAH0KMvuHgWgvjxQMl3EcTY2B7uhol6aOwMBJZIPPXVrLmfyd8Y=
x-served-by
cache-yyz4526-YYZ
last-modified
Mon, 13 Nov 2023 03:04:41 GMT
server
AmazonS3
x-timer
S1700746597.671691,VS0,VE1
etag
"512cb9ed1508f6619899ead1467ffbd8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
adEditorComponent~api-video-meta~curatedPageEditor~getShowBrowserData~in-article-selector~renderRela~7a3e1c31.142c3c06ee76db1d247f.js
x.kinja-static.com/assets/new-client/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/adEditorComponent~api-video-meta~curatedPageEditor~getShowBrowserData~in-article-selector~renderRela~7a3e1c31.142c3c06ee76db1d247f.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.a0e7e01dc9b004ec3483.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c847622dcd394c52fb223db6d11fa9a27587295977083c7062fec6546d2dfd57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
EXXGNRZTF1QDQ0HH
age
26
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
2413
x-amz-id-2
H1gt/HzjWoFj1U7WBAhxUPqnX3HAXhx+UbQZ/W+DSF5At8TYo0CddyNsF/Qzxt7R/O0DTlDzndw=
x-served-by
cache-yyz4526-YYZ
last-modified
Mon, 13 Nov 2023 03:04:38 GMT
server
AmazonS3
x-timer
S1700746597.671674,VS0,VE1
etag
"b16f28fc4bffa5c3e5a600f402727582"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
api-video-meta.6751291f0698038be227.js
x.kinja-static.com/assets/new-client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/api-video-meta.6751291f0698038be227.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.a0e7e01dc9b004ec3483.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
834d29860cd8d39d019f0cc928ebfd6338eb22bcc2297e8e79bd5b3c969b54ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
EXXG9QP7E9J88S5X
age
89
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
794
x-amz-id-2
EfRfXpCFSKVLzcGNyZgm0dQn42WQCA8ZNi2TYlfuwrF2NZ06+3Jy0O4lgzv2H+Y5KAOs/eoKh6lZT9qqTVGJFSsZ0teAZwGzKJx0dW2q8Xk=
x-served-by
cache-yyz4526-YYZ
last-modified
Mon, 13 Nov 2023 03:04:39 GMT
server
AmazonS3
x-timer
S1700746597.671642,VS0,VE1
etag
"25e56bb779210b90ce05450732620c09"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
vendor~curatedHomepage~frontPage~modify-commerce-links~renderSlideshowBlockNode~searchPage~send-to-e~ecb5f117.72ef3192a5c3b1a8c2d5.js
x.kinja-static.com/assets/new-client/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendor~curatedHomepage~frontPage~modify-commerce-links~renderSlideshowBlockNode~searchPage~send-to-e~ecb5f117.72ef3192a5c3b1a8c2d5.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.a0e7e01dc9b004ec3483.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7b739323f788f43777d94f5a11b01dfde61f9ff8233fd0ce5d9d50b36875c75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
94NSH7VWGDXRJD7H
age
66
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3321
x-amz-id-2
Sm9fTR8OQYI8OdHyo5Mwf4S8Js/wIi4NMpR9XtAWtCsl9mq5AXCXypBEyY9U/cR4JtWeP/nX/dblZ33lkzfPwik2q0nozwhAAViEfUsCMWw=
x-served-by
cache-yyz4526-YYZ
last-modified
Mon, 23 Oct 2023 20:22:18 GMT
server
AmazonS3
x-timer
S1700746597.672928,VS0,VE1
etag
"5dc888ab900f57f077dacfb914ed5222"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
modify-commerce-links.2cd3cf6901a344065b88.js
x.kinja-static.com/assets/new-client/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/modify-commerce-links.2cd3cf6901a344065b88.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.a0e7e01dc9b004ec3483.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc608606b53623af920655dd801792521e635e868116cf97cfefc10d26fbec3f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
1QCE56F3ADBS7CQT
age
40
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
2434
x-amz-id-2
SOsNL3ptDtSbgRuKwgGolsYz0itoL2Bdv2zcfsIuWbbaZ+9ny2gDjuL2KbBfh1GDGmqwBn2DMBeYnXjMyYURvgzEmlH6Gw1H9ybTdjo6vNo=
x-served-by
cache-yyz4526-YYZ
last-modified
Thu, 16 Nov 2023 08:39:41 GMT
server
AmazonS3
x-timer
S1700746597.672883,VS0,VE2
etag
"7095592ab54044e0cd8d0a8a565c0187"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
roboto_condensed_ext_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg-webfont.woff2?11012022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
E520RSDZ4X8G5EB2
age
24
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
22464
x-amz-id-2
LV56npgQamKGo4MLdl0umnrV+pk0KshfGOYsBapR6XfmKHDv6fPqrYS+sviUSSyuUmMqVrYkZBM=
x-served-by
cache-yyz4570-YYZ
last-modified
Thu, 10 Aug 2023 17:07:53 GMT
server
AmazonS3
x-timer
S1700746597.678004,VS0,VE0
etag
"07a9822d47ff9a6f495d0f1c04d185c8"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
3
roboto_condensed_ext_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold-webfont.woff2?11012022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
6RSPX5AW1B8H5YQ8
age
24
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
22308
x-amz-id-2
62ISNWCOe2NIX+cC7dVEHU7HZ1heu75NUw1L+zlaE5cjX0cMMiqAPtYDkz6LX1qhm64yw+kHvs4VyToMzLdZ7g==
x-served-by
cache-yyz4570-YYZ
last-modified
Thu, 10 Aug 2023 17:07:51 GMT
server
AmazonS3
x-timer
S1700746597.678337,VS0,VE0
etag
"5b89baa90ed9f475cc75193a4873c51a"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
3
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:23:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
22375
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 22 Nov 2024 07:23:41 GMT
st
imprnjmp.taboola.com/ Frame E4F3 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66629203&crid=6966598&dast=V8_tECLAYkdOxnpYjNARFI6NjPShGbAyoAAABgYID-AEkZNwvbZrFZ6xa-2Vo0GYzWEtvI41atNsbhbrLxDAazISCRyXC0MplGa9XEOVuLFp6VW-EwWdYy23I1s5hcLttuMQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yh6XT4XPd63e93Fx1dfrvTb7dr_G6_5vQ6Od8yp93keYuddq9b4jL9Xi67W2R3uBV2k1vjsNsdFqfnrTCZnB7T0293K4arxWC0Wc02cwAAAADwAECtyQjCDyAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIABYIFZUgPA-AYBZ5ZDgvw9Rpfn9LL8AwDAAwQIAAABDBIACP08JQBkSARPAAAAAAAAAACw-P___48xgO86JYOA4Aq2B8CDD4AHIgRrRRgBAAAAAEvINzkySSeoWFQBACBItwJwBQAgYJG_zNEwDAAAQMCYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEIseuFphDc9cNX8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBwORYTy2izMgxnI9dg4_INlwuTazcZbgaz2WS3PSz1AjlclXRgfUKEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQcmHyLXeLtWQws7lFM8vCLbGMTGvZxrcY-VbGlWHlcYteH9PHNRw5XJ4tEgyI2ovgIp3o_G6XyelwrEVHl9_u9NstYonmZJFOZJd9w-VYTCyjzcownI1cg43LN1wuTK7dZLgZzGaT3b60XJh8y91iLRnMbG7RzLJwSywj01q28S1GvpVxZVh53KLXx_RxDUcOl2ff2A0Gu9FstVztG7vBYDearZarfYfO8F19zkZrTHz56Cxr2fXntzkNCpfB4p0WLdLW4egz6ry2ibB0FOZcE6vKd_EaFJ6DxzRzDh-e82Xbc5au3YNREUsEp4t0InoZTxexRPK0SCfKwcJjmDhnw9XG5XH4Fp7ZzGJYDjfLhW1jshgGE7FEabpIJ3rN6XVyvmVOu8nzFjvtXrfEZfq9XHa3yO5wK-wmt8ZhtzssTs9bYTI5Paan3-5WDFeLwWizmm0m6j9ayNlcOZeMlnPNcJUAAAAAAAAAACzBJNNNAAAAAJwMarhcLGbLBXDhSabrZ3xv8Gmu92nXvvMlTnP8Q0-xxh6LOL_bZXI6HGvR0eW3O_12KwO48LRitplnBLFWq2UNAABAABsAAIAAN914E3BmydkHBDV_rdADR8qPIIez0f4BqBBrtVo-X6zVagn8____Bw!&cmcv=&pix=undefined&cb=1700746596711&uv=3359&tms=1700746596711&abt=adxsub-out_vA!adxsub-out_vB!mprdct01val_vA!ufm_vE!uftchrwf_vC!unf_vC&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=e83a6313-7a76-4204-b6dc-55c8872c3006&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8f20a93fbc70fc40c2069df18229a711f55dceebe4e72f9d04249651a7f45e0b

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 23 Nov 2023 13:36:36 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4550-YYZ
x-timer
S1700746597.734367,VS0,VE22
sync
us-match.taboola.com/ Frame B979 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V8_tECLAYkdOxnpYjNARFI6NjPShGbAyoAAABgYID-AEkZNwvbZrFZ6xa-2Vo0GYzWEtvI41atNsbhbrLxDAazISCRyXC0MplGa9XEOVuLFp6VW-EwWdYy23I1s5hcLttuMQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yh6XT4XPd63e93Fx1dfrvTb7dr_G6_5vQ6Od8yp93keYuddq9b4jL9Xi67W2R3uBV2k1vjsNsdFqfnrTCZnB7T0293K4arxWC0Wc02cwAAAADwAECtyQjCDyAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIABYIFZUgPA-AYBZ5ZDgvw9Rpfn9LL8AwDAAwQIAAABDBIACP08JQBkSARPAAAAAAAAAACw-P___48xgO86JYOA4Aq2B8CDD4AHIgRrRRgBAAAAAEvINzkySSeoWFQBACBItwJwBQAgYJG_zNEwDAAAQMCYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEIseuFphDc9cNX8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBwORYTy2izMgxnI9dg4_INlwuTazcZbgaz2WS3PSz1AjlclXRgfUKEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQcmHyLXeLtWQws7lFM8vCLbGMTGvZxrcY-VbGlWHlcYteH9PHNRw5XJ4tEgyI2ovgIp3o_G6XyelwrEVHl9_u9NstYonmZJFOZJd9w-VYTCyjzcownI1cg43LN1wuTK7dZLgZzGaT3b60XJh8y91iLRnMbG7RzLJwSywj01q28S1GvpVxZVh53KLXx_RxDUcOl2ff2A0Gu9FstVztG7vBYDearZarfYfO8F19zkZrTHz56Cxr2fXntzkNCpfB4p0WLdLW4egz6ry2ibB0FOZcE6vKd_EaFJ6DxzRzDh-e82Xbc5au3YNREUsEp4t0InoZTxexRPK0SCfKwcJjmDhnw9XG5XH4Fp7ZzGJYDjfLhW1jshgGE7FEabpIJ3rN6XVyvmVOu8nzFjvtXrfEZfq9XHa3yO5wK-wmt8ZhtzssTs9bYTI5Paan3-5WDFeLwWizmm0m6j9ayNlcOZeMlnPNcJUAAAAAAAAAACzBJNNNAAAAAJwMarhcLGbLBXDhSabrZ3xv8Gmu92nXvvMlTnP8Q0-xxh6LOL_bZXI6HGvR0eW3O_12KwO48LRitplnBLFWq2UNAABAABsAAIAAN914E3BmydkHBDV_rdADR8qPIIez0f4BqBBrtVo-X6zVagn8____Bw!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
770c54e33483d26e725d456097c1c217cf2f5bdc264909154b3306acd3380462

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 23 Nov 2023 13:36:36 GMT
machineid
3109
server
nginx
st
us-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66629203&crid=6966598&dast=V8_tECLAYkdOxnpYjNARFI6NjPShGbAyoAAABgYID-AEkZNwvbZrFZ6xa-2Vo0GYzWEtvI41atNsbhbrLxDAazISCRyXC0MplGa9XEOVuLFp6VW-EwWdYy23I1s5hcLttuMQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yh6XT4XPd63e93Fx1dfrvTb7dr_G6_5vQ6Od8yp93keYuddq9b4jL9Xi67W2R3uBV2k1vjsNsdFqfnrTCZnB7T0293K4arxWC0Wc02cwAAAADwAECtyQjCDyAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIABYIFZUgPA-AYBZ5ZDgvw9Rpfn9LL8AwDAAwQIAAABDBIACP08JQBkSARPAAAAAAAAAACw-P___48xgO86JYOA4Aq2B8CDD4AHIgRrRRgBAAAAAEvINzkySSeoWFQBACBItwJwBQAgYJG_zNEwDAAAQMCYBXpY_H6zw67xu10GAAAAAAAAAMDM_5l_NEIseuFphDc9cNX8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBwORYTy2izMgxnI9dg4_INlwuTazcZbgaz2WS3PSz1AjlclXRgfUKEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQcmHyLXeLtWQws7lFM8vCLbGMTGvZxrcY-VbGlWHlcYteH9PHNRw5XJ4tEgyI2ovgIp3o_G6XyelwrEVHl9_u9NstYonmZJFOZJd9w-VYTCyjzcownI1cg43LN1wuTK7dZLgZzGaT3b60XJh8y91iLRnMbG7RzLJwSywj01q28S1GvpVxZVh53KLXx_RxDUcOl2ff2A0Gu9FstVztG7vBYDearZarfYfO8F19zkZrTHz56Cxr2fXntzkNCpfB4p0WLdLW4egz6ry2ibB0FOZcE6vKd_EaFJ6DxzRzDh-e82Xbc5au3YNREUsEp4t0InoZTxexRPK0SCfKwcJjmDhnw9XG5XH4Fp7ZzGJYDjfLhW1jshgGE7FEabpIJ3rN6XVyvmVOu8nzFjvtXrfEZfq9XHa3yO5wK-wmt8ZhtzssTs9bYTI5Paan3-5WDFeLwWizmm0m6j9ayNlcOZeMlnPNcJUAAAAAAAAAACzBJNNNAAAAAJwMarhcLGbLBXDhSabrZ3xv8Gmu92nXvvMlTnP8Q0-xxh6LOL_bZXI6HGvR0eW3O_12KwO48LRitplnBLFWq2UNAABAABsAAIAAN914E3BmydkHBDV_rdADR8qPIIez0f4BqBBrtVo-X6zVagn8____Bw!&cmcv=&pix=31589837&cb=1700746596711&uv=3359&tms=1700746596711&abt=adxsub-out_vA!adxsub-out_vB!mprdct01val_vA!ufm_vE!uftchrwf_vC!unf_vC&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1700746594392.7!ts:1700746596710&mntl=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-length
0
server
nginx
collect
stats.g.doubleclick.net/j/ 		1 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-223393-1&cid=1282057542.1700746597&jid=1763331852&gjid=289685656&_gid=1399189417.1700746597&_u=aODACEAAFAAAACAAI~&z=1142468728
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 23 Nov 2023 13:36:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
aamdmcvlpa0bvaqxsdlq.jpg
i.kinja-img.com/image/upload/c_fill,h_80,pg_1,q_80,w_80/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/image/upload/c_fill,h_80,pg_1,q_80,w_80/aamdmcvlpa0bvaqxsdlq.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7e4cf3dd30fac57a705ee8df812906fb953e1108ee1d3340c0bf724417ab7df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
Face %28Young Man%29
x-amz-version-id
null
via
1.1 varnish, 1.1 varnish
date
Thu, 23 Nov 2023 13:36:36 GMT
x-amz-meta-cld-interesting
{"eyedea":[[2,0,165,220]]}
fastly-io-served-by
vpop-mnz1300709
x-amz-meta-cld-transformation-id
10000011314925
x-amz-request-id
Q95B6VH02T27W8A7
x-amz-meta-cld-version
1542982694
x-cache
HIT, HIT
fastly-io-info
ifsz=8589 idim=200x200 ifmt=jpeg ofsz=1710 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key
361740811044088786916841989779057675511
age
3227061
fastly-stats
io=1
content-length
1710
x-amz-id-2
XelZlhaovuBMvju9NbcN41JErPsH9HaMnT9klHLimHizdC5mB2e+Ce7IJbHP8ChJORq5sZsOH4E=
x-served-by
cache-iad-kiad7000134-IAD, cache-yyz4526-YYZ
server
AmazonS3
x-timer
S1700746597.747704,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=80&quality=80&width=80
etag
"5Ngi1pl7UsEgxIGwGzaJ2whFIZWXG+7U0wH9p8pXh5g"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-meta-cld-original-extension
jpg
x-cache-hits
1252, 1
acpneaiminui1rvklfqv.jpg
i.kinja-img.com/image/upload/c_fill,h_80,pg_1,q_80,w_80/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/image/upload/c_fill,h_80,pg_1,q_80,w_80/acpneaiminui1rvklfqv.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a114856b8ae7e3dd5a02c4bcf471490c75a5f65b8e7337b031d6e2b4166774b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
Face %28Old Woman%29
x-amz-version-id
null
via
1.1 varnish, 1.1 varnish
date
Thu, 23 Nov 2023 13:36:36 GMT
fastly-io-served-by
vpop-mnz1300712
x-amz-meta-cld-transformation-id
10000011314925
x-amz-request-id
3ADVB0CCQCCXTY6R
x-amz-meta-cld-version
1549036928
x-cache
HIT, HIT
fastly-io-info
ifsz=8133 idim=200x200 ifmt=jpeg ofsz=1500 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key
268614349457501832084625706754096081989
age
4318076
fastly-stats
io=1
content-length
1500
x-amz-id-2
y6i6b5Vhe4ZrIfB5JHeySr6SjjfexvntTM8oGkWGJSRduNzKbXWwCe5Ahc7iaDPVWJtqfDRBDo0=
x-served-by
cache-iad-kjyo7100065-IAD, cache-yyz4526-YYZ
server
AmazonS3
x-timer
S1700746597.747963,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=80&quality=80&width=80
etag
"w6+4QbcrRm/G1S0Uc3sMCVPlPi86iRbKr7yIaIOCowI"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-meta-cld-original-extension
jpg
x-cache-hits
2150, 1
collect
stats.g.doubleclick.net/j/ 		2 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-142218-33&cid=1282057542.1700746597&jid=925096024&gjid=1597585774&_gid=1399189417.1700746597&_u=aODACEABFAAAACAAI~&z=1016482217
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 23 Nov 2023 13:36:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity
api.rlcdn.com/api/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		108 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183957&gdpr=0
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
ce81f57503c905f9a9447a54c86bcc4db53bbef21aa33167a12fb2a9cff641c5

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 23 Dec 2023 13:36:36 GMT
/
id.sv.rkdms.com/identity/ 		2 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=GOMEDIA&sv_domain=www.theonion.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.199.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-199-100.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.theonion.com
date
Thu, 23 Nov 2023 13:36:37 GMT
access-control-allow-credentials
true
server
awselb/2.0
content-length
2
vary
Accept-Encoding
content-type
application/json
any
idx.liadm.com/idex/ie/ 		54 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/ie/any
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.198.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-198-8.compute-1.amazonaws.com
Software
/
Resource Hash
aa31830b2dc36140ffe78a4f5697e93bf8cb7b319804a0f355ad12e1039cbc00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
2
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
max-age=86399, private
access-control-allow-credentials
true
trace-id
0ec88f30e6d02316
content-length
54
expires
Fri, 24 Nov 2023 13:36:36 GMT
b-cf1706d-4a4114ab.js
tagan.adlightning.com/gomedia/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.37.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-37-32.msp50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08fa7ff07736c62eb09f473459e4123d902f388debf370e10103f03ba3c61ec2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:23:33 GMT
content-encoding
gzip
via
1.1 db4dbc94ada3ec57403661fc29634ea8.cloudfront.net (CloudFront)
x-amz-version-id
YWL0SJBVmouTNxkWla4VH_aL86_dW.Pd
x-amz-cf-pop
MSP50-C1
age
155584
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27942
x-amz-meta-git_commit
cf1706d
last-modified
Tue, 21 Nov 2023 18:23:23 GMT
server
AmazonS3
etag
"7e0885f669f70c7a4d38807250550e89"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xgxNTuVwzZO0wkUm21he8zZik8356bYnOrsaPwD2wClE0tcBkthnOg==
bl-cf1706d-0277468f.js
tagan.adlightning.com/gomedia/ 		72 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/bl-cf1706d-0277468f.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.37.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-37-32.msp50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13f97430ec64942f6a1afc5a4df87459029c17aa0d3083ad0bc13e76f16c0a4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 21:22:24 GMT
content-encoding
gzip
via
1.1 db4dbc94ada3ec57403661fc29634ea8.cloudfront.net (CloudFront)
x-amz-version-id
zltGZNt4217XSbelGXvYtb2YiSyPNKjA
x-amz-cf-pop
MSP50-C1
age
58453
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31002
x-amz-meta-git_commit
cf1706d
last-modified
Wed, 22 Nov 2023 20:41:29 GMT
server
AmazonS3
etag
"02f2368d47e8b915b60cc86e07d0089e"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
0Yuo_W1IAemRlOc-jEuL_ryTifLuUsNpM4JJc_0dzzuWY_d7N4xnSg==
3076
config.aps.amazon-adsystem.com/configs/ 		505 B
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3076
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.37.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-37-86.msp50.r.cloudfront.net
Software
CloudFront /
Resource Hash
ab31d60b13cb3e0a18ced391debe50c438dcaa463eca55182bd61c824ce30477

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:59:36 GMT
via
1.1 24d5e218dcc2925d4bfa8f6456f56a36.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MSP50-C1
age
2221
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
taJHkWmGcXULcoV3PY3R-WdMwgnJysBXd8SMNODXNPkpiKhZurg0zA==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3076&u=https%3A%2F%2Fwww.theonion.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.42.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-42-218.msp50.r.cloudfront.net
Software
Server /
Resource Hash
06de9f97775ad8ab1ff59b4513baffe9a5f968c5b6e86f753391482ccf07737c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:17:49 GMT
via
1.1 d3a9074a1f531605e56b4aa23b2d6af4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MSP50-C1
age
19126
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2018
x-amz-cf-id
Cls0dOnzrStP_SyD67WF-gsTgxhLIcnrA0S_xbyr2wZOgs-W9E2piA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.42.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-42-218.msp50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 b9cd7a1d3194229b50d5ba18f21f02dc.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 12:46:34 GMT
x-amz-cf-pop
MSP50-C1
age
10156
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
NsIgntzNZBvT_RIOUMgL8aEX-0GIJ-5oy50RdyBxi21VHhTZ3kWEzg==
ga-audiences
www.google.com/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-142218-33&cid=1282057542.1700746597&jid=925096024&_u=aODACEABFAAAACAAI~&z=1581682555
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::63 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		216 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f421c552d65985eb7aac481589739e5daccd391c3fc86bec7feb58a707415ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72270
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Nov 2023 13:36:36 GMT
ad-manager-bulbs.c463ea05828bf41db59b.js
x.kinja-static.com/assets/new-client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/ad-manager-bulbs.c463ea05828bf41db59b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e7e337e9b90ce3eae8fb267bbc624428a3d3e24b01f093176ad8790727e9e7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
X0H40E3EN9G6KRRY
age
94
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
887
x-amz-id-2
Mfh8iaj5U9SXzQxwhH9ubmXALd/JDhSxr/XD99Bml9KUk2fBMvGFqCg6IEcAJflzsMorREuq5tS9yZfx9P+fnA==
x-served-by
cache-yyz4526-YYZ
last-modified
Tue, 31 Oct 2023 06:03:31 GMT
server
AmazonS3
x-timer
S1700746597.995181,VS0,VE0
etag
"32650a844aaef4cb5374896e9bb83f0d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
bid
aax.amazon-adsystem.com/e/dtb/ 		208 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&pid=MRpoirP3cqE2r&cb=0&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Farticle_top-banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.97.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-97-132.msp50.r.cloudfront.net
Software
Server /
Resource Hash
7d859e76d73706de9f095d64c96661bc4ffc6ffa530d1ff4a2b17f1e0cff4e78
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f43ae31ebd011dd2296923e420a7df3c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MSP50-P1
x-amz-rid
VPYR16M0SVAMKCBVHY6M
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
208
x-amz-cf-id
2BRTX96JP6NufKc-g9PcSQ6L2AlJB9WgLOHvUX9-3C23UyE_ZrzOPA==
pub
pixel.adsafeprotected.com/services/ 		419 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-1,ss:%5B970.250,970.90,728.90,1600.350%5D,p:/4246/fmg.onion/article%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.169.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-169-211.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e1f0728328ae09106675fbd2fa05550c000a40224c84fd28852bbb0cc8ff4476

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
server
nginx
x-server-name
app53.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		208 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&pid=MRpoirP3cqE2r&cb=1&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Farticle_left_top%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.97.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-97-132.msp50.r.cloudfront.net
Software
Server /
Resource Hash
a34e54da294cc475dddd9b121c4dd80a3b9f83e7155bdd4940db4ca22d84296f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f43ae31ebd011dd2296923e420a7df3c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MSP50-P1
x-amz-rid
3XFMK2SNHMGNSTKVXVJM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
208
x-amz-cf-id
xQF6J0JWso8FQxmrA5WGgG2prQ6vjJTP1QQFBcLK_jNQR5Fnx6UFMg==
ping
ping.chartbeat.net/ 		43 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=theonion.com&p=%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&u=D5JiV7bT484B0yPEf&d=theonion.com&g=3012&g0=www.theonion.com%2Cdna%2Ccannabis%2Caddiction%2Centertainment%2C%20culture%2Chelices%2Cbiotechnology%2Cseth%20mendez%2Cjudy%20robison%2Cgenetics%2Cwes%20konner&g1=The%20Onion&n=1&f=00001&c=0&x=0&m=0&y=8551&o=4000&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&b=1922&t=QI2_LByXthBX0rzNYvJgqCE9NFY&V=141&i=Study%20Finds%20Link%20Between%20DNA%20And%20Cannabis%20Addiction&tz=600&sn=1&sv=C_k5LUB9tqYmD3lobqDuaR8AIYeyR&sd=1&im=067b2ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.214.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-214-9.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
ats.js
ats.rlcdn.com/ 		110 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.96.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-96-67.msp50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding
gzip
via
1.1 cf93ddd891bc471fda8e09a1b48ed252.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 06:12:39 GMT
last-modified
Thu, 19 Oct 2023 08:25:12 GMT
server
AmazonS3
x-amz-cf-pop
MSP50-P1
age
26779
x-amz-server-side-encryption
AES256
etag
W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
nCzHWYgq-wzlFc4MZT6E2r6-uf4sgtGJf79Me0C5JEBL60ti_t1zBw==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.1.25 Mount Prospect, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-1-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 23 Nov 2023 13:51:37 GMT
ima.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5194891d3a8501374db8afe22463ed2a49fa28f22eaa4a1991d2e6e8a15191e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:07 GMT
server
cloudflare
age
17982
etag
W/"6540128b-2675"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
82a9cd580fc036c7-YYZ
expires
Sun, 26 Nov 2023 13:36:37 GMT
hb-multi
hb.yellowblue.io/ 		83 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.45.97.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-97-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
607716b57e9c5de96b53cb52cd94f3c74b24e5e4823d362cac5bf70a401f1d6a

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theonion.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
26
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
83
translator
hbopenbid.pubmatic.com/ 		0
118 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Thu, 23 Nov 2023 13:36:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
gomedia
direct.adsrvr.org/bid/bidder/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/gomedia
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
50ddfaa97972ccc536bbdc78c73cf422dac3513d2ed5476d2313cc42fbd504e3

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
content-encoding
gzip
x-openrtb-version
2.3
server
Kestrel
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
auction
tlx.3lift.com/header/ 		19 B
759 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.14.0&referrer=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&tmax=1500&us_privacy=1YNY
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.231.249.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-249-50.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch
x-auction-status
29
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
195 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.14.0&cb=43400172054&lsavail=1
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Thu, 23 Nov 2023 13:36:36 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
krk2.kargo.com/api/v1/ 		2 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.45.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-45-130.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
prebid
ib.adnxs.com/ut/v3/ 		19 B
695 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
an-x-request-uuid
1cae44de-c6a4-431a-b8ec-44a916c910a3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		452 B
663 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189722&size_id=2&alt_size_ids=55%2C57&p_pos=atf&us_privacy=1YNY&eid_pubcid.org=b1603b65-686d-4b2c-9308-86c81697bbd3%5E1&rf=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&kw=DNA%2CCannabis%2CAddiction%2CEntertainment%2CCulture%2CHelices%2CBiotechnology%2CSethMendez%2CJudyRobison%2CGenetics%2CWesKonner%2CTheOnion&tg_v.iab_segments=1-4&tg_i.domain=theonion.com&tg_i.page=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&tg_i.mobile=1&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Farticle%2F1%2Ftop&tk_flint=pbjs_lite_v8.14.0&x_source.tid=231ee203-9535-426a-aaf7-6da675024cac&l_pb_bid_id=16b17b82a49ace6&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=9209c67c-d9d2-463e-896e-fe57aefa11ae&rp_hard_floor=0.65&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Farticle%2F1%2Ftop&slots=1&rand=0.34227562976239767
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
95560376d46b2790b10aab9e36c0a21a9810db8a1e9d0e64ebd417e8880dfd40

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
452
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=727144
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3de1d33981fc80635467bfb8114f5f80f4918fa95a1e06c2f7921f9fa4193adf

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCQP%2BZtzS3OO1Di8M7q%2BoRuUlTQ4qaDPihfmD3kESfzTjxDyYFST9MkyqxObVPMgwwV9%2FrFeBxNPHzvVt%2BPxD6RcnS3T%2FXqQWlQNk9PYKneQLYmR%2F9L9iLUAOLyNjDlHtzhACFGS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82a9cd584d9636bf-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
hbjson
grid.bidswitch.net/ 		24 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.5.82 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.5.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cc506729f014f30687aae69291ad69d82c3e0c1a0cfbf5cf373021915464babf

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 23 Nov 2023 13:36:37 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
bulk
trc.taboola.com/gomedia1-theonion/log/3/ 		0
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gomedia1-theonion/log/3/bulk?tvi48=11616&tvi50=9864&route=US%3ACH%3AV&lti=trecs&bulkSize=5
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
24
date
Thu, 23 Nov 2023 13:36:37 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
12071
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4550-YYZ
pragma
no-cache
server
nginx
x-timer
S1700746597.120541,VS0,VE24
content-type
image/gif
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
state
api.btloader.com/mw/ 		0
102 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6106
x-guploader-uploadid
ABPtcPoOg4SZ5oPFZyTliG4fjSQ26PKj2rjvLiy_9azUqegBtP-FgnbyhSYt9-dD9ifYdmF9TrAo2bdHQw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhCXt8Keyxz%2F6RFPUsntzT6KXv4wkBm%2BBb%2FWo4fr6Wizia25%2FVf6IiXEtGYCIvRZtiHO2b7pzfeGfZtXPhOL6CtNi%2ByuOZcNVY%2FMM1SX6IX6LD4yzX69yRURVisIs3F7eLOAdfnjgQvZhQjbZw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
82a9cd58791e4bc1-BUF
expires
Thu, 23 Nov 2023 12:13:57 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f149.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 06:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Nov 2023 06:52:56 GMT
px.gif
ad-delivery.net/ 		43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.709068961213084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6106
x-guploader-uploadid
ABPtcPoOg4SZ5oPFZyTliG4fjSQ26PKj2rjvLiy_9azUqegBtP-FgnbyhSYt9-dD9ifYdmF9TrAo2bdHQw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Zsfk1qUk77RvEpqqLDhKHZ2EC0035gwh0mrdRORPaShqsvupB6at%2F02Cfuo9AXz4zdfP2yGVUSVaMjhPkoGswHKvdDFqSRdD1l9%2FjTNuJzbAuwB5LlvWNy10fkjMyhIqNeGN49wJGZHlmenNg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
82a9cd58791f4bc1-BUF
expires
Thu, 23 Nov 2023 12:13:57 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 23 Nov 2023 13:36:37 GMT
via
1.1 varnish
x-amz-request-id
C4YX393BV63BMCS9
age
21647
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
hJZ9rVKYX0/8YTS367+n1JLWaWxjxwlUGV9luK6w6nrhJtmZXbtiGq/h5BjCJKdhOOZFYFppGpg=
x-served-by
cache-yyz4550-YYZ
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1700746597.131272,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
96
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
933
js
www.googletagmanager.com/gtag/ 		216 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
062eeb2900fac188f1655ce2d021330e17315178949502e7f8a45e8c1baa1f3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78908
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 13:36:37 GMT
tag.aspx
ml314.com/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?2310
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
556b62129d954b0d5b92c4f286ec0234774ac6d41353a3c84f8349fa94d88cf1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:08:08 GMT
via
1.1 google
content-encoding
br
age
1709
x-guploader-uploadid
ABPtcPpZXEXTENTsOYavC0LCicVtccbxwQN68lku3r2b-Y_pkWXUgFNVW_3BV9eeo8o178P2KKB4kMIlUiLCjUlgVcbo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10207
last-modified
Fri, 12 May 2023 18:40:12 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1683916812364920
x-goog-hash
crc32c=mZ+Z9w==, md5=kd+C792N6TsjSfrrJlopCg==
content-type
application/javascript
cache-id
LGA-12baf686
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32213
accept-ranges
bytes
gomedia_015a5_the_onion.js
cdn-magiclinks.trackonomics.net/client/static/v2/ 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2044:7e00:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:43:14 GMT
content-encoding
gzip
via
1.1 415bce851abed41a15ccdf56a782926a.cloudfront.net (CloudFront)
last-modified
Thu, 23 Jun 2022 11:07:33 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
x-amz-cf-pop
YTO50-C2
age
42803
etag
W/"17c61-5e21b75e9e639"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-id
CrMzai1a4HnooIzJ7ynqpNoZ55baz47ujHIgIB0YCCiC2y8oC1ebRg==
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002e4dyMAAQ&src=aps&ver=1.2.0
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002e4dyMAAQ&src=aps&ver=1.2.0&b=1&g=AE4kAaML0Y3DEZuQXkXCrgMhYBeGKHEJlHYbHnB%2FCvo%3D
42 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002e4dyMAAQ&src=aps&ver=1.2.0&b=1&g=AE4kAaML0Y3DEZuQXkXCrgMhYBeGKHEJlHYbHnB%2FCvo%3D
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 23 Nov 2023 13:36:37 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.theonion.com
location
https://lexicon.33across.com/v1/envelope?pid=0010b00002e4dyMAAQ&src=aps&ver=1.2.0&b=1&g=AE4kAaML0Y3DEZuQXkXCrgMhYBeGKHEJlHYbHnB%2FCvo%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		208 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&pid=MRpoirP3cqE2r&cb=2&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-6%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Farticle_left%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.97.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-97-132.msp50.r.cloudfront.net
Software
Server /
Resource Hash
bbdb3586b83110326038c2ce4b9b79f3a29f4367c78619ea9119731a9bf43339
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f43ae31ebd011dd2296923e420a7df3c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MSP50-P1
x-amz-rid
VGWDMSBVPWAVPB98KP2Z
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
208
x-amz-cf-id
7G-UINdy9uoFckeSdwJiVK069pFVzAzedbzBVJvyqNb0g5k1vPEYMA==
bid
aax.amazon-adsystem.com/e/dtb/ 		208 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&pid=MRpoirP3cqE2r&cb=3&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-5%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Farticle_left%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.97.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-97-132.msp50.r.cloudfront.net
Software
Server /
Resource Hash
88471d15f60eec136453585139c166af06ca515ca762c03152689518280c02f5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f43ae31ebd011dd2296923e420a7df3c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MSP50-P1
x-amz-rid
FBFHYAS7N6H0W8BQZ8F4
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
208
x-amz-cf-id
l67NFPlvrmbyeuP8k4uc8ELY7pukrCUPC_T657SuNMzwkaJdKp_BzQ==
country
api.btloader.com/ 		16 B
142 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
iu3
s.amazon-adsystem.com/ Frame 6A5D
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&dcc=t
378 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&dcc=t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9368f4be08ed76f566a972f74f4bc578e2a2d7e8c73ecd6079fc94c06e80486e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
378
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 23 Nov 2023 13:36:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
S33KJKX9WFSGBXKPVZ2D

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 23 Nov 2023 13:36:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
D0SPDDWT106DJGJVFQXT
pv
api.btloader.com/ 		0
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=iLJzpJz3hJ&w=5197056576585728&o=5726495427264512&cv=2.1.24-1-g0c437e2&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&sid=TphfhWwX&pm=true&upapi=true
Requested by
Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:37 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.96.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-96-4.yto50.r.cloudfront.net
Software
/
Resource Hash
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:24:46 GMT
via
1.1 bbf175c94294473684e8193e0dd6dd0e.cloudfront.net (CloudFront), 1.1 c68c42bee8ee2097b641e29171b317c8.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4, YTO50-P3
age
22311
x-amzn-requestid
c29671a6-f4c2-4e90-8741-1923d5aae8aa
x-amzn-trace-id
Root=1-655efe3e-12cde1423bf127630c37db18;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
O1yp0HJaDoEEhaw=
content-length
30
x-amz-cf-id
lbIwnrv9jsLApcJG3hLKqpy7LZUOPU0B22hu7zd_JHFCcuXr1LvjMw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FBJXBGD4M8&gtm=45je3b81v9113953751z8894640252&_p=1700746596416&gcd=11l1l1l1l1&dma=0&cid=1282057542.1700746597&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700746597&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&dt=Study%20Finds%20Link%20Between%20DNA%20And%20Cannabis%20Addiction&uid=none&en=page_view&_fv=1&_ss=1&ep.site_section=1636079510&ep.content_channel=opinion&ep.content_section=american-voices&ep.content_subsection=none&ep.content_title=Study%20Finds%20Link%20Between%20DNA%20And%20Cannabis%20Addiction&ep.content_id=1851043563&ep.content_created_date=2023-11-23&ep.content_updated_date=none&ep.content_role=&ep.content_author=The%20Onion&ep.content_author_byline=none&epn.article_word_count=69&ep.article_word_count_group=0%20-%20200&ep.article_truncated=false&ep.article_tags=DNA%2CAddiction%2CCannabis%2CBiotechnology%2CHelices%2CGenetics%2CWes%20Konner%2CJudy%20Robison%2CSeth%20Mendez&ep.article_primary_tags=dna%2Ccannabis%2Caddiction%2Centertainment%2C%20culture%2Chelices%2Cbiotechnology%2Cseth%20mendez%2Cjudy%20robison%2Cgenetics%2Cwes%20konner&ep.adblock=false&ep.content_type=article&ep.content_sponsored=false&up.adblock=false&up.user_type=&tfd=3105
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
utsync.ashx
ml314.com/ 		644 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=90810&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&pv=1700746597508_6gm8hyf6u&bl=en-us&cb=7035739&return=&ht=&d=&dc=&si=1700746597508_6gm8hyf6u&cid=&s=1600x1200&rp=&v=2.5.3.51
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?2310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
0524dcded63eccd463d0d55278aac4b899f01f74aa2fac895a3d125fbc53f176

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/javascript
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
info
www.theonion.com/api/veritas/ 		103 B
804 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/api/veritas/info?pi=83ea558319c7f2d06b4e1addacf460867f881a67&cb=1700746597529
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.3c1df5cad1584161e519.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c068fd489e64799a955f1824ba2a6f42c44a85b16ddc34161d164fd44de8798
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 13:36:37 GMT
via
1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
master-only
age
0
x-cache
MISS, MISS
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
112
x-xss-protection
1; mode=block
x-exp-variant
0
x-served-by
cache-iad-kcgs7200111-IAD, cache-yyz4570-YYZ
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-exp-id
tgs0ab4MLPvGYtW0gf7NK6
x-timer
S1700746598.540004,VS0,VE27
x-frame-options
DENY
vary
Accept-Encoding, Authorization, X-Valid-Scroll-User
content-type
application/json
accept-ranges
bytes
x-kinja-country
US
x-robots-tag
noindex, nofollow
x-cache-hits
0, 0
b
www.theonion.com/api/veritas/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/api/veritas/b?debug=0
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.3c1df5cad1584161e519.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-Veritas-Version
1.1.5
Content-Encoding
gzip
Referer
https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 13:36:37 GMT
x-permitted-cross-domain-policies
master-only
x-cache
MISS, MISS
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-nocache
content-length
0
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100124-IAD, cache-yyz4570-YYZ
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-timer
S1700746598.545130,VS0,VE28
x-frame-options
DENY
cache-control
no-cache, no-store, private
accept-ranges
bytes
x-kinja-country
US
x-robots-tag
noindex, nofollow
x-cache-hits
0, 0
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=112609013164568&correlator=2728595865278769&eid=31079667%2C44807410%2C31079525%2C31068826%2C31078978&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Carticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90%7C1600x350&ifi=1&didk=1378598719&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700746597582&lmt=1700746597&adxs=1515&adys=366&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&vis=1&psz=4000x351&msz=4000x351&fws=1028&ohw=4000&ga_vid=1282057542.1700746597&ga_sid=1700746598&ga_hid=878563414&ga_fc=true&dlt=1700746595236&idt=1729&ppid=b1603b65-686d-4b2c-9308-86c81697bbd3&prev_scp=article_position%3D1%26pos%3Dtop%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dtop-01%26amznbid%3D2%26amznp%3D2%26id%3D5340f6ff-8a05-11ee-a94c-0a1c55ec3143%26vw10%3D40%26vw05%3D40%2C50%2C60%26vw%3D40%2C50%2C60%2C70%26fr%3Dtrue%26ias-kw%3DIAS_13149_KW%2CIAS_5205_KW%2CIAS_1509984_PG%2CIAS_2058_KW%2CIAS_1507663_PG%2CIAS_1507080_PG%2CIAS_1508980_PG%2CIAS_1500091_PG%26drg%3DveryLow%26vio%3Dlow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26hb_format_ttd%3Dbanner%26hb_size_ttd%3D728x90%26hb_pb_ttd%3D0.65%26hb_adid_ttd%3D218fe237164e681%26hb_bidder_ttd%3Dttd%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.65%26hb_adid%3D218fe237164e681%26hb_bidder%3Dttd&cust_params=veritas-iab%3D1-4%26tags%3Ddna%252Ccannabis%252Caddiction%252Centertainment%252C%2520culture%252Chelices%252Cbiotechnology%252Cseth%2520mendez%252Cjudy%2520robison%252Cgenetics%252Cwes%2520konner%26blogName%3Dtheonion%26channel%3Dopinion%26section%3Damerican-voices%26subsection%3D%26page%3Darticle%26postId%3D1851043563%26content_originator%3DThe%2520Onion&adks=1160756866&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
96fe5e1e56545825d0ee77d3e90eb0ce75e211f61d8b97b9a85f151146fc1442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13655
x-xss-protection
0
google-lineitem-id
6249408446
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425937821
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5bbae3dc4e1dc5824980fa5b0e8ce31dab47be5dc372223ede505356e49c551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12438
x-xss-protection
0
container.html
16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BFFF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 13:36:37 GMT
expires
Fri, 22 Nov 2024 13:36:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3640140528887529519&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3640140528887529519&redir=
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3640140528887529519&redir=
Protocol
H2
Server
18.204.167.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-167-253.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-0e5653e14.edge-va6.demdex.com 5 ms
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
M9byNJKOSjo=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-1-v053-08728bb62.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
3IcAf0h/Suo=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3640140528887529519&redir=
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
csync.ashx
ml314.com/
Redirect Chain
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3640140528887529519
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0MDE0MDUyODg4NzUyOTUxORAAGg0I5ar9qgYSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=9e489814dc1f587b838a1c821e49a2b26dd5b63397e66ca19e057f8ef8e3710df4cb09cee1a4f8eb&person_id=3640140528887529519&eid=50082
43 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=9e489814dc1f587b838a1c821e49a2b26dd5b63397e66ca19e057f8ef8e3710df4cb09cee1a4f8eb&person_id=3640140528887529519&eid=50082
Protocol
H3
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 13:36:37 GMT
date
Thu, 23 Nov 2023 13:36:37 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif

Redirect headers

date
Thu, 23 Nov 2023 13:36:37 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=9e489814dc1f587b838a1c821e49a2b26dd5b63397e66ca19e057f8ef8e3710df4cb09cee1a4f8eb&person_id=3640140528887529519&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
utsync.ashx
ml314.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0,Fri, 24 Nov 2023 13:36:37 GMT

Redirect headers

location
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 13:36:37 GMT
server
Kestrel
content-length
241
csync.ashx
ml314.com/
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3640140528887529519
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3640140528887529519
  • https://ml314.com/csync.ashx?fp=c3ccbfed6496b580c65721ec6c55ef32&eid=50146&person_id=3640140528887529519
43 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=c3ccbfed6496b580c65721ec6c55ef32&eid=50146&person_id=3640140528887529519
Protocol
H3
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 13:36:37 GMT
date
Thu, 23 Nov 2023 13:36:37 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ml314.com/csync.ashx?fp=c3ccbfed6496b580c65721ec6c55ef32&eid=50146&person_id=3640140528887529519
cache-control
no-cache
x-server
10.40.10.175
content-length
0
expires
0
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2dY6hE-yDvmcp5oROlnK150peziJiBqF7zHareo5XJHQ&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
  • https://ml314.com/csync.ashx?fp=2dY6hE-yDvmcp5oROlnK150peziJiBqF7zHareo5XJHQ&person_id=3640140528887529519&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Protocol
HTTP/1.1
Server
3.234.8.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-8-37.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 23 Nov 2023 13:36:38 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date
Thu, 23 Nov 2023 13:36:37 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
image/gif
location
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
x-cloud-trace-context
9329a0075b1fdf7ea2fb4e3e8bdad03a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Fri, 24 Nov 2023 13:36:37 GMT
si
capi.connatix.com/tr/ 		0
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=10de8f06-8162-486c-a4a7-d7f5e69a6971&cid=a2d35740-1866-416b-92dc-399b9121b597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd5c3c25a208-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
connatix.playspace.js
cd.connatix.com/ Frame 7AFC 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cd.connatix.com/connatix.playspace.js?cid=a2d35740-1866-416b-92dc-399b9121b597
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/study-finds-link-between-dna-and-cannabis-addiction-1851043563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9529c6bdf27ee2446076da0b13e38d192469f2f80516c45937d7bd58cb179ad5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82a9cd5c3c13ab3b-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
pr
s.amazon-adsystem.com/v3/ Frame 95E8 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2537ea029ca31f11fcaf42d5374e9d41dd08a42de1d3377c6cd2b09f7c8b0617
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
4059
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 23 Nov 2023 13:36:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KKXVK61F8YS3G18E888Z
ecm3
s.amazon-adsystem.com/ Frame 95E8
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3437481986634230000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3437481986634230000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FBWTWT0GQR2B9BDF09KS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3437481986634230000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Thu, 23 Nov 2023 13:36:38 GMT
ecm3
s.amazon-adsystem.com/ Frame 95E8
Redirect Chain
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=db6a8b0a-bdfb-46e8-9ff3-da85b7ab6ce8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=db6a8b0a-bdfb-46e8-9ff3-da85b7ab6ce8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B8C7GETN5DR64XQCNVBQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
server
nginx
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=db6a8b0a-bdfb-46e8-9ff3-da85b7ab6ce8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
amzns2s
rtb.gumgum.com/usync/ Frame 3694 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.97.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-97-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5615832edd5efee99f5672e79505a1da5c627a1f786664a395e47778d73a9f7e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 23 Nov 2023 13:36:37 GMT
etag
W/"0d49f8cc5096d8ee743b95d7fab86580a"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 88CD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e7942aa221892e56b1837e6bb5afb55e506674fdb8ecb2b050b2e1a790fe495

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82a9cd5c8cf636bf-YYZ
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 13:36:37 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2F%2BcTF%2BDcbAeD1TKF5qk4IP23t%2FBggveycZpd5z9JqGh%2F7xmS8s5%2FFQC235e7XRdWfuM98z8K5vKyGthH7pVJ756Nht%2Fu%2FGBhJNlW6gtWJQQeijrbSfPTt%2FuqK7yf2GXpdgC98M0ZMuhdA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ms-cookie-sync.presage.io/amazon/ Frame 31A5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.96.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-96-14.msp50.r.cloudfront.net
Software
/ Express
Resource Hash
2c046b4e1ab87d9dbc7a92d8e86464e63b3d2f8e3cbaeaa9d835df6ee11116a0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Nov 2023 13:36:38 GMT
Expires
0
Pragma
no-cache
Surrogate-Control
no-store
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 51001f71e8f897ea5d1a03055e1ae534.cloudfront.net (CloudFront)
X-Amz-Cf-Id
7xjKrzupcJ8pz63UFwXsA8uIWlycZM2JuLG2GNekTiwg4C_1XFLGhw==
X-Amz-Cf-Pop
MSP50-P1
X-Cache
Miss from cloudfront
X-Powered-By
Express
cm
u.openx.net/w/1.0/ Frame AA4F 		693 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
89f3017808a34eae9f93255311f650f44f9e0c9822aed9a559fc1fa5d40bdf4c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
398
content-type
text/html
date
Thu, 23 Nov 2023 13:36:37 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 0EF3
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1520263800190791698&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1520263800190791698&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 13:36:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
7F4TVS919CDP64MAFZXB

Redirect headers

content-length
0
date
Thu, 23 Nov 2023 13:36:37 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1520263800190791698&gdpr=0&gdpr_consent=
usersync.php
ssp.api.tappx.com/cs/ Frame 8A9A 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fe4221ba4181eca679b6187e1213974a368bcfb7be758a835927180ee864fd02

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 13:36:37 GMT
server
nginx
transfer-encoding
chunked
/
match.sharethrough.com/jwumXNuB/v1/ Frame 4011 		897 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.202.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-202-247.compute-1.amazonaws.com
Software
/
Resource Hash
1a20771286b46a7107cee12cc5770e539d381b7d48b36c4e2724f8668e7f1300

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
897
date
Thu, 23 Nov 2023 13:36:37 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FE71 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.124.197 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-124-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19347
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 13:36:37 GMT
expires
Thu, 23 Nov 2023 18:59:04 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame F9DA 		996 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.197.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-197-164.compute-1.amazonaws.com
Software
/
Resource Hash
097df279a038302329698eb56e73a668ae250e85e0864f9a44bbfc4c8bc9bf53

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 23 Nov 2023 13:36:37 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 54C5 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 13:36:37 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 43BD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS10OXhYeG9sRTJ1TDZ4SkVjMWJrWGhFd2J3MVpRTHI0Yn5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS10OXhYeG9sRTJ1TDZ4SkVjMWJrWGhFd2J3MVpRTHI0Yn5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 13:36:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1Z9F198R66GFJ9JZHZ20

Redirect headers

age
0
content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS10OXhYeG9sRTJ1TDZ4SkVjMWJrWGhFd2J3MVpRTHI0Yn5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.87
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame 2E58
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=5965519997845925682&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=5965519997845925682&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 13:36:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ZBC2S01KVWDX8766CHTF

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
87b6181e-786b-43f2-a7d0-72bd7d394982
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 13:36:37 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=5965519997845925682&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 77B9 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
8c869ba2797b1a98c006341a25955d42ff409bb8972087d28599b3da8781786f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-type
text/html
date
Thu, 23 Nov 2023 13:36:37 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
ecm3
s.amazon-adsystem.com/ Frame 2132
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=659112826076576016317
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=659112826076576016317
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 13:36:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CGY5AMFV8WEPGG9F4WKH

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 23 Nov 2023 13:36:37 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=659112826076576016317
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
connatix.playspace.js
cds.connatix.com/p/385124/ Frame 7AFC 		1 MB
302 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/385124/connatix.playspace.js?cid=a2d35740-1866-416b-92dc-399b9121b597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=a2d35740-1866-416b-92dc-399b9121b597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a39d00f9b922e1cf96f88e0cc7966e8612e707a282c25ef92cd5ad83473b62

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
x-amz-version-id
9.uk6Lmw8WxS0TgqCoyMA22Fay5vRr2.
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 Nov 2023 11:13:39 GMT
server
cloudflare
etag
W/"f87fc692e40be390b6c8e1439d81c77c"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
82a9cd5cac77ab3b-YYZ
access-control-allow-headers
range
expires
Fri, 22 Nov 2024 13:36:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 13:36:38 GMT
usersync
usersync.gumgum.com/ Frame 3694
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5965519997845925682
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5965519997845925682
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
an-x-request-uuid
dc95630f-1c85-44f3-bcae-a36c7f5b4f46
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=5965519997845925682
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3694
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_c799d1f4-5b38-4a96-9ad5-fda2185835dd&gdpr=&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=32886513-7f4a-469c-86f0-9c6a3a50af00&expires=1&user_group=5&ssp=gumgum2&bsw_param=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 3694
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=46df6109-b76b-0e99-2aa7-f3ffdb0ca06b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=46df6109-b76b-0e99-2aa7-f3ffdb0ca06b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 23 Nov 2023 13:36:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=46df6109-b76b-0e99-2aa7-f3ffdb0ca06b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 3694
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38
Date
Thu, 23 Nov 2023 13:36:38 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 3694
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-jgsFizhE2pdVjVxlEFPuCN2XY_7exbt0swFH~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-jgsFizhE2pdVjVxlEFPuCN2XY_7exbt0swFH~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 23 Nov 2023 13:36:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-jgsFizhE2pdVjVxlEFPuCN2XY_7exbt0swFH~A
content-length
0
usersync
usersync.gumgum.com/ Frame 3694
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=72374bf9-0da0-4f2c-a88a-08aa198513d1
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=72374bf9-0da0-4f2c-a88a-08aa198513d1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=72374bf9-0da0-4f2c-a88a-08aa198513d1
Date
Thu, 23 Nov 2023 13:36:38 GMT
Connection
keep-alive
X-CI-RTID
5bf61da9-9dfb-47e1-a358-45cd6b03530d
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 3694 		0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Nov 2023 13:36:37 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 3694
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_c799d1f4-5b38-4a96-9ad5-fda2185835dd&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=u_c799d1f4-5b38-4a96-9ad5-fda2185835dd&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=IJKr-MNp3ZvAgzNvsqEw
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=IJKr-MNp3ZvAgzNvsqEw
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=IJKr-MNp3ZvAgzNvsqEw
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3694
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=0lkYl0LklrOt&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=0lkYl0LklrOt&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=0lkYl0LklrOt&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-sqmgx
expires
-1
usersync
usersync.gumgum.com/ Frame 3694
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1520263800190791698
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1520263800190791698
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1520263800190791698
date
Thu, 23 Nov 2023 13:36:37 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 3694 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_c799d1f4-5b38-4a96-9ad5-fda2185835dd
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
11J98RAP1WFBZQ0E4RR4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 89FD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=5395937650229903807&gdpr=&gdpr_consent=
35 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=5395937650229903807&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.97.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-97-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=5395937650229903807&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame DF69 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jNzk5ZDFmNC01YjM4LTRhOTYtOWFkNS1mZGEyMTg1ODM1ZGQ=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 13:36:37 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 919C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.124.197 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-124-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19347
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 13:36:37 GMT
expires
Thu, 23 Nov 2023 18:59:04 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame BA62
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 23 Nov 2023 13:36:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Thu, 23 Nov 2023 13:36:37 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
server
Kestrel
usersync
usersync.gumgum.com/ Frame 1CF8
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZV9VZMCo5uYAALKMH-cAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZV9VZMCo5uYAALKMH-cAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 23 Nov 2023 13:36:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 23 Nov 2023 13:36:38 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZV9VZMCo5uYAALKMH-cAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
33
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40260.dc2p.scaleout.jp
X-SO-IP
96.9.249.38
X-SO-Key
ZV9VZMCo5uYAALKMH-cAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.38","key":"ZV9VZMCo5uYAALKMH-cAAAAA","privacy_sensitive":false,"uid":"ZV9VZMCo5uYAALKMH-cAAAAA","upstream_id":"a-ad40260"}
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
X-SO-UID
ZV9VZMCo5uYAALKMH-cAAAAA
X-SO-Upstream-ID
a-ad40260
usersync
usersync.gumgum.com/ Frame 1AAB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=f3S2S0BxxNDBzSAhNI25g0Mp3egngjIIvfJZlCO4SrI&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=f3S2S0BxxNDBzSAhNI25g0Mp3egngjIIvfJZlCO4SrI&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 23 Nov 2023 13:36:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT Thu, 23 Nov 2023 13:36:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=f3S2S0BxxNDBzSAhNI25g0Mp3egngjIIvfJZlCO4SrI&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 6F34
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 13:36:38 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Nov 2023 13:36:37 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
dcm
s.amazon-adsystem.com/ Frame 88CD 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZV9VZf8jDOcP96AbbzfkBwAABZoAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GZ770HDPB6GT7TBS21XJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 88CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV9VZf8jDOcP96AbbzfkBwAABZoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEH0linWtPGUphwrFdQQP504&google_cver=1
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEH0linWtPGUphwrFdQQP504&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJDmwBpxOHESXl%2Fgq08KmY0BRystKDq1eQQAdq2l4maTrTzjo36w5co%2BRdT42EZz9V57f%2FR97q%2F6K4r%2B1%2BtN5d17f8ZtGcAc7nlhd%2BjJxYOcOjgh%2FkoyFqlBwTpsRDj2FLl%2BLLLpJSCa5g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a9cd5d3e5636bf-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEH0linWtPGUphwrFdQQP504&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 88CD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZV9VZf8jDOcP96AbbzfkBwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOhRJCZAkYMrHwPv5Nl4Bbw&google_cver=1
43 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOhRJCZAkYMrHwPv5Nl4Bbw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fm3aUD37Tn%2B2%2BV8%2Ba9cpHCv8RlFVL6iegwvWzfo20oVjfHsgtOwDcbTNALaTclMkngtEGnx4jkjXqJtoZK4dBvDpZKH43NQ5x4WQNpUv0gup13OxaTO%2F70gMI79LtSk12zSES0PI5%2BjOzebFL4wAwO8RZhgCfg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a9cd5e698b4bcd-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOhRJCZAkYMrHwPv5Nl4Bbw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pippio.com/api/ Frame 88CD
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV9VZf8jDOcP96AbbzfkBwAA%261434&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=492e2545-4cdc-4552-a7e2-a2f073bfbbb3
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=28e8594e-12c5-438f-aee8-514a9389362e%3A1700746598.274225&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D28e8594e-12c5-438f-...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=968907272543872689&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D28e8594...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=28e8594e-12c5-438f-aee8-514a9389362e%3A1700746598.274225&pid=500040&it=1&iv=28e8594e-12c5-438f-aee8-514a9389362e%3A1700746598.274225&_=17007...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1700746598.2764926&iv=28e8594e-12c5-438f-aee8-514a9389362e:1700746598.274225
42 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1700746598.2764926&iv=28e8594e-12c5-438f-aee8-514a9389362e:1700746598.274225
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1700746598.2764926&iv=28e8594e-12c5-438f-aee8-514a9389362e:1700746598.274225
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
ZV9VZf8jDOcP96AbbzfkBwAABZoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 88CD 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZV9VZf8jDOcP96AbbzfkBwAABZoAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:2d35:9b03:a9f9:e139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 88CD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=9047554035501915527&expiration=1701956198
43 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=9047554035501915527&expiration=1701956198
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmfW%2FoukxTK2S94XlUx8go%2BqdAoVE8Iz7kEZK7aTs9of4TMA3EkI2RWIo5zz0A6sSQyk7Yn7CjzC6RKWdOzqKXk2PgHWqwA9uDMt4R0I3DTIO7NCdGzxUfTrt1z8AZeGPCDyBM1i8rIrlXL0%2BHdNViQmSV2Urw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a9cd5e59894bcd-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=9047554035501915527&expiration=1701956198
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
113
match.deepintent.com/usersync/ Frame 88CD 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Nov 2023 13:36:37 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
crum
dsum-sec.casalemedia.com/ Frame 88CD
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5965519997845925682
43 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5965519997845925682
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hy6FeX%2BJ9x3b1J89zKzMzm4D61vKqcWqzu7%2Fuhl7lf7P9z%2FvduMIYwwpqkCxVEPufheKV7tjdfQZdwuMvfs4sow%2Bhtd8nPXg16EiZpHtfNkrdqPloMqmNsP%2FE3MNGZ9omxqPYMcIcI8bJvYeD1182SC62ueHWA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a9cd5d49804bcd-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
an-x-request-uuid
aabd7aad-566d-4a60-9bf1-ea0b572a3813
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5965519997845925682
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 88CD 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZV9VZf8jDOcP96AbbzfkBwAABZoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7GD2QR32GV2ZC663F2KW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame AA4F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=e934b904-83d4-8d35-8dd2-61857b6f6acd
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4Z9PXGNNN55A9AEAVSC2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
2525a33d-0fd2-a486-7c0b-f5e7ec0b6c64
pr-bh.ybp.yahoo.com/sync/openx/ Frame AA4F 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/2525a33d-0fd2-a486-7c0b-f5e7ec0b6c64?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:2d35:9b03:a9f9:e139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame AA4F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=e934b904-83d4-8d35-8dd2-61857b6f6acd
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NV98NGD0ASH0D7TFMVEG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame AA4F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=b1e2c579-9f7e-36cf-4ddc-e312135ca12d&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&ttd_puid=b1e2c579-9f7e-36cf-4ddc-e312135ca12d&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&ttd_puid=b1e2c579-9f7e-36cf-4ddc-e312135ca12d&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&ttd_puid=b1e2c579-9f7e-36cf-4ddc-e312135ca12d&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 13:36:37 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame AA4F 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWQ4ZDE2YjMtNTYwOS02ODZiLTU4M2MtYjlhYmQ5YmU2ZjRk
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame AA4F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENQvXeh9QtvNcvXQEjEGmUg&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENQvXeh9QtvNcvXQEjEGmUg&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENQvXeh9QtvNcvXQEjEGmUg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 54C5 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79179643470fa1a743b7dcd5d6030abcd7a866096e14c1cadd2ee4c929705998

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 13:36:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:11:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23618
Connection
keep-alive
Content-Length
13230
Expires
Thu, 23 Nov 2023 20:10:15 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 919C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49324216&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
56cbfeaf6b916df17ca63baa0025b3dce9fc10565aeb0227affe2313dd13566b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 13:36:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync
ssp.api.tappx.com/cs/ Frame 8A9A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D32%26type%3Diframe%26id%3D%24UID%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=32&type=iframe&id=5965519997845925682&auxuid=
0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=32&type=iframe&id=5965519997845925682&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
an-x-request-uuid
87934ec0-a0de-49f5-96ed-07cf938cce8d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ssp.api.tappx.com/cs/usync?idmn=32&type=iframe&id=5965519997845925682&auxuid=
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync
ssp.api.tappx.com/cs/ Frame 8A9A
Redirect Chain
  • https://csync.loopme.me/?pubid=11227&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D109%26type%3Diframe%26id%3D%7Bdevice_id%7D%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=109&type=iframe&id=604ca7de-8027-4646-8063-3767ab6a977a&auxuid=&gdpr_consent=null&gdpr=0
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=109&type=iframe&id=604ca7de-8027-4646-8063-3767ab6a977a&auxuid=&gdpr_consent=null&gdpr=0
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=109&type=iframe&id=604ca7de-8027-4646-8063-3767ab6a977a&auxuid=&gdpr_consent=null&gdpr=0
date
Thu, 23 Nov 2023 13:36:38 GMT
server
_
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 8A9A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=36&gdpr=0&gdpr_consent=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.85 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
usync
ssp.api.tappx.com/cs/ Frame 8A9A
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=skJudSCZ30&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D108%26type%3Diframe%26id%3D%5BPDID%5D%26auxuid%3D
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=skJudSCZ30&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D108%26type%3Diframe%26id%3D%5BPDID%5D%26auxuid%3D&rd=1
  • https://ssp.api.tappx.com/cs/usync?idmn=108&type=iframe&id=d0b88fd7-2313-43b7-83c8-1zz1700746585&auxuid=
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=108&type=iframe&id=d0b88fd7-2313-43b7-83c8-1zz1700746585&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=108&type=iframe&id=d0b88fd7-2313-43b7-83c8-1zz1700746585&auxuid=
date
Thu, 23 Nov 2023 13:36:25 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cs
cs.yellowblue.io/ Frame 8A9A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3D%5BRX_UUID%5D%26auxuid%3D
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3D%5BRX_UUID%5D%26auxuid%3D&cb=1700746598128
  • https://ad.turn.com/r/cs?pid=45&rndcb=21327353
  • https://sync.1rx.io/usersync/turn/8968903625304496429?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-905b5109-b08e-4801-96f3-68aa3693ea87-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-905b5109-b08e-4801-96f3-68aa3693ea87-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
cs.yellowblue.io
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Server
Tengine
ETag
RX905b5109b08e480196f368aa3693ea87005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cs.yellowblue.io/cs?aid=11599&id=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005
Content-Type
text/html
Connection
keep-alive
usync
ssp.api.tappx.com/cs/ Frame 8A9A
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=49574e61&gdpr=0&gdpr_consent=&tappx=1
  • https://ssp.api.tappx.com/cs/usync?idmn=80&id=2775a971-6181-4c64-be1d-a2861ce7f36f&gdpr=0
0
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=80&id=2775a971-6181-4c64-be1d-a2861ce7f36f&gdpr=0
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=80&id=2775a971-6181-4c64-be1d-a2861ce7f36f&gdpr=0
date
Thu, 23 Nov 2023 13:36:38 GMT
content-length
0
usync
ssp.api.tappx.com/cs/ Frame 8A9A
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D28%26type%3Diframe%26id%3D%24UID%26auxuid%3D&gdpr=0&gdpr_consent=
  • https://ssp.api.tappx.com/cs/usync?idmn=28&type=iframe&id=659112826076576016317&auxuid=
0
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=28&type=iframe&id=659112826076576016317&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=28&type=iframe&id=659112826076576016317&auxuid=
date
Thu, 23 Nov 2023 13:36:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync
ssp.api.tappx.com/cs/ Frame 8A9A
Redirect Chain
  • https://s.c.appier.net/tappx
  • https://ssp.api.tappx.com/cs/usync?idmn=728&id=k-Olyo6lCzakzPPjZlVfZQ
0
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=728&id=k-Olyo6lCzakzPPjZlVfZQ
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssp.api.tappx.com/cs/usync?idmn=728&id=k-Olyo6lCzakzPPjZlVfZQ
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
96
usync
ssp.api.tappx.com/cs/ Frame 8A9A
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1934&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D253%26type%3Diframe%26id%3D%7BPUB_USER_ID%7D%26auxuid%3D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1934&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D253%26type%3Diframe%26id%3D%7BPUB_USER_ID%7D%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=253&type=iframe&id=0087d201-0a94-499d-8070-181696fff66c&auxuid=
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=253&type=iframe&id=0087d201-0a94-499d-8070-181696fff66c&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=253&type=iframe&id=0087d201-0a94-499d-8070-181696fff66c&auxuid=
access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:38 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usync
ssp.api.tappx.com/cs/ Frame 8A9A
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43929&callback_url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D724%26type%3Diframe%26id%3D%24%7BUSER_ID%7D%26auxuid%3D
  • https://ads.betweendigital.com/match?bidder_id=43929&callback_url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D724%26type%3Diframe%26id%3D%24%7BUSER_ID%7D%26auxuid%3D&crf=1&rts=-8150587698...
  • https://ssp.api.tappx.com/cs/usync?idmn=724&type=iframe&id=18d83ebd-abf7-5347-b165-4806d43a1d60&auxuid=
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=724&type=iframe&id=18d83ebd-abf7-5347-b165-4806d43a1d60&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=724&type=iframe&id=18d83ebd-abf7-5347-b165-4806d43a1d60&auxuid=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
usync
ssp.api.tappx.com/cs/ Frame 8A9A
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6192414557248&gdpr=0&consent=&us_privacy={{US_PRIVACY}}
  • https://ssp.api.tappx.com/cs/usync?consent=&gdpr=0&id=OPUd3f1c928ded74fb388bc782ca51b6572&idmn=1135&us_privacy=%7B%7BUS_PRIVACY%7D%7D
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?consent=&gdpr=0&id=OPUd3f1c928ded74fb388bc782ca51b6572&idmn=1135&us_privacy=%7B%7BUS_PRIVACY%7D%7D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ssp.api.tappx.com/cs/usync?consent=&gdpr=0&id=OPUd3f1c928ded74fb388bc782ca51b6572&idmn=1135&us_privacy=%7B%7BUS_PRIVACY%7D%7D
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
172
expires
Mon, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 8A9A 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=tappx.com&id=c2dd7f18-242f-4d0b-aaac-82b31109bcd1f1a
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FHHBMT2R4D5YYEA8BCDV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 4011 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=2775a971-6181-4c64-be1d-a2861ce7f36f
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MAF0M6779HC945NY33BG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 4011
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.220.202.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-202-247.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 13:36:38 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 4011
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=Mjc3NWE5NzEtNjE4MS00YzY0LWJlMWQtYTI4NjFjZTdmMzZm
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.220.202.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-202-247.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiesyncredir
bttrack.com/pixel/ Frame 4011 		35 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DFGhqNjC2WnFmmvNpTL32LMME%26source_user_id%3D%7Bglobalid%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.69 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.69.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-servername
Track002-iad
pragma
no-cache
date
Thu, 23 Nov 2023 13:35:57 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
usersync.aspx
dis.criteo.com/dis/ Frame 4011 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=41&p=244&cp=sharethrough&cu=1&gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7658cb1d77a660882b48db06%26source_user_id%3D%40%40CRITEO_USERID%40%40
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
392512
expires
Thu, 23 Nov 2023 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame F9DA 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=3F30DVV880VBCWyYXWKp
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CCJ29PQTAMVZP0YF3DND
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame F9DA
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3F30DVV880VBCWyYXWKp
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3F30DVV880VBCWyYXWKp
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a3086665-47d6-49d0-ba6d-402927fddd3e%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&ttd_puid=a3086665-47d6-49d0-ba6d-402927fddd3e%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&ttd_puid=a3086665-47d6-49d0-ba6d-402927fddd3e%2C%2C
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&ttd_puid=a3086665-47d6-49d0-ba6d-402927fddd3e%2C%2C
date
Thu, 23 Nov 2023 13:36:38 GMT
server
Kestrel
content-length
359
cs
cs.yellowblue.io/ Frame F9DA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1700746598130
  • https://ad.turn.com/r/cs?pid=45&rndcb=3876515211
  • https://sync.1rx.io/usersync/turn/9185076407418280237?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-905b5109-b08e-4801-96f3-68aa3693ea87-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-905b5109-b08e-4801-96f3-68aa3693ea87-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005
0
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://sync-amz.ads.yieldmo.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Server
Tengine
ETag
RX905b5109b08e480196f368aa3693ea87005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cs.yellowblue.io/cs?aid=11599&id=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005
Content-Type
text/html
Connection
keep-alive
sync
ads.yieldmo.com/v000/ Frame F9DA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=5965519997845925682&pn_id=an
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=5965519997845925682&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.204.239.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-239-76.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
an-x-request-uuid
c22c7105-da5a-4b17-bc84-923a6e33c870
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=5965519997845925682&pn_id=an
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame F9DA
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LPB8M0BO-E-37IV
43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LPB8M0BO-E-37IV
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.204.239.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-239-76.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LPB8M0BO-E-37IV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Expires
0
sync
ads.yieldmo.com/v000/ Frame F9DA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEDiQz_3iRL52HfcVog1IMHo&google_cver=1
43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEDiQz_3iRL52HfcVog1IMHo&google_cver=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.204.239.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-239-76.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEDiQz_3iRL52HfcVog1IMHo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.yellowblue.io/ Frame 77B9
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=2775a971-6181-4c64-be1d-a2861ce7f36f&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=2775a971-6181-4c64-be1d-a2861ce7f36f&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=2775a971-6181-4c64-be1d-a2861ce7f36f&gdpr=0
date
Thu, 23 Nov 2023 13:36:38 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 77B9
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212354975239421
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212354975239421
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212354975239421
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 77B9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=5965519997845925682&gdpr=0&gdpr_consent=
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=5965519997845925682&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
an-x-request-uuid
f36b6e3a-ab50-418c-a216-a75d350de1fa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=5965519997845925682&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 77B9 		53 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 13:36:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 23 Nov 2023 13:36:38 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 77B9
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3F30DVV880VBCWyYXWKp&gdpr=0&gdpr_consent=&us_privacy=
0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3F30DVV880VBCWyYXWKp&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
15
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3F30DVV880VBCWyYXWKp&gdpr=0&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 77B9
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=72374bf9-0da0-4f2c-a88a-08aa198513d1&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
0
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.235.189.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-189-242.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT

Redirect headers

location
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 13:36:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
95
content-type
text/html; charset=utf-8
cs
cs.yellowblue.io/ Frame 77B9
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11600&id=1520263800190791698&gdpr=0&gdpr_consent=
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11600&id=1520263800190791698&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11600&id=1520263800190791698&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 13:36:38 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 77B9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=59e2d9ef-4891-0b8a-069b-bf8032f5756e
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=59e2d9ef-4891-0b8a-069b-bf8032f5756e
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=59e2d9ef-4891-0b8a-069b-bf8032f5756e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 77B9
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=8ad7315b-ac9b-4399-b1f5-5c9722c9ea70
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=8ad7315b-ac9b-4399-b1f5-5c9722c9ea70
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-11
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=8ad7315b-ac9b-4399-b1f5-5c9722c9ea70
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 77B9
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=7e5c97a5-6a6a-4c79-a636-1ad4942b5056&gdpr_consent=null&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=7e5c97a5-6a6a-4c79-a636-1ad4942b5056&gdpr_consent=null&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=7e5c97a5-6a6a-4c79-a636-1ad4942b5056&gdpr_consent=null&gdpr=0
date
Thu, 23 Nov 2023 13:36:38 GMT
server
_
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 77B9
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8
Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.yellowblue.io/ Frame 77B9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1700746598137
  • https://ad.turn.com/r/cs?pid=45&rndcb=983589744
  • https://sync.1rx.io/usersync/turn/2987841845179767085?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-905b5109-b08e-4801-96f3-68aa3693ea87-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-905b5109-b08e-4801-96f3-68aa3693ea87-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Server
Tengine
ETag
RX905b5109b08e480196f368aa3693ea87005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cs.yellowblue.io/cs?aid=11599&id=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005
Content-Type
text/html
Connection
keep-alive
cs
cs.yellowblue.io/ Frame 77B9
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=bd9676847ce152021c622d16cba02c&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=bd9676847ce152021c622d16cba02c&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=bd9676847ce152021c622d16cba02c&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700746598156046-1217
cs
cs-server-s2s.yellowblue.io/ Frame 77B9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=0lkYl0LklrOt&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=0lkYl0LklrOt&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=0lkYl0LklrOt&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-sqmgx
expires
-1
ecm3
s.amazon-adsystem.com/ Frame 77B9 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rise.com&id=x53NyBr-kp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2YGF3HW1YSNHRP74EXR5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie
cm.adform.net/ Frame 5674 		43 B
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D50%26type%3Diframe%26id%3D%24UID%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Thu, 23 Nov 2023 13:36:38 GMT
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 09BE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.124.197 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-124-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19346
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
Thu, 23 Nov 2023 18:59:04 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 75BE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=tappx&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 13:36:38 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
server
AkamaiGHost
usync
ssp.api.tappx.com/cs/ Frame 2911
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D13%26type%3Diframe%26id%3D%24UID%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HtFwhRZHc4ldxZ4dTD-iUtLg&auxuid=
0
431 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HtFwhRZHc4ldxZ4dTD-iUtLg&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 13:36:38 GMT
server
nginx
transfer-encoding
chunked

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Thu, 23 Nov 2023 13:36:38 GMT
Location
https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HtFwhRZHc4ldxZ4dTD-iUtLg&auxuid=
X-Sovrn-Pod
ad_ap2dca1
/
hde.tynt.com/deb/ Frame 0DC8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
ccd931efe34c55c8b9fbf7856a3444dc97eee814eab4c70ac03ec717f5b9eba9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1627
content-type
text/html
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Thu, 23 Nov 2023 13:36:37 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
user-sync
sync.adkernel.com/ Frame AF40 		638 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
a069e809c48101aeda9a13893abe9c256e8d578f2f86c5ea12c8b6fd47921da4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
638
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Nov 2023 13:36:38 GMT
Pragma
no-cache
Server
nginx
sync
cookies.nextmillmedia.com/ Frame 8A87 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.39.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-39-43.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
8f576c40868a28eca9cfd5800eb9d2d9015268284e273f8f36416fc439e8fbd8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
3452
content-type
text/html
date
Thu, 23 Nov 2023 13:36:38 GMT
server
fasthttp
sync
vid.vidoomy.com/ Frame 0A30 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D380%26type%3Diframe%26id%3D%7B%7BVID%7D%7D%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?type=iframe&ruid=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtappx.com%26id%3D%7B%7BTPPXUID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Thu, 23 Nov 2023 13:36:38 GMT
etag
W/"64abbb76-c2af"
last-modified
Mon, 10 Jul 2023 08:04:06 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-age
619516
x-77-cache
HIT
x-77-nzt
EQwBJRPOBAH3/HMJAA
x-77-nzt-ray
8e305f1c6239c60966555f65c8b8a20d
x-77-pop
ashburnUSVA
x-accel-date
1700127082
x-accel-expires
@1701163882
x-age-lb
619516
x-cache-lb
HIT
usync.html
eus.rubiconproject.com/ Frame ABE6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 13:36:38 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 3588 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
395f2986b57ba12fddd470c2e2336fb65faa8f063cc05d934ce02fb13f213768
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1547
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
cSyncRemoteEntry.js
cds.connatix.com/p/385124/ Frame 7AFC 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/385124/cSyncRemoteEntry.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/385124/connatix.playspace.js?cid=a2d35740-1866-416b-92dc-399b9121b597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
x-amz-version-id
RsAXZY9QldNAe70G2sJbS5bURGecCWPr
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 Nov 2023 11:13:42 GMT
server
cloudflare
etag
W/"d60d811350d7df0f4503ae40d8a9728a"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
82a9cd5e4e10ab3b-YYZ
access-control-allow-headers
range
expires
Fri, 22 Nov 2024 13:36:38 GMT
connatix.playspace.css
cds.connatix.com/p/385124/ 		117 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/385124/connatix.playspace.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52bc8e71a34490457c6bc6b85a7e4f737f0431abb69e535556d03e838b810f7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
x-amz-version-id
wYlAgWguElb_4PJ2xy_0hBZmKaXeQIzJ
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 Nov 2023 11:13:39 GMT
server
cloudflare
etag
W/"857ea9b3d964e5d7626a47029ecff794"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
82a9cd5e5e1bab3b-YYZ
access-control-allow-headers
range
expires
Fri, 22 Nov 2024 13:36:38 GMT
khaos.json
token.rubiconproject.com/ Frame 54C5 		7 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 31A5 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ogury.com&id=9e6b4bb7-7ae7-41e3-a421-e30df998715e
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4FQNFCCW6G1879D71C2W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bid-switch
ms-cookie-sync.presage.io/v1/init-sync/ Frame 31A5 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/v1/init-sync/bid-switch?iab_string=undefined&web_uid=9e6b4bb7-7ae7-41e3-a421-e30df998715e&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.96.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-96-14.msp50.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Via
1.1 51001f71e8f897ea5d1a03055e1ae534.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MSP50-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Tue, 14 Nov 2023 09:23:53 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
MPuC76hJ1DOWrSoL-ItnOw3tuhRJfSbP_-iEnz-Fnay5SAdbZC-VcA==
Expires
0
init-sync
ms-cookie-sync.presage.io/ttd/ Frame 31A5 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/ttd/init-sync?iab_string=undefined&web_uid=9e6b4bb7-7ae7-41e3-a421-e30df998715e&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.96.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-96-14.msp50.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Via
1.1 51001f71e8f897ea5d1a03055e1ae534.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MSP50-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Tue, 14 Nov 2023 09:23:53 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
rBRr5R3AvyXOclhjEkL9HYePR9zF0h8LXBafU1mcVXy7BCXb3vWU3Q==
Expires
0
user-sync
ms-cookie-sync.presage.io/ Frame 31A5
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9858090441216&gdpr=0&consent=undefined
  • https://ms-cookie-sync.presage.io/user-sync?consent=undefined&gdpr=0&gdpr_consent=&opera_id=OPUd470c2a509dc4e4eb60a0cab3891e2dd
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?consent=undefined&gdpr=0&gdpr_consent=&opera_id=OPUd470c2a509dc4e4eb60a0cab3891e2dd
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
18.160.96.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-96-14.msp50.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Via
1.1 51001f71e8f897ea5d1a03055e1ae534.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MSP50-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
Qs1Sfnxy4ajclZiGKNs2lRgLiIBtG32cpEOFyw39EV4x7yhmrR_60g==
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ms-cookie-sync.presage.io/user-sync?consent=undefined&gdpr=0&gdpr_consent=&opera_id=OPUd470c2a509dc4e4eb60a0cab3891e2dd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
162
expires
Mon, 01 Jan 1990 00:00:00 GMT
user-sync
ms-cookie-sync.presage.io/ Frame 31A5
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=undefined&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26g...
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=uZBUkzcLJe&consentString=undefined&r=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fraudience_id%3D%5BPDID%5D%26gdpr%3D0%26g...
  • https://ms-cookie-sync.presage.io/user-sync?raudience_id=d0b88fd7-2313-43b7-83c8-1zz1700746585&gdpr=0&gdpr_consent=undefined
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?raudience_id=d0b88fd7-2313-43b7-83c8-1zz1700746585&gdpr=0&gdpr_consent=undefined
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
18.160.96.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-96-14.msp50.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Via
1.1 5a3cb8c533cb5ee9b7ec7736c2a1e8ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MSP50-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
DF4qDIaPXAef_UTNrVv1m2l3nrMkgAAmM2opRycK-V4xxqd7k1cGoQ==
Expires
0

Redirect headers

location
https://ms-cookie-sync.presage.io/user-sync?raudience_id=d0b88fd7-2313-43b7-83c8-1zz1700746585&gdpr=0&gdpr_consent=undefined
date
Thu, 23 Nov 2023 13:36:25 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
usync.js
eus.rubiconproject.com/ Frame 6F34 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79179643470fa1a743b7dcd5d6030abcd7a866096e14c1cadd2ee4c929705998

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:11:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23617
Connection
keep-alive
Content-Length
13230
Expires
Thu, 23 Nov 2023 20:10:15 GMT
usync.js
eus.rubiconproject.com/ Frame 75BE 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79179643470fa1a743b7dcd5d6030abcd7a866096e14c1cadd2ee4c929705998

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:11:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23617
Connection
keep-alive
Content-Length
13230
Expires
Thu, 23 Nov 2023 20:10:15 GMT
usync.js
eus.rubiconproject.com/ Frame ABE6 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79179643470fa1a743b7dcd5d6030abcd7a866096e14c1cadd2ee4c929705998

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:11:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23617
Connection
keep-alive
Content-Length
13230
Expires
Thu, 23 Nov 2023 20:10:15 GMT
usync.html
eus.rubiconproject.com/ Frame 0E03
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
  • https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 13:36:38 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
server
AkamaiGHost
sync
ssbsync.smartadserver.com/api/ Frame 19A3 		891 B
993 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.85 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
831a98915018d82b1f5ad42ea26a21d6735519904083f12f726aba42a26dc508

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
891
content-type
text/html
date
Thu, 23 Nov 2023 13:36:37 GMT
userSync.js
ads.pubmatic.com/AdServer/js/ Frame 31A5 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.124.197 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-124-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:12:08 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=19183
accept-ranges
bytes
content-length
2416
expires
Thu, 23 Nov 2023 18:56:21 GMT
container.html
16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C326 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
Fri, 22 Nov 2024 13:36:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
user-sync
sync.adkernel.com/ Frame AF40
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D200784%26dsp%3D541704%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=200784&dsp=541704&t=image&uid=5965519997845925682
42 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=200784&dsp=541704&t=image&uid=5965519997845925682
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
an-x-request-uuid
25bd9acf-abf6-4487-a3ff-8860299d82dd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
//sync.adkernel.com/user-sync?zone=200784&dsp=541704&t=image&uid=5965519997845925682
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 0E03 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79179643470fa1a743b7dcd5d6030abcd7a866096e14c1cadd2ee4c929705998

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:11:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23617
Connection
keep-alive
Content-Length
13230
Expires
Thu, 23 Nov 2023 20:10:15 GMT
user-sync
ms-cookie-sync.presage.io/ Frame 19A3 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?equativ_id=1520263800190791698&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.96.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-96-14.msp50.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Via
1.1 5a3cb8c533cb5ee9b7ec7736c2a1e8ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MSP50-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
ULX_28e7ClF6dg-6Kb2Exok_E6dBJumA8OJRAylU6cytFpzRVv97AQ==
Expires
0
7.gif
id5-sync.com/c/102/112/3/ Frame 19A3
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ee80AvH94oJ4u5hAbjVXQ8GWEr6Lkcw1rWp30FAN4w&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/8/2.gif?puid=1520263800190791698&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/102/10/7/3.gif?puid=9047554035501915527&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ee80AvH94oJ4u5hAbjVXQ8GWEr6Lkcw1rWp30FAN4w&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F6%2F4.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/6/4.gif?puid=1520263800190791698&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F5%2F5.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/123/5/5.gif?puid=18bfc6595d9-74900000010a5def&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F4%2F6.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/104/4/6.gif?puid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/112/3/7.gif?puid=1A453196640F0FE9&gdpr=0&gdpr_consent=
0
0
/
rtb-csync.smartadserver.com/redir/ Frame 19A3
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5965519997845925682&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5965519997845925682&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.105.12.172 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
an-x-request-uuid
5010dd05-31db-4cda-b066-9012da841ba1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5965519997845925682&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 19A3
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=b1909214b92eb6624c0b7b606f679127&gdpr=0&gdpr_consent=0
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=b1909214b92eb6624c0b7b606f679127&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.105.12.172 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=b1909214b92eb6624c0b7b606f679127&gdpr=0&gdpr_consent=0
x-kong-upstream-latency
5
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 19A3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZV9VZgAByG6BTABH&gdpr=0&gdpr_consent=&_test=ZV9VZgAByG6BTABH
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZV9VZgAByG6BTABH&gdpr=0&gdpr_consent=&_test=ZV9VZgAByG6BTABH
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=73&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.105.12.172 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:37 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-yyz4546-YYZ
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700746599.666448,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZV9VZgAByG6BTABH&gdpr=0&gdpr_consent=&_test=ZV9VZgAByG6BTABH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ecm3
s.amazon-adsystem.com/ Frame 54C5
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LPB8M0BO-E-37IV
  • https://s.amazon-adsystem.com/ecm3?id=LPB8M0BO-E-37IV&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LPB8M0BO-E-37IV&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TJNYVYJPZR6VW1KAG1FN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LPB8M0BO-E-37IV&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Expires
0
dcm
s.amazon-adsystem.com/ Frame 7F28 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=71A53502-0352-4DDA-BC37-6369BFD775C2&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 13:36:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
TKS2A6VZFFP6R2BVCD40
cs
cs-server-s2s.yellowblue.io/ Frame 41D7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5965519997845925682&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
0
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

content-length
115
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 13:36:38 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 301E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBV09rN0t2cXNBQUJLZHlaRVVBZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAAWOk7KvqsAABKdyZEUAg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAWOk7KvqsAABKdyZEUAg&pid=558502&do=add&gd...
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAAWOk7KvqsAABKdyZEUAg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1520263800190791698&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AAAWOk7KvqsAABKdyZEUAg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D1520263800190791698%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=1520263800190791698&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAWOk7KvqsAABKdyZEUAg&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 23 Nov 2023 04:53:12 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync
usersync.gumgum.com/ Frame E6CA 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=71A53502-0352-4DDA-BC37-6369BFD775C2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 23 Nov 2023 13:36:38 GMT
Expires
0
Pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 919C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=caU1AgNSTdq8N2Npv9d1wg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
23.220.124.197 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-124-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=19346
accept-ranges
bytes
content-length
5622
expires
Thu, 23 Nov 2023 18:59:04 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 919C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=71A53502-0352-4DDA-BC37-6369BFD775C2
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Da3086665-47d6-49d0-ba6d-402927fddd3e%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5965519997845925682&pt=a3086665-47d6-49d0-ba6d-402927fddd3e%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5965519997845925682&pt=a3086665-47d6-49d0-ba6d-402927fddd3e%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
an-x-request-uuid
6b3537b3-1848-4bf8-9272-76b792a4e0c4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5965519997845925682&pt=a3086665-47d6-49d0-ba6d-402927fddd3e%2C%2C
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 919C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2071A53502-0352-4DDA-BC37-6369BFD775C2&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 919C 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=71A53502-0352-4DDA-BC37-6369BFD775C2&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Nov 2023 13:36:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs-server-s2s.yellowblue.io/ Frame 919C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzFBNTM1MDItMDM1Mi00RERBLUJDMzctNjM2OUJGRDc3NUMy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
0
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
date
Thu, 23 Nov 2023 13:36:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame 919C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEk3I9jakdWYA3zYDSZRwBg&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
0
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
date
Thu, 23 Nov 2023 13:36:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
sn.ashx
pmp.mxptint.net/ Frame 919C
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2140A94FBC324532807E7B743EE659A3
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10C999B5C_2112C74E&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Server
38.98.69.175 North Bergen, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-383751398; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-383751398; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 23 Nov 2023 04:53:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs-server-s2s.yellowblue.io/ Frame 919C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
0
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=71A53502-0352-4DDA-BC37-6369BFD775C2
date
Thu, 23 Nov 2023 13:36:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 919C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=71A53502-0352-4DDA-BC37-6369BFD775C2&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-aZUphCFE2uWlrPP27KuoHQStPEr_9No-~A&gdpr=0
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-aZUphCFE2uWlrPP27KuoHQStPEr_9No-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-aZUphCFE2uWlrPP27KuoHQStPEr_9No-~A&gdpr=0
date
Thu, 23 Nov 2023 13:36:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
71A53502-0352-4DDA-BC37-6369BFD775C2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 919C 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/71A53502-0352-4DDA-BC37-6369BFD775C2?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:2d35:9b03:a9f9:e139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ImgSync
image8.pubmatic.com/AdServer/ Frame 919C
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=71A53502-0352-4DDA-BC37-6369BFD775C2&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1b827c6c8c01489&is_secure=true&networkId=17100&version=1&nuid=71A53502-0352-4DDA-BC37-6369BFD775C2&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHS7AGDgcmPAM9lSz2AAAAAAA&expiration=1700832998&nuid=71A53502-0352-4DDA-BC37-6369BFD775C2&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2987841845179767085&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9047554035501915527
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 23 Nov 2023 04:43:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 87D2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
29164
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 05:30:34 GMT
expires
Fri, 22 Nov 2024 05:30:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FAE4 		829 B
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::63 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1cb46d6e5856d62d4b6ddec0111b874d5f8271a45cca47d79223894c0b9f523b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S9k-1GeR_-qwwwcp34UHmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-S9k-1GeR_-qwwwcp34UHmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
Thu, 23 Nov 2023 13:36:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
onetag-sys.com/match/ Frame 3588
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=70e7655f-5566-4d00-b5b0-5ec6fb1ffda0&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=70e7655f-5566-4d00-b5b0-5ec6fb1ffda0&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Server
MT3 1143 599e619 master iad iad-pixel-x18 config_version:"1605"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=70e7655f-5566-4d00-b5b0-5ec6fb1ffda0&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 23 Nov 2023 13:36:37 GMT
/
onetag-sys.com/match/ Frame 3588
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LPB8M0BO-E-37IV&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LPB8M0BO-E-37IV&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LPB8M0BO-E-37IV&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1da0c96602e9a1076eae4f5554c05cf3
Expires
0
/
onetag-sys.com/match/ Frame 3588
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5965519997845925682
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5965519997845925682
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
an-x-request-uuid
32909098-ec70-43f7-b63e-57d48bb56200
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5965519997845925682
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 3588
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=bd9676847ce152021c622d16cba02c&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=bd9676847ce152021c622d16cba02c&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=bd9676847ce152021c622d16cba02c&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700746598489033-258
tap.php
pixel.rubiconproject.com/ Frame 3588 		42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=xFqxkvWpHy1VFyDwjkVOKDjPMCrEOvd8223rAhGK81s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3588
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_xlmGCAajazeTiFInDHMiVZthPyrw_fDg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_xlmGCAajazeTiFInDHMiVZthPyrw_fDg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_xlmGCAajazeTiFInDHMiVZthPyrw_fDg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 3588
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=1520263800190791698
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=1520263800190791698
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=1520263800190791698
date
Thu, 23 Nov 2023 13:36:38 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 3588
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xFqxkvWpHy1VFyDwjkVOKDjPMCrEOvd8223rAhGK81s
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xFqxkvWpHy1VFyDwjkVOKDjPMCrEOvd8223rAhGK81s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BFN7AQJB7STFWNNDZ33Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xFqxkvWpHy1VFyDwjkVOKDjPMCrEOvd8223rAhGK81s
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 3588
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=71A53502-0352-4DDA-BC37-6369BFD775C2
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=71A53502-0352-4DDA-BC37-6369BFD775C2
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=71A53502-0352-4DDA-BC37-6369BFD775C2
date
Thu, 23 Nov 2023 13:36:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 3588
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBFZ-VOxvuc9ZXjjVVYUxGo&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBFZ-VOxvuc9ZXjjVVYUxGo&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBFZ-VOxvuc9ZXjjVVYUxGo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 3588
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0lkYl0LklrOt&ev=1&us_privacy=&pid=562985
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0lkYl0LklrOt&ev=1&us_privacy=&pid=562985
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0lkYl0LklrOt&ev=1&us_privacy=&pid=562985
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-sqmgx
expires
-1
/
onetag-sys.com/match/ Frame 3588
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=5eb4a953b4771164&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGdGSlAoQiPwNPVMoGAAAAAAA&expiration=1700832998
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGdGSlAoQiPwNPVMoGAAAAAAA&expiration=1700832998
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGdGSlAoQiPwNPVMoGAAAAAAA&expiration=1700832998
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 3588
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-Q4ti76pE2uGP73LP.X5fK6h2bhsFufcTVnWIX3Y-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-Q4ti76pE2uGP73LP.X5fK6h2bhsFufcTVnWIX3Y-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-Q4ti76pE2uGP73LP.X5fK6h2bhsFufcTVnWIX3Y-~A
date
Thu, 23 Nov 2023 13:36:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 3588
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 13:36:38 GMT
server
Kestrel
content-length
233
/
onetag-sys.com/match/ Frame 3588
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a2647777-af24-46eb-8cf5-4bb4e6e8269c&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.yellowblue.io/ Frame 3588 		0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11581&id=xFqxkvWpHy1VFyDwjkVOKDjPMCrEOvd8223rAhGK81s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://onetag-sys.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
/
onetag-sys.com/usync/ Frame 5D0A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
a37c8978b4c00a9e3f25003bee83309f9326266e56c66cebc59e9d35f5a36c4c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1549
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
khaos.json
token.rubiconproject.com/ Frame 75BE 		7 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LPB8M0BO-E-37IV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
khaos.json
token.rubiconproject.com/ Frame 6F34 		7 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LPB8M0BO-E-37IV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
usync
ssp.api.tappx.com/cs/ Frame A9C6 		0
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=1060&type=iframe&id=&auxuid=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 13:36:38 GMT
server
nginx
transfer-encoding
chunked
/
ssc-cms.33across.com/ps/ Frame 02E4 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
a9cef0e53263ed2712ba268f8b6c9a38c5035a864f4d135eb9d0670f323facde

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-language
en
content-length
2937
content-type
text/html;charset=utf-8
date
Thu, 23 Nov 2023 13:36:38 GMT
0
prebid.a-mo.net/cchain/ Frame 993C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
1f885adfdf05b86debfe2203ee6ec28c8d60894680de9a7a4d971301b66e4089

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
679
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 13:36:38 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
setuid
pbs.nextmillmedia.com/ Frame 1E6C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24UID
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&uid=5965519997845925682
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5965519997845925682
86 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5965519997845925682
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.15.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-15-142.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5965519997845925682
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame D616
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24%7BBSW_U...
  • https://cookies.nextmillmedia.com/setuid?bidder=grid&nmuid=&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8
  • https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8
86 B
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.15.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-15-142.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame A0E1
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix...
  • https://cookies.nextmillmedia.com/setuid?gpp=%7B%7B.GPP%7D%7D&bidder=ix&nmuid=&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&uid=ZV9VZf8jDOcP96AbbzfkBwAA%261434
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZV9VZf8jDOcP96AbbzfkBwAA&1434
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZV9VZf8jDOcP96AbbzfkBwAA&1434
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.15.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-15-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZV9VZf8jDOcP96AbbzfkBwAA&1434
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame B612
Redirect Chain
  • https://csync.loopme.me/?pubid=11364&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS...
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=0&gdpr_consent=&us_privacy={%7BUS_PRIVACY%7D}&uid=7e5c97a5-6a6a-4c79-a636-1ad4942b5056&gdpr_consent=null&gdpr=0
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=7e5c97a5-6a6a-4c79-a636-1ad4942b5056
86 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=7e5c97a5-6a6a-4c79-a636-1ad4942b5056
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.15.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-15-142.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=7e5c97a5-6a6a-4c79-a636-1ad4942b5056
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame D45F
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D...
  • https://cookies.nextmillmedia.com/setuid?bidder=openx&nmuid=&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&uid=883c4ab6-26e1-0526-2650-2307920763a0
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=883c4ab6-26e1-0526-2650-2307920763a0
0
309 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=883c4ab6-26e1-0526-2650-2307920763a0
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.15.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-15-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=883c4ab6-26e1-0526-2650-2307920763a0
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame 1415
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D0%26...
  • https://cookies.nextmillmedia.com/setuid?bidder=pubmatic&nmuid=&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&uid=71A53502-0352-4DDA-BC37-6369BFD775C2
  • https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=71A53502-0352-4DDA-BC37-6369BFD775C2
0
310 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=71A53502-0352-4DDA-BC37-6369BFD775C2
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.15.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-15-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=71A53502-0352-4DDA-BC37-6369BFD775C2
server
fasthttp
usync.html
eus.rubiconproject.com/ Frame DD3C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid=
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 13:36:38 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
server
AkamaiGHost
pixel
ap.lijit.com/ Frame DF71 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 23 Nov 2023 13:36:38 GMT
X-Sovrn-Pod
ad_ap2dca1
getuid
eb2.3lift.com/ Frame 20C0 		0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy={{US_PRIVACY}}&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
setuid
pbs.nextmillmedia.com/ Frame D2A6
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D...
  • https://cookies.nextmillmedia.com/setuid?bidder=yieldmo&nmuid=&uid=3F30DVV880VBCWyYXWKp&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}
  • https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=3F30DVV880VBCWyYXWKp
86 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=3F30DVV880VBCWyYXWKp
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1060%26type%3Diframe%26id%3D%5BNMUID%5D%26auxuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.15.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-15-142.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=3F30DVV880VBCWyYXWKp
server
fasthttp
khaos.json
token.rubiconproject.com/ Frame ABE6 		7 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LPB8M0BO-E-37IV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
usync.html
eus.rubiconproject.com/ Frame 82BB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 13:36:38 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4FD8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1700746598340.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.124.197 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-124-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19346
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
Thu, 23 Nov 2023 18:59:04 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP010
x-33x-status
40000000008200000A
usync
ssp.api.tappx.com/cs/ Frame 0DC8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1700746598340.&ri=0010b00001siQHqAAM&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D...
  • https://ssp.api.tappx.com/cs/usync?idmn=58&type=iframe&id=212354975239421&auxuid=
0
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=58&type=iframe&id=212354975239421&auxuid=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
Protocol
HTTP/1.1
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://ssp.api.tappx.com/cs/usync?idmn=58&type=iframe&id=212354975239421&auxuid=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 0DC8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968907272543872689&expires=30&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 0DC8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-joY4A2dE2uEr6CrPQe38tsdxM7Uz5g8m~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-joY4A2dE2uEr6CrPQe38tsdxM7Uz5g8m%7EA&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-joY4A2dE2uEr6CrPQe38tsdxM7Uz5g8m%7EA&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-joY4A2dE2uEr6CrPQe38tsdxM7Uz5g8m%7EA&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 0DC8
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=5a42324066ae1489&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAF2dmf_cl4-wNg_hC3AAAAAAA&expiration=1700832998&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAF2dmf_cl4-wNg_hC3AAAAAAA&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAF2dmf_cl4-wNg_hC3AAAAAAA&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAF2dmf_cl4-wNg_hC3AAAAAAA&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 0DC8
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=659112826076576016317
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=659112826076576016317&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=659112826076576016317&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=659112826076576016317&ts=1700746598&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
bl-cf1706d-0277468f.js
tagan.adlightning.com/gomedia/ Frame C326 		72 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/bl-cf1706d-0277468f.js
Requested by
Host: 16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
URL: https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.37.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-37-32.msp50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13f97430ec64942f6a1afc5a4df87459029c17aa0d3083ad0bc13e76f16c0a4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 21:22:24 GMT
content-encoding
gzip
via
1.1 db4dbc94ada3ec57403661fc29634ea8.cloudfront.net (CloudFront)
x-amz-version-id
zltGZNt4217XSbelGXvYtb2YiSyPNKjA
x-amz-cf-pop
MSP50-C1
age
58455
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31002
x-amz-meta-git_commit
cf1706d
last-modified
Wed, 22 Nov 2023 20:41:29 GMT
server
AmazonS3
etag
"02f2368d47e8b915b60cc86e07d0089e"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DSfL9lIaITn6DqJyyd85dSBbOPQFy_hvSbY4ivbz_AvOkMUL6j04ig==
b-cf1706d-4a4114ab.js
tagan.adlightning.com/gomedia/ Frame C326 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Requested by
Host: 16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
URL: https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.37.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-37-32.msp50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08fa7ff07736c62eb09f473459e4123d902f388debf370e10103f03ba3c61ec2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:23:33 GMT
content-encoding
gzip
via
1.1 db4dbc94ada3ec57403661fc29634ea8.cloudfront.net (CloudFront)
x-amz-version-id
YWL0SJBVmouTNxkWla4VH_aL86_dW.Pd
x-amz-cf-pop
MSP50-C1
age
155586
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27942
x-amz-meta-git_commit
cf1706d
last-modified
Tue, 21 Nov 2023 18:23:23 GMT
server
AmazonS3
etag
"7e0885f669f70c7a4d38807250550e89"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
RWepV-ukNy36nyEDP-3_7Gpi-Jxdug9lqR9orh0On8rHVDx-Zx9TjQ==
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C326 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
URL: https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 13:00:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
88555
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Nov 2024 13:00:43 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame C326 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
URL: https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 23 Nov 2023 13:36:38 GMT
x-content-type-options
nosniff
content-encoding
br
age
35210
x-jsd-version
1.16.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9365
x-served-by
cache-fra-etou8220028-FRA, cache-ewr18128-EWR
x-jsd-version-type
version
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C326 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
URL: https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 13:36:38 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame C326 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&seltag=1&sadv=5282684063&ord=3169522532&litm=6249408446&scrt=138425937821&unit=1x1&splc=152253218&adu=22443057970&adsrv=104&btreg=6249408446138425937821&btadsrv=6249408446138425937821&cb=1076801462&region=70dvtagver=6.1.src
Requested by
Host: 16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
URL: https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da4e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
dfee1bd52507e6079bb03907bc1e69549698bbbcd4b48ee20abffee59c3130fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 11:58:00 GMT
Server
UploadServer
ETag
"7016a8d85509bc72e9b0db848677035f"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3639
Expires
Thu, 23 Nov 2023 13:51:38 GMT
952.js
cds.connatix.com/p/385124/ Frame 7AFC 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/385124/952.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/385124/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
x-amz-version-id
uCqHEMKWCk5bE4_m1dqyVSq1d7HzCC5B
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 Nov 2023 11:13:42 GMT
server
cloudflare
etag
W/"57846254bbd200f9201061ef4191f1e3"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
82a9cd61386936fa-YYZ
access-control-allow-headers
range
expires
Fri, 22 Nov 2024 13:36:38 GMT
402.js
cds.connatix.com/p/385124/ Frame 7AFC 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/385124/402.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/385124/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1cf560a4e42b1321a32a04030dddb56c511f0e7493718f82cfd1797e5aa9a7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
x-amz-version-id
hTxZsvRSo.4DuFZ4jrqQ6CqAEBbZ2AH9
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 Nov 2023 11:13:42 GMT
server
cloudflare
etag
W/"04982ce209e45ea5b9d8a2076bc96397"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
82a9cd61386c36fa-YYZ
access-control-allow-headers
range
expires
Fri, 22 Nov 2024 13:36:38 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		303 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=112609013164568&correlator=2728595865278769&eid=31079667%2C44807410%2C31079525%2C31068826%2C31078978&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Carticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x60&ifi=2&didk=1378598704&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1f5bc007911fdfce%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MY7TJsDQXFvX851TYDK3Nf-VAx6Pg&gpic=UID%3D00000da373c99d24%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MbRsCcyQzzc-X937nk247j8I0gXtg&abxe=1&dt=1700746598640&lmt=1700746598&adxs=2530&adys=565&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&vis=1&psz=1273x184&msz=136x0&fws=1028&ohw=4000&psts=AOrYGskFHy7ULbG3PF-1XZQFZ5-j3kq44Mde4a8Lm4Jez8g-cxtCvReg0rlY78LKRmsp7ogDd297f52dzVpJJsg&ga_vid=1282057542.1700746597&ga_sid=1700746598&ga_hid=878563414&ga_fc=true&dlt=1700746595236&idt=1729&ppid=b1603b65-686d-4b2c-9308-86c81697bbd3&prev_scp=article_position%3D1%26pos%3Dsection_sponsorship%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dsection_sponsorship-01&cust_params=veritas-iab%3D1-4%252C%252012%26tags%3Ddna%252Ccannabis%252Caddiction%252Centertainment%252C%2520culture%252Chelices%252Cbiotechnology%252Cseth%2520mendez%252Cjudy%2520robison%252Cgenetics%252Cwes%2520konner%26blogName%3Dtheonion%26channel%3Dopinion%26section%3Damerican-voices%26subsection%3D%26page%3Darticle%26postId%3D1851043563%26content_originator%3DThe%2520Onion%26veritas-segments%3D12%252C%252014&adks=442601277&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
cc2c525e50d83e792fbe146f73c0079dae1f2b7d682c0af9377e02f7dc8cffa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=112609013164568&correlator=2728595865278769&eid=31079667%2C44807410%2C31079525%2C31068826%2C31078978&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Carticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C360x430&ifi=3&didk=1378598706&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1f5bc007911fdfce%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MY7TJsDQXFvX851TYDK3Nf-VAx6Pg&gpic=UID%3D00000da373c99d24%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MbRsCcyQzzc-X937nk247j8I0gXtg&abxe=1&dt=1700746598654&lmt=1700746598&adxs=2279&adys=765&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&vis=1&psz=372x461&msz=372x461&fws=1540&ohw=4000&psts=AOrYGskFHy7ULbG3PF-1XZQFZ5-j3kq44Mde4a8Lm4Jez8g-cxtCvReg0rlY78LKRmsp7ogDd297f52dzVpJJsg&ga_vid=1282057542.1700746597&ga_sid=1700746598&ga_hid=878563414&ga_fc=true&dlt=1700746595236&idt=1729&ppid=b1603b65-686d-4b2c-9308-86c81697bbd3&prev_scp=article_position%3D1%26pos%3Dleft_top%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dleft_top-01%26amznbid%3D2%26amznp%3D2&cust_params=veritas-iab%3D1-4%252C%252012%26tags%3Ddna%252Ccannabis%252Caddiction%252Centertainment%252C%2520culture%252Chelices%252Cbiotechnology%252Cseth%2520mendez%252Cjudy%2520robison%252Cgenetics%252Cwes%2520konner%26blogName%3Dtheonion%26channel%3Dopinion%26section%3Damerican-voices%26subsection%3D%26page%3Darticle%26postId%3D1851043563%26content_originator%3DThe%2520Onion%26veritas-segments%3D12%252C%252014&adks=1967609277&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
56f60a648c1abcdb64f36f865b3525220b9563f8f1c43592c69c63085bfe8ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13988
x-xss-protection
0
google-lineitem-id
6394873656
pragma
no-cache
server
cafe
google-creative-id
676691220918
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync
ssp.api.tappx.com/cs/ Frame 75BE
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=tappx&khaos=LPB8M0BO-E-37IV
  • https://ssp.api.tappx.com/cs/usync?idmn=52&id=LPB8M0BO-E-37IV
0
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=52&id=LPB8M0BO-E-37IV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Protocol
HTTP/1.1
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ssp.api.tappx.com/cs/usync?idmn=52&id=LPB8M0BO-E-37IV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 54C5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=&expires=30
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=&expires=30
date
Thu, 23 Nov 2023 13:36:38 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 54C5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MSjbyzz3Q_KxXriW4Ab10A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MSjbyzz3Q_KxXriW4Ab10A
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MSjbyzz3Q_KxXriW4Ab10A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C77FB1ZWW5CP3V0GA823
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MSjbyzz3Q_KxXriW4Ab10A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 54C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBCOE0wQk8tRS0zN0lW
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB0iO3UBNe7xrXH7i3HxT-I&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCOE0wQk8tRS0zN0lW&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCOE0wQk8tRS0zN0lW&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCOE0wQk8tRS0zN0lW&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 54C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/P1GZ767xhNPKerxJbRU-6w?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-b.EOGkJE2oJ18_N7hSKEDAsU8oGEuf8A7r_ulA--~A
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-b.EOGkJE2oJ18_N7hSKEDAsU8oGEuf8A7r_ulA--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 23 Nov 2023 13:36:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-b.EOGkJE2oJ18_N7hSKEDAsU8oGEuf8A7r_ulA--~A
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 54C5 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1YDZHX6F54BPF89TCZ1V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 54C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGY0ODE2YTY3YmM5MTI5NjgwM2QxN2QxZDBhOTRiYjRmMjQxMTkxMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGY0ODE2YTY3YmM5MTI5NjgwM2QxN2QxZDBhOTRiYjRmMjQxMTkxMA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGY0ODE2YTY3YmM5MTI5NjgwM2QxN2QxZDBhOTRiYjRmMjQxMTkxMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 54C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENQwX276a-8zf2YJ6N3lLTE&google_cver=1
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENQwX276a-8zf2YJ6N3lLTE&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENQwX276a-8zf2YJ6N3lLTE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 54C5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LPB8M0BO-E-37IV&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LPB8M0BO-E-37IV&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
73HQHQZ69WYCAT2MJ5FS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LPB8M0BO-E-37IV&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
setuid
px.ads.linkedin.com/ Frame 54C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPB8M0BO-E-37IV
0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPB8M0BO-E-37IV
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9B174693380F499CA1A6FD4F70C85F41 Ref B: EWR311000105045 Ref C: 2023-11-23T13:36:38Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYK0ezhgtIsEZQ32TtxtQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPB8M0BO-E-37IV
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 54C5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAWOk7KvqsAABKdyZEUAg&expires=30
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAWOk7KvqsAABKdyZEUAg&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAWOk7KvqsAABKdyZEUAg&expires=30
Date
Thu, 23 Nov 2023 13:36:38 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 54C5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPB8M0BO-E-37IV
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPB8M0BO-E-37IV
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPB8M0BO-E-37IV&ckls=true&ci=nP4mHM0vGX&nc=false&trid=-1512653646
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPB8M0BO-E-37IV&ckls=true&ci=nP4mHM0vGX&nc=false&trid=-1512653646
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.227.37.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-37-11.msp50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
via
1.1 1fdf83f6faeffdd74bddbfdba34c8702.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
MSP50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
qH-4qJ0cVC9oQ0HaK9eunk-1fpNSmlnmROvxnjFiNeW-tyDwROKtaQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
via
1.1 a69dfa505dbe2e8eeb459da62facb688.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
MSP50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPB8M0BO-E-37IV&ckls=true&ci=nP4mHM0vGX&nc=false&trid=-1512653646
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
KVmj9oPojASIiltRE5lMGfVKL3iKW7kphQdEOE_7cBbePm7xcBjgQw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 54C5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPB8M0BO-E-37IV
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPB8M0BO-E-37IV
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
an-x-request-uuid
95013e26-ec03-4ce9-9fcf-fa49ab390caf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPB8M0BO-E-37IV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 54C5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LPB8M0BO-E-37IV
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LPB8M0BO-E-37IV
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LPB8M0BO-E-37IV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 54C5
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=72374bf9-0da0-4f2c-a88a-08aa198513d1&expires=30
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=72374bf9-0da0-4f2c-a88a-08aa198513d1&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=72374bf9-0da0-4f2c-a88a-08aa198513d1&expires=30
Date
Thu, 23 Nov 2023 13:36:38 GMT
Connection
keep-alive
X-CI-RTID
579e3ec1-aa3d-4727-acec-9cf0d554155b
Content-Length
144
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 54C5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPB8M0BO-E-37IV
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPB8M0BO-E-37IV
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
3.220.202.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-202-247.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPB8M0BO-E-37IV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
cksync
hb.yahoo.net/ Frame 54C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPB8M0BO-E-37IV&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPB8M0BO-E-37IV&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS10T1R5LnRkRTJ1RWZ5a1lMd3Mzbl9VZUhDWTg2UEVUdn5B&ovsid=LPB8M0BO-E-37IV&dpid=58160
53 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS10T1R5LnRkRTJ1RWZ5a1lMd3Mzbl9VZUhDWTg2UEVUdn5B&ovsid=LPB8M0BO-E-37IV&dpid=58160
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.222.5.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-138.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 23 Nov 2023 13:36:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 23 Nov 2023 13:36:39 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS10T1R5LnRkRTJ1RWZ5a1lMd3Mzbl9VZUhDWTg2UEVUdn5B&ovsid=LPB8M0BO-E-37IV&dpid=58160
date
Thu, 23 Nov 2023 13:36:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
usersync.gumgum.com/ Frame 6F34
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LPB8M0BO-E-37IV
  • https://usersync.gumgum.com/usersync?b=mag&i=LPB8M0BO-E-37IV
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LPB8M0BO-E-37IV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LPB8M0BO-E-37IV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
khaos.json
token.rubiconproject.com/ Frame 0E03 		7 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr_consent=undefined&khaos=LPB8M0BO-E-37IV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 13:36:38 GMT
usync.js
eus.rubiconproject.com/ Frame DD3C 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79179643470fa1a743b7dcd5d6030abcd7a866096e14c1cadd2ee4c929705998

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:11:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23617
Connection
keep-alive
Content-Length
13230
Expires
Thu, 23 Nov 2023 20:10:15 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F813 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163238&s=&predirect=https%3A%2F%2Fms-cookie-sync.presage.io%2Fuser-sync%3Fgdpr%3D0%26gdpr_consent%3Dundefined%26pubmatic_id%3D&userIdMacro=&gdpr_consent=undefined&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.124.197 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-124-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19346
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
Thu, 23 Nov 2023 18:59:04 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cs
cs.yellowblue.io/ Frame ABE6
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LPB8M0BO-E-37IV
  • https://cs.yellowblue.io/cs?aid=11590&id=LPB8M0BO-E-37IV
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LPB8M0BO-E-37IV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
H2
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LPB8M0BO-E-37IV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Expires
0
usync.js
eus.rubiconproject.com/ Frame 82BB 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79179643470fa1a743b7dcd5d6030abcd7a866096e14c1cadd2ee4c929705998

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:11:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23617
Connection
keep-alive
Content-Length
13230
Expires
Thu, 23 Nov 2023 20:10:15 GMT
cframe.js
assets.a-mo.net/js/ Frame 993C 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
via
1.1 e01570337e8962613adb227d515f9a6e.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
BOS50-P4
age
380
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"e3fef3a35c249816d0d7aa58df5e6bf4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
82a9cd628d424bd5-BUF
x-amz-cf-id
UN-M4PQd-8-WZo1VfBxZhuCdcynhXHtt-fN5xyVxJX4NX4URf_-FPQ==
expires
Thu, 23 Nov 2023 14:36:38 GMT
tap.php
pixel.rubiconproject.com/ Frame 5D0A 		42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=xFqxkvWpHy1VFyDwjkVOKDjPMCrEOvd8223rAhGK81s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5D0A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_xlmX_kH8z8RCd0MJ1_h3LQ7pU5lW8KyQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_xlmX_kH8z8RCd0MJ1_h3LQ7pU5lW8KyQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_xlmX_kH8z8RCd0MJ1_h3LQ7pU5lW8KyQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 5D0A
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=670bc134c9db122b&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHS7AGDgcmTAMLWLeJAAAAAAA&expiration=1700832998
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHS7AGDgcmTAMLWLeJAAAAAAA&expiration=1700832998
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHS7AGDgcmTAMLWLeJAAAAAAA&expiration=1700832998
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 5D0A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=70e7655f-5566-4d00-b5b0-5ec6fb1ffda0&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=70e7655f-5566-4d00-b5b0-5ec6fb1ffda0&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Server
MT3 1143 599e619 master iad iad-pixel-x24 config_version:"1605"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=70e7655f-5566-4d00-b5b0-5ec6fb1ffda0&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 23 Nov 2023 13:36:37 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 5D0A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
213.19.162.80 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
1da0c96602e9a1076eae4f5554c05cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 5D0A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5965519997845925682
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5965519997845925682
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
an-x-request-uuid
d08e6aca-9114-42f6-ad6c-99d7c2db21ce
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5965519997845925682
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 5D0A
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=bd9676847ce152021c622d16cba02c&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=bd9676847ce152021c622d16cba02c&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=bd9676847ce152021c622d16cba02c&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700746598757066-312
sync
ssbsync-global.smartadserver.com/api/ Frame 5D0A 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.84 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:37 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 5D0A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ChkcC3hX3kjyf_fJDKHeJEJRqZDPGNPZjJSKe5tjTAQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ChkcC3hX3kjyf_fJDKHeJEJRqZDPGNPZjJSKe5tjTAQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RJ6EPW5A82X5EZ7WZPM6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ChkcC3hX3kjyf_fJDKHeJEJRqZDPGNPZjJSKe5tjTAQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 5D0A 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
content-length
0
/
onetag-sys.com/match/ Frame 5D0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBFZ-VOxvuc9ZXjjVVYUxGo&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBFZ-VOxvuc9ZXjjVVYUxGo&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBFZ-VOxvuc9ZXjjVVYUxGo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 5D0A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0lkYl0LklrOt&ev=1&us_privacy=&pid=562985
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0lkYl0LklrOt&ev=1&us_privacy=&pid=562985
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0lkYl0LklrOt&ev=1&us_privacy=&pid=562985
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-sqmgx
expires
-1
occ
ups.analytics.yahoo.com/ups/58488/ Frame 5D0A 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 5D0A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 13:36:38 GMT
server
Kestrel
content-length
233
sync
x.bidswitch.net/ Frame 5D0A 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
user-sync
sync.adkernel.com/ Frame 5D0A 		22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=175005&r=xFqxkvWpHy1VFyDwjkVOKDjPMCrEOvd8223rAhGK81s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 13:36:38 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
22
user-sync
ms-cookie-sync.presage.io/ Frame 0E03
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=ogury&gdpr_consent=undefined&gdpr_consent=undefined&khaos=LPB8M0BO-E-37IV
  • https://ms-cookie-sync.presage.io/user-sync?magnite_id=LPB8M0BO-E-37IV&gdpr_consent=undefined
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?magnite_id=LPB8M0BO-E-37IV&gdpr_consent=undefined
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
18.160.96.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-96-14.msp50.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:38 GMT
Via
1.1 5a3cb8c533cb5ee9b7ec7736c2a1e8ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MSP50-P1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
ZlVFDO-FOIdGhAz1h8uRTrIySjXm6_pGdZYhkde-srSiF1aiqf4-Xw==
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ms-cookie-sync.presage.io/user-sync?magnite_id=LPB8M0BO-E-37IV&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Expires
0
khaos.json
token.rubiconproject.com/ Frame DD3C 		7 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LPB8M0BO-E-37IV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Expires
0
khaos.json
token.rubiconproject.com/ Frame 82BB 		7 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LPB8M0BO-E-37IV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame FAE4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=112609013164568&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=112609013164568&correlator=2728595865278769&eid=31079667%2C44807410%2C31079525%2C31068826%2C31078978&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Carticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=4&didk=1378598708&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1f5bc007911fdfce%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MY7TJsDQXFvX851TYDK3Nf-VAx6Pg&gpic=UID%3D00000da373c99d24%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MbRsCcyQzzc-X937nk247j8I0gXtg&abxe=1&dt=1700746598920&lmt=1700746598&adxs=2279&adys=1907&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&vis=1&psz=372x650&msz=372x0&fws=1540&ohw=4000&psts=AOrYGskFHy7ULbG3PF-1XZQFZ5-j3kq44Mde4a8Lm4Jez8g-cxtCvReg0rlY78LKRmsp7ogDd297f52dzVpJJsg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1282057542.1700746597&ga_sid=1700746598&ga_hid=878563414&ga_fc=true&dlt=1700746595236&idt=1729&ppid=b1603b65-686d-4b2c-9308-86c81697bbd3&prev_scp=article_position%3D1%26pos%3Dleft%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dleft-02%26amznbid%3D2%26amznp%3D2&cust_params=veritas-iab%3D1-4%252C%252012%26tags%3Ddna%252Ccannabis%252Caddiction%252Centertainment%252C%2520culture%252Chelices%252Cbiotechnology%252Cseth%2520mendez%252Cjudy%2520robison%252Cgenetics%252Cwes%2520konner%26blogName%3Dtheonion%26channel%3Dopinion%26section%3Damerican-voices%26subsection%3D%26page%3Darticle%26postId%3D1851043563%26content_originator%3DThe%2520Onion%26veritas-segments%3D12%252C%252014&adks=1972815382&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
149d9f8ecacdff4049f9f62b61e1676f4be10be551d02a91f3e95d6d7789e7d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14238
x-xss-protection
0
google-lineitem-id
6394873656
pragma
no-cache
server
cafe
google-creative-id
676691220918
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=112609013164568&correlator=2728595865278769&eid=31079667%2C44807410%2C31079525%2C31068826%2C31078978&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Carticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=5&didk=1378598707&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1f5bc007911fdfce%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MY7TJsDQXFvX851TYDK3Nf-VAx6Pg&gpic=UID%3D00000da373c99d24%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MbRsCcyQzzc-X937nk247j8I0gXtg&abxe=1&dt=1700746598953&lmt=1700746598&adxs=2279&adys=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&vis=1&psz=372x650&msz=372x0&fws=1540&ohw=4000&psts=AOrYGskFHy7ULbG3PF-1XZQFZ5-j3kq44Mde4a8Lm4Jez8g-cxtCvReg0rlY78LKRmsp7ogDd297f52dzVpJJsg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1282057542.1700746597&ga_sid=1700746598&ga_hid=878563414&ga_fc=true&dlt=1700746595236&idt=1729&ppid=b1603b65-686d-4b2c-9308-86c81697bbd3&prev_scp=article_position%3D1%26pos%3Dleft%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dleft-01%26amznbid%3D2%26amznp%3D2&cust_params=veritas-iab%3D1-4%252C%252012%26tags%3Ddna%252Ccannabis%252Caddiction%252Centertainment%252C%2520culture%252Chelices%252Cbiotechnology%252Cseth%2520mendez%252Cjudy%2520robison%252Cgenetics%252Cwes%2520konner%26blogName%3Dtheonion%26channel%3Dopinion%26section%3Damerican-voices%26subsection%3D%26page%3Darticle%26postId%3D1851043563%26content_originator%3DThe%2520Onion%26veritas-segments%3D12%252C%252014&adks=72001929&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
873a5fb0a14d5759711a125c703204285d64bad9c7f6edad4705c06b52070627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14425
x-xss-protection
0
google-lineitem-id
6394873656
pragma
no-cache
server
cafe
google-creative-id
676691220918
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
pbs.nextmillmedia.com/ Frame DD3C
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17888&nmuid=&khaos=LPB8M0BO-E-37IV
  • https://cookies.nextmillmedia.com/setuid?bidder=rubicon&uid=LPB8M0BO-E-37IV&nmuid=
  • https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LPB8M0BO-E-37IV
86 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LPB8M0BO-E-37IV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Protocol
H2
Server
3.222.15.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-15-142.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

location
https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LPB8M0BO-E-37IV
date
Thu, 23 Nov 2023 13:36:39 GMT
server
fasthttp
content-length
0
match
events-ssc.33across.com/ Frame 82BB
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LPB8M0BO-E-37IV
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LPB8M0BO-E-37IV
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LPB8M0BO-E-37IV&ts=1700746599&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LPB8M0BO-E-37IV&ts=1700746599&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LPB8M0BO-E-37IV&ts=1700746599&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
sync
capi.connatix.com/core/ Frame 7AFC
Redirect Chain
  • https://capi.connatix.com/core/sync
  • https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
474e6165fcdc83e3fcc8a8b730b8dde0b7923ed7214b0558a7e60a6ced90cf51

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd64c9f33705-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
location
https://capi.connatix.com:443/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd643d45a208-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
27
alt-svc
h3=":443"; ma=86400
story
capi.connatix.com/core/ Frame 7AFC 		278 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=385124&cid=a2d35740-1866-416b-92dc-399b9121b597
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/385124/connatix.playspace.js?cid=a2d35740-1866-416b-92dc-399b9121b597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2171f4898cf5a342218bb38818251331c858781fe4b1bcfe99eadaedd9c1a077

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd643d4fa208-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
view
securepubads.g.doubleclick.net/pcs/ Frame C326 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvv9aFU9XZL4Ul8pwXYc3u2wonYl_-mhWKysZyVga7CPSnnd71rEqFdbES4nxU8MqEh1XkC7YXiDhl5ipWiYT0lfEJehkxXmQEyUmodXDLTcM3n-MOs2dQE_GDUW82ehVCRm2MqygQ1pjM7L9i-5XqKxzXQ26odIL8i9wlr0mbOqPdV9rKcI7L3_hNbgFqQxFv-Gpb3XRiWMn-VFVGK2u5MbyT-Pun5ZC3VsJvj8O3tUm_kMM2UzJWAOLqszroddbb1tcjo-OuTDqntIKq4qgEol6T0DYhxeEtyUZY38l-tZwohrsanWCIKnAIPkWGdMj5nsNXSiQ5rjkOyDZ6cpdI_Ro3uA6bihK9nzp1bHw&sai=AMfl-YTs9YuZcSbCn5J1sVw0t7W0qrmDgbOC8HkSGWFnGqB-BnaDl1rhGbLp6J7LgFx4QMsI_b-ry9wSd4RSPjxfWA7o4VUrvoxMlUipgzFRYf4xVG-zhx0RL57m5a0RdYtmvY-NO0vYQNnq4v4ngku-Kg&sig=Cg0ArKJSzMhyOmR5vQ9SEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync
ssp.api.tappx.com/cs/ Frame AF40 		0
428 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=1111&type=iframe&id=A387348083428015618&auxuid=
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.86.30.129 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.30.86.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 13:36:39 GMT
server
nginx
transfer-encoding
chunked
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 87D2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:29:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
22035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 07:29:24 GMT
syncframe
gum.criteo.com/ Frame 1F39 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 13:36:38 GMT
server
Kestrel
server-processing-duration-in-ticks
302578
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 13:36:39 GMT
truncated
/ Frame C326 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61f205d98877a85268716f3dcd1e97cffe19d5859eefe913e78c5e0f0a9d0045

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame BF92 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=931294&campId=1x1&pubId=5282684063&chanId=22443057970&placementId=6249408446&pubCreative=138425937821&pubOrder=3169522532&cb=1076801462&adsafe_par&impId=5340f6ff-8a05-11ee-a94c-0a1c55ec3143&custom2=top&custom3=&custom4=american-voices&custom5=top-01
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.169.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-169-211.compute-1.amazonaws.com
Software
/
Resource Hash
88c5ec294f1f31163f92cca93ce7c0acebd116499b43ead97efe19b812d54a68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
7089951_728x90_63a35f0fbdd69.html
ads.brandcdn.com/html/ Frame 9771 		0
0
ca
choices.truste.com/ Frame 6314 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=brandcdn01&aid=brandcdn01&cid=0701&c=brandcdn01cont2&w=728&h=90
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.37.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-37-59.msp50.r.cloudfront.net
Software
nginx /
Resource Hash
b9fc990d244876c09678eb4be0e873af04226c91b4db2f36abe17b0959d88896
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:11:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 eb8a8ec41062dc1c67652a4d3c5cb7ce.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop
MSP50-C1
cross-origin-embedder-policy
unsafe-none
age
30309
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
max-age=3600
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
LgQkOeHlzDwYGwAXnIvsnyYpzQqTUy51rFoxxNbAjlBnETy0XvOIzw==
expires
Thu, 23 Nov 2023 06:11:30 GMT
gomedia
ny1-bid.adsrvr.org/bid/feedback/ Frame 6314 		807 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ny1-bid.adsrvr.org/bid/feedback/gomedia?t=1&iid=5a18a223-56f6-481c-bd7f-3dedf484952f&crid=4cafjgm0&wp=0.65&aid=6ab45fd98812bb&wpc=USD&sfe=1796d565&puid=&tdid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&pid=nc31odz&ag=s4ihwt5&adv=1uz7dj6&sig=1v5i74il8tAfOsnMQ0ZoVU_1rm4Vq7kCGfqTLr1eW2MI.&bp=0.7&cf=4404119&fq=0&td_s=www.theonion.com&rcats=&mste=theonion.com&mfld=4&mssi=&mfsi=&uhow=104&agsa=&rgz=14202&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=1&did=&rcxt=Other&lat=42.886700&lon=-78.892700&tmpc=4.760000000000048&daid=&vp=0&osi=&osv=&bffi=41&c=Cg1Vbml0ZWQgU3RhdGVzEghOZXcgWW9yaxoDNTE0IgdCdWZmYWxvOAFQAYABAIgBAZABALABALoBBAhBGASSAhdmbWcub25pb24vYXJ0aWNsZS8xL3RvcNgCiA7gAogO-AIBgAMBiAMDkAMBmAMEoAM9uAP40AQ.&dur=CkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQpICiFjaGFyZ2UtYWxsTW9hdFZpZXdhYmlsaXR5VHJhY2tpbmciIwil__________8BEg5tb2F0LXJlcG9ydGluZyoGCKCNBhgM&durs=A8szsB&crrelr=&fpa=929&pcm=3&said=59604c1a536853&ict=Unknown&auct=1&us_privacy=1YNY&im=1&mc=d6657e39-a489-47ff-86ff-a52f95f4bfa6&abr=f4f033ad-3ee9-4d4d-bbb0-3baa6ea0aaab&tail=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:38 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type
image/gif
cache-control
must-revalidate, no-cache
x-connection
close
dv-measurements4951.js
cdn.doubleverify.com/ Frame 6108 		424 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements4951.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da4e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
987fe342842bc4545e33dddba53fc214b1b848407b78317538dcf573fa0dae82

Request headers

accept-language
en-US,en;q=0.9
Referer
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 13:36:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 10:52:29 GMT
Server
UploadServer
ETag
"b47e628f652d93d0e7ba169948af091c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102052
Expires
Fri, 22 Nov 2024 13:36:39 GMT
container.html
16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 585F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
Fri, 22 Nov 2024 13:36:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
getuid
prebid.a-mo.net/ Frame 993C 		51 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/getuid
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
4aa1404542fa3f3e70d6da6348b75d0b621530c7a85b54eac5aa8939ccde43b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
content-encoding
gzip
server
envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
insights.bin
ins.connatix.com/afa9ca6c-aaa2-4fcb-b73f-26a17e0674ee/9dd3569b-a2c6-4da9-b9e3-1effc9c35114/ Frame 7AFC 		720 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/afa9ca6c-aaa2-4fcb-b73f-26a17e0674ee/9dd3569b-a2c6-4da9-b9e3-1effc9c35114/insights.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/385124/connatix.playspace.js?cid=a2d35740-1866-416b-92dc-399b9121b597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2282de7dd39d50d8442171f6a65c3baf5ac1cb7ced8986e90969401220833cc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 02:10:09 GMT
server
cloudflare
etag
W/"12540766ca4fe4e02e9e983be75fcd71"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary
Accept-Encoding
cf-ray
82a9cd66cf55711d-YYZ
alt-svc
h3=":443"; ma=86400
expires
Fri, 22 Nov 2024 13:36:39 GMT
insights.bin
ins.connatix.com/86dddcd1031814cb380a722de6e7e357/ Frame 7AFC 		432 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/86dddcd1031814cb380a722de6e7e357/insights.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/385124/connatix.playspace.js?cid=a2d35740-1866-416b-92dc-399b9121b597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61a0a49fed8dff3a292570a50238b28b4e75e2c4774f495cb21bdeb294377877

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 11:46:25 GMT
server
cloudflare
etag
W/"f67e95630ae13303527917794323210f"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary
Accept-Encoding
cf-ray
82a9cd66cf53711d-YYZ
alt-svc
h3=":443"; ma=86400
expires
Fri, 22 Nov 2024 13:36:39 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0
  • https://cks.connatix.com/cks?pid=17&ev=1cdad28202b44ab296a78c54a72058de&pname=Index&api-tier=2&uid=ZV9VZf8jDOcP96AbbzfkBwAA%261434
139 B
215 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=17&ev=1cdad28202b44ab296a78c54a72058de&pname=Index&api-tier=2&uid=ZV9VZf8jDOcP96AbbzfkBwAA%261434
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a561acf20c80d0e93d0b51057c061a12d94df43993a673fbbd117da8619e435

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd67a903ab3b-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfUhlq7RnbjXdukTfrCb%2Bl%2BMBVjUhv6tyJG6eMO%2BrdoG8LePpJS0KsIpVYo74MVxZTE5bLxsepLal2rua9SiIvyzQBQ1eoVfIkWdln1JupOqDuKlkO6%2F%2FVc4q%2BpeULxNqpJItSGh"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cks.connatix.com/cks?pid=17&ev=1cdad28202b44ab296a78c54a72058de&pname=Index&api-tier=2&uid=ZV9VZf8jDOcP96AbbzfkBwAA%261434
cache-control
no-cache
cf-ray
82a9cd66794138e2-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&g...
  • https://cks.connatix.com/cks?pid=15&ev=1cdad28202b44ab296a78c54a72058de&pname=Beeswax&api-tier=2&uid=AAAWOk7KvqsAABKdyZEUAg&gdpr=0
132 B
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=15&ev=1cdad28202b44ab296a78c54a72058de&pname=Beeswax&api-tier=2&uid=AAAWOk7KvqsAABKdyZEUAg&gdpr=0
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
331c47ff8e151f258db82054e6d8804270d2c0a86e16066c8088d81e3926a3a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd690d2539fa-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=15&ev=1cdad28202b44ab296a78c54a72058de&pname=Beeswax&api-tier=2&uid=AAAWOk7KvqsAABKdyZEUAg&gdpr=0
Date
Thu, 23 Nov 2023 13:36:39 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
  • https://cks.connatix.com/cks?pid=19&uid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&ttl=1703338599
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&ttl=1703338599
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b98d95af25f18c7fe2c980e823c821e161c40b96a2eaeed91f7579079edec9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd690d2939fa-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=19&uid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&ttl=1703338599
date
Thu, 23 Nov 2023 13:36:39 GMT
server
Kestrel
content-length
213
cks
cks.connatix.com/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DAmobee%26api-tier%3D2%26uid%3D%23USER_ID%23&gdpr=0
  • https://cks.connatix.com/cks?pid=21&ev=1cdad28202b44ab296a78c54a72058de&pname=Amobee&api-tier=2&uid=2987841845179767085
129 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=21&ev=1cdad28202b44ab296a78c54a72058de&pname=Amobee&api-tier=2&uid=2987841845179767085
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d701190a502bc9725aab905fe64e7a49570dbb131b4f6d731ab295e7d427240d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd690d2a39fa-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=21&ev=1cdad28202b44ab296a78c54a72058de&pname=Amobee&api-tier=2&uid=2987841845179767085
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cks
cks.connatix.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=25&ev=1cdad28202b44ab296a78c54a72058de&pname=TripleLift&api-tier=2&uid=659112826076576016317
131 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=25&ev=1cdad28202b44ab296a78c54a72058de&pname=TripleLift&api-tier=2&uid=659112826076576016317
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
172fcbf830c923bc6f0f32a1f4209fb7a44a404109185507477e94b99bc6bacc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd690d2b39fa-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=25&ev=1cdad28202b44ab296a78c54a72058de&pname=TripleLift&api-tier=2&uid=659112826076576016317
date
Thu, 23 Nov 2023 13:36:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DAppNexus%26api-tier%3D2%26uid%3D%24UID=&gdpr=0
  • https://cks.connatix.com/cks?pid=6&ev=1cdad28202b44ab296a78c54a72058de&pname=AppNexus&api-tier=2&uid=5965519997845925682=&gdpr=0
129 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=6&ev=1cdad28202b44ab296a78c54a72058de&pname=AppNexus&api-tier=2&uid=5965519997845925682=&gdpr=0
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23daa7b41d0b751075c80cfef447e6480be14ee5f8098018d4c9b7cf19464bbd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd690d2d39fa-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
an-x-request-uuid
35064181-df78-46e7-a3a1-acd11ff9fede
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cks.connatix.com/cks?pid=6&ev=1cdad28202b44ab296a78c54a72058de&pname=AppNexus&api-tier=2&uid=5965519997845925682=&gdpr=0
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
capi.connatix.com/us/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7994213480
  • https://sync.1rx.io/usersync/tradedesk/f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
  • https://sync.targeting.unrulymedia.com/csync/RX-905b5109-b08e-4801-96f3-68aa3693ea87-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpuid%3DRX-905b5109-b08e-4801-96f3-68aa3693ea87-005%26pI...
  • https://capi.connatix.com/us/pixel?puid=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005&pId=44
82 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/us/pixel?puid=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005&pId=44
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82a9cd6a3a7b3705-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Thu, 23 Nov 2023 13:36:40 GMT
Server
Tengine
ETag
RX905b5109b08e480196f368aa3693ea87005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://capi.connatix.com/us/pixel?puid=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005&pId=44
Content-Type
text/html
Connection
keep-alive
pixel
capi.connatix.com/us/
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=6&gdpr=0&gdpr_consent=null
  • https://capi.connatix.com/us/pixel?puid=1520263800190791698&pId=40&gdpr=0&gdpr_consent=
82 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/us/pixel?puid=1520263800190791698&pId=40&gdpr=0&gdpr_consent=
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82a9cd681f243705-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://capi.connatix.com/us/pixel?puid=1520263800190791698&pId=40&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 13:36:39 GMT
content-length
0
usync.html
eus.rubiconproject.com/ Frame DDBB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
281 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 13:36:39 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Nov 2023 13:36:39 GMT
location
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
server
AkamaiGHost
/
de.tynt.com/deb/ Frame 96A2
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D1cdad28202b44ab296a78c54a72058de%26DemandPartnerN...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D1cdad28202b44ab296a78c54a72058de%26DemandPartnerName%3D_3...
2 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D1cdad28202b44ab296a78c54a72058de%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2207
content-type
text/html
date
Thu, 23 Nov 2023 13:36:39 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D1cdad28202b44ab296a78c54a72058de%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8340000A
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A073 		16 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1cdad28202b44ab296a78c54a72058de%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.124.197 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-124-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19345
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 13:36:39 GMT
expires
Thu, 23 Nov 2023 18:59:04 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cks
cks.connatix.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DPulsePoint%26api-tier%3D2%26uid%3D%...
  • https://cks.connatix.com/cks?pid=13&ev=1cdad28202b44ab296a78c54a72058de&pname=PulsePoint&api-tier=2&uid=0lkYl0LklrOt
122 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=13&ev=1cdad28202b44ab296a78c54a72058de&pname=PulsePoint&api-tier=2&uid=0lkYl0LklrOt
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9707f772e8ea465acee8bfd60b35241df73313ab22bd6b10f8370af296a3789

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd690d2e39fa-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cks.connatix.com/cks?pid=13&ev=1cdad28202b44ab296a78c54a72058de&pname=PulsePoint&api-tier=2&uid=0lkYl0LklrOt
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-sqmgx
expires
-1
cks
cks.connatix.com/
Redirect Chain
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DCrimtan%26api-tier%3D2%26uid%3D%5Buser_id%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=28&ev=1cdad28202b44ab296a78c54a72058de&pname=Crimtan&api-tier=2&uid=b4c58cf361b34d86bbea2a63ad8d7462
142 B
155 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=28&ev=1cdad28202b44ab296a78c54a72058de&pname=Crimtan&api-tier=2&uid=b4c58cf361b34d86bbea2a63ad8d7462
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac53a487a5a797ab1fa012487604379c9efdca01255ec27e472d25b86fe91bf2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd682988ab3b-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cks.connatix.com/cks?pid=28&ev=1cdad28202b44ab296a78c54a72058de&pname=Crimtan&api-tier=2&uid=b4c58cf361b34d86bbea2a63ad8d7462
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DLoopMe%26api-tier%3D2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
  • https://cks.connatix.com/cks?pid=18&ev=1cdad28202b44ab296a78c54a72058de&pname=LoopMe&api-tier=2&uid=7e5c97a5-6a6a-4c79-a636-1ad4942b5056&pubid=11186&gdpr=0
146 B
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=18&ev=1cdad28202b44ab296a78c54a72058de&pname=LoopMe&api-tier=2&uid=7e5c97a5-6a6a-4c79-a636-1ad4942b5056&pubid=11186&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
071ce5423fca7948a1ab7cc4b23443dd6069e6799697e402b2b136d9e7348bef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd69ae3139fa-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=18&ev=1cdad28202b44ab296a78c54a72058de&pname=LoopMe&api-tier=2&uid=7e5c97a5-6a6a-4c79-a636-1ad4942b5056&pubid=11186&gdpr=0
date
Thu, 23 Nov 2023 13:36:39 GMT
server
_
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D1cdad28...
  • https://cks.connatix.com/cks?pid=9&ev=1cdad28202b44ab296a78c54a72058de&pname=Centro&api-tier=2&uid=9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553&gdpr=0
159 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=9&ev=1cdad28202b44ab296a78c54a72058de&pname=Centro&api-tier=2&uid=9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fa6f549066891742de3426a34d3ed3936be8f7d64d0cc7bb0a878b81ba8cfe7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:40 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd6a0eaa39fa-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 23 Nov 2023 13:36:39 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://cks.connatix.com/cks?pid=9&ev=1cdad28202b44ab296a78c54a72058de&pname=Centro&api-tier=2&uid=9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553&gdpr=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DYieldMo%26api-tier%3D2%26uid%3D%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=39&ev=1cdad28202b44ab296a78c54a72058de&pname=YieldMo&api-tier=2&uid=3F30DVV880VBCWyYXWKp&gdpr=0
130 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=39&ev=1cdad28202b44ab296a78c54a72058de&pname=YieldMo&api-tier=2&uid=3F30DVV880VBCWyYXWKp&gdpr=0
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b434478154680177f290f57d45c6cd971cfd79eb8d4f02f8790be01a65aedf30

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd690d2f39fa-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cks.connatix.com/cks?pid=39&ev=1cdad28202b44ab296a78c54a72058de&pname=YieldMo&api-tier=2&uid=3F30DVV880VBCWyYXWKp&gdpr=0
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=1cdad28202b44ab296a78c54a72058de&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DTel...
  • https://cks.connatix.com/cks?pid=5&ev=1cdad28202b44ab296a78c54a72058de&pname=Telaria&api-tier=2&uid=88847728943745d39fa115a314d9380b
141 B
155 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=5&ev=1cdad28202b44ab296a78c54a72058de&pname=Telaria&api-tier=2&uid=88847728943745d39fa115a314d9380b
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a51c8a7344ede4ea746cb64a64c59b6a81a898a408ad59a155f30054f02063a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd681982ab3b-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=5&ev=1cdad28202b44ab296a78c54a72058de&pname=Telaria&api-tier=2&uid=88847728943745d39fa115a314d9380b
date
Thu, 23 Nov 2023 13:36:39 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
us
capi.connatix.com/core/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=bd9676847ce152021c622d16cba02c&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
0
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=bd9676847ce152021c622d16cba02c&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd6908ac3705-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 13:36:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=bd9676847ce152021c622d16cba02c&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700746599444026-308
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 0C35 		414 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d1cdad28202b44ab296a78c54a72058de%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.147.116.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.theonion.com/
content-length
414
content-type
text/html
date
Thu, 23 Nov 2023 13:36:39 GMT
server
istio-envoy
x-envoy-upstream-service-time
5
sync.min.js
tags.crwdcntrl.net/lt/c/17331/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.37.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-37-107.msp50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:35:02 GMT
content-encoding
gzip
via
1.1 509be83b42e7617de2138b6e66f1a494.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 16:12:35 GMT
server
AmazonS3
x-amz-cf-pop
MSP50-C1
age
18098
x-amz-server-side-encryption
AES256
etag
W/"24dc2bbea0cff17e96e133440043ddb8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
6vuuAXYl_qIQavNqpQleGzRZDBSTY9OqpGOhHg3Ty8ABMbmPnfwMGA==
cks
cks.connatix.com/
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr...
  • https://cks.connatix.com/cks?pid=1&ev=1cdad28202b44ab296a78c54a72058de&pname=SundaySky&api-tier=2&uid=d6.2c767aa1dcbf4caca524c8ef8d8d5ea2
144 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=1&ev=1cdad28202b44ab296a78c54a72058de&pname=SundaySky&api-tier=2&uid=d6.2c767aa1dcbf4caca524c8ef8d8d5ea2
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d4c414236f823c70ca9fa12d8bbb8fbc0d01d1c592444921b8da61b63c05052

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd69ae3339fa-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=1&ev=1cdad28202b44ab296a78c54a72058de&pname=SundaySky&api-tier=2&uid=d6.2c767aa1dcbf4caca524c8ef8d8d5ea2
date
Thu, 23 Nov 2023 13:36:39 GMT
x-content-type-options
nosniff
content-length
0
x-frame-options
DENY
cks
cks.connatix.com/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DResetDigital%26api-tier%3D2%26uid%3D%24USER_I...
  • https://cks.connatix.com/cks?pid=35&ev=1cdad28202b44ab296a78c54a72058de&pname=ResetDigital&api-tier=2&uid=0000011E2DCE1E8E
126 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=35&ev=1cdad28202b44ab296a78c54a72058de&pname=ResetDigital&api-tier=2&uid=0000011E2DCE1E8E
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df09d9c7cc7b35e4964773eb56e92a988fb114affe4d1599a2eb3815c5bc505

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd682984ab3b-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=35&ev=1cdad28202b44ab296a78c54a72058de&pname=ResetDigital&api-tier=2&uid=0000011E2DCE1E8E
date
Thu, 23 Nov 2023 13:36:39 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
content-type
text/html
cks
cks.connatix.com/
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DSonobi%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=43&ev=1cdad28202b44ab296a78c54a72058de&pname=Sonobi&api-tier=2&uid=8ad7315b-ac9b-4399-b1f5-5c9722c9ea70
146 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=43&ev=1cdad28202b44ab296a78c54a72058de&pname=Sonobi&api-tier=2&uid=8ad7315b-ac9b-4399-b1f5-5c9722c9ea70
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
484fa814e948a64ef999027bde96c0fdb6e86f9aaf0dd154e7599273888f8550

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd682986ab3b-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-11
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cks.connatix.com/cks?pid=43&ev=1cdad28202b44ab296a78c54a72058de&pname=Sonobi&api-tier=2&uid=8ad7315b-ac9b-4399-b1f5-5c9722c9ea70
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://xsync.iqzone.com/psync?t=s&e=376&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D42%26ev%3D1cdad28202b44ab296a78c54a72058de%26pname%3DIqZone%26api-tier%3D2%26uid%3D%25USER_ID%25&gdpr=0
  • https://cks.connatix.com/cks?pid=42&ev=1cdad28202b44ab296a78c54a72058de&pname=IqZone&api-tier=2&uid=229745e4-8b4f-4753-ba4b-cedaad9831c8
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=42&ev=1cdad28202b44ab296a78c54a72058de&pname=IqZone&api-tier=2&uid=229745e4-8b4f-4753-ba4b-cedaad9831c8
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9de0fd013e4116ba8319df093bd09ec00badec0c95a758034e7faab0f1bbf21

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd69ae2a39fa-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Thu, 23 Nov 2023 13:36:39 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://cks.connatix.com/cks?pid=42&ev=1cdad28202b44ab296a78c54a72058de&pname=IqZone&api-tier=2&uid=229745e4-8b4f-4753-ba4b-cedaad9831c8
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cks
cks.connatix.com/
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D1cdad28202b44...
  • https://cks.connatix.com/cks?pid=29&ev=1cdad28202b44ab296a78c54a72058de&pname=Adelphic&api-tier=2&uid=72374bf9-0da0-4f2c-a88a-08aa198513d1
146 B
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=29&ev=1cdad28202b44ab296a78c54a72058de&pname=Adelphic&api-tier=2&uid=72374bf9-0da0-4f2c-a88a-08aa198513d1
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e15e5e1952863ef4da5019b170e2ef4a9d4278ff616864406716a736a07fb1ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd69ae3639fa-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

Location
https://cks.connatix.com/cks?pid=29&ev=1cdad28202b44ab296a78c54a72058de&pname=Adelphic&api-tier=2&uid=72374bf9-0da0-4f2c-a88a-08aa198513d1
Date
Thu, 23 Nov 2023 13:36:39 GMT
Connection
keep-alive
X-CI-RTID
e3099507-63d5-4cf1-861d-820811d4f727
Content-Length
177
Content-Type
text/html; charset=utf-8
us
capi.connatix.com/core/ Frame 7AFC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d1cdad282...
  • https://capi.connatix.com/core/us?DemandPartner=8&UserId=1cdad28202b44ab296a78c54a72058de&DemandPartnerName=OpenX&tier=2&DemandPartnerUserId=7dd8b5de-36e2-0b20-03cd-402e87d7ca53
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=8&UserId=1cdad28202b44ab296a78c54a72058de&DemandPartnerName=OpenX&tier=2&DemandPartnerUserId=7dd8b5de-36e2-0b20-03cd-402e87d7ca53
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd685f8c3705-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://capi.connatix.com/core/us?DemandPartner=8&UserId=1cdad28202b44ab296a78c54a72058de&DemandPartnerName=OpenX&tier=2&DemandPartnerUserId=7dd8b5de-36e2-0b20-03cd-402e87d7ca53
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us
capi.connatix.com/core/ Frame 7AFC
Redirect Chain
  • https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D31%26UserId%3D1cdad28202b44ab296a78c54a72058de%26DemandPartnerName%3DMediaNet%26tier...
  • https://capi.connatix.com/core/us?DemandPartner=31&UserId=1cdad28202b44ab296a78c54a72058de&DemandPartnerName=MediaNet&tier=2&DemandPartnerUserId=3437481986634263000V10
0
0
712202.gif
id.rlcdn.com/ Frame 7AFC 		42 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/712202.gif?cparams=1cdad28202b44ab296a78c54a72058de&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
report
capi.connatix.com/us/google/ Frame 7AFC
Redirect Chain
  • https://capi.connatix.com/us/google/pixel?tier=2&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=MWNkYWQyODIwMmI0NGFiMjk2YTc4YzU0YTcyMDU4ZGU&extra1=1cdad28202b44ab296a78c54a72058de&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix....
  • https://capi.connatix.com/us/google/report?extra1=1cdad28202b44ab296a78c54a72058de&gdpr=0
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/google/report?extra1=1cdad28202b44ab296a78c54a72058de&gdpr=0
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82a9cd679e333705-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://capi.connatix.com/us/google/report?extra1=1cdad28202b44ab296a78c54a72058de&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cks
cks.connatix.com/ Frame 7AFC
Redirect Chain
  • https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=1cdad28202b44ab296a78c54a72058de&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D34%26ev%3D1cdad28202b44ab296a78c54a72058de...
  • https://cks.connatix.com/cks?pid=34&ev=1cdad28202b44ab296a78c54a72058de&pname=Colossus&api-tier=2&uid=fa0145d5-6dea-41c2-a612-b0ded0b2e3af
0
0
idl.js
assets.a-mo.net/js/ Frame 993C 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=www.theonion.com&e=27&uid=cddbd60e-5371-4e27-8ec9-892f1ea338ba
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
via
1.1 cfcfb1d8fbf5ce2b107182799687a614.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
YTO50-P2
age
434
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 02 Nov 2023 21:08:31 GMT
server
cloudflare
etag
W/"771a6a92588a8fb45e42a04fa3fe9ddd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
82a9cd66cd5c4bd5-BUF
x-amz-cf-id
Bc-Wp3jP_HXTgtNwffcEEQJY-zZd2sJsA63A2jrQiQHsMiWzMogkxg==
expires
Thu, 23 Nov 2023 14:36:39 GMT
b
c3.a-mo.net/ Frame 993C
Redirect Chain
  • https://id.a-mx.com/sync?tao=1&&do=www.theonion.com
  • https://c3.a-mo.net/b?uid=7fade971-a5a2-4e70-83be-ba1535b28ce7&sh=id.a-mx.com&
0
0
usync.html
eus.rubiconproject.com/ Frame 422E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
281 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://prebid.a-mo.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 13:36:39 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Nov 2023 13:36:39 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
server
AkamaiGHost
setuid
pbs.nextmillmedia.com/ Frame 993C
Redirect Chain
  • https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&uid=cddbd60e-5371-4e27-8ec9-892f1ea338ba&do=www.theonion.com
  • https://pbs.nextmillmedia.com/setuid?bidder=amx&uid=cddbd60e-5371-4e27-8ec9-892f1ea338ba
0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=amx&uid=cddbd60e-5371-4e27-8ec9-892f1ea338ba
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
3.222.15.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-15-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://pbs.nextmillmedia.com/setuid?bidder=amx&uid=cddbd60e-5371-4e27-8ec9-892f1ea338ba
date
Thu, 23 Nov 2023 13:36:39 GMT
server
fasthttp
content-length
0
setuid
prebid.a-mo.net/ Frame 993C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=cddbd60e-5371-4e27-8ec9-892f1ea338ba&gdpr=0&us_privacy=1---&gpp={{.GPP}}
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=adaptmx&user_id=k-TEii7cmCzeayN0ph2ge6CAe-ig2KgOm71lqMUQ&gdpr=0&gdpr_consent=
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=0&gdpr_consent=&us_privacy=
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=cce8f51c-6cfc-41c9-b958-7247d6a4d2e8&gdpr=0&gdpr_consent=&us_privacy=
Date
Thu, 23 Nov 2023 13:36:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame 993C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=cddbd60e-5371-4e27-8ec9-892f1ea338ba
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-Q4ti76pE2uGP73LP.X5fK6h2bhsFufcTVnWIX3Y-~A
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-Q4ti76pE2uGP73LP.X5fK6h2bhsFufcTVnWIX3Y-~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-Q4ti76pE2uGP73LP.X5fK6h2bhsFufcTVnWIX3Y-~A
date
Thu, 23 Nov 2023 13:36:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid.a-mo.net/ Frame 993C
Redirect Chain
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&gpp={{.GPP}}&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%26bidder%3Damx_com%26uid%3D
  • https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=amx_com&uid=
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=amx_com&uid=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=amx_com&uid=
date
Thu, 23 Nov 2023 13:36:38 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 993C
Redirect Chain
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=openx&uid=883c4ab6-26e1-0526-2650-2307920763a0
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=openx&uid=883c4ab6-26e1-0526-2650-2307920763a0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=openx&uid=883c4ab6-26e1-0526-2650-2307920763a0
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
setuid
prebid.a-mo.net/ Frame 993C
Redirect Chain
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&gpp={{.GPP}}&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%26bidder%3Dadform%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=adform&uid=9047554035501915527
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=adform&uid=9047554035501915527
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=adform&uid=9047554035501915527
date
Thu, 23 Nov 2023 13:36:39 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
prebid.a-mo.net/ Frame 993C
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%26bidder%3Dsmartads...
  • https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=smartadserver&uid=1520263800190791698
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=smartadserver&uid=1520263800190791698
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=smartadserver&uid=1520263800190791698
date
Thu, 23 Nov 2023 13:36:38 GMT
content-length
0
pubmaticmatch
match.adsby.bidtheatre.com/ Frame 993C
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
0
0
setuid
prebid.a-mo.net/ Frame 993C
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?us_privacy=1---&A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=index_rtb&uid=ZV9VZf8jDOcP96AbbzfkBwAA%261434
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?us_privacy=1---&A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=index_rtb&uid=ZV9VZf8jDOcP96AbbzfkBwAA%261434
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pzYiFAg0dG9LwUHSnmcWMIvAoP6EZzlvzQPZRthERYf3Zic4LavdYP3jrqj9T2goId1GMxDMUbnvSwHex1sjxf3ejuGEC0zdy7UGc8rseN4yfUMWOyQ4doRU%2FVf3PXifVsgtPIt"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?us_privacy=1---&A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=index_rtb&uid=ZV9VZf8jDOcP96AbbzfkBwAA%261434
cache-control
no-cache
cf-ray
82a9cd66d9d338e2-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame 993C
Redirect Chain
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&gpp={{.GPP}}&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=sovrn&uid=HtFwhRZHc4ldxZ4dTD-iUtLg
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=sovrn&uid=HtFwhRZHc4ldxZ4dTD-iUtLg
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:38 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Thu, 23 Nov 2023 13:36:39 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=sovrn&uid=HtFwhRZHc4ldxZ4dTD-iUtLg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame 993C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dcddbd60e-5371-4e27-8ec9-892f1ea338ba%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=appnexus&uid=5965519997845925682
0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=appnexus&uid=5965519997845925682
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
an-x-request-uuid
ccdb0f2d-0940-4f1c-b5dc-af96792cfe8d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid.a-mo.net/setuid?A=cddbd60e-5371-4e27-8ec9-892f1ea338ba&bidder=appnexus&uid=5965519997845925682
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 993C 		0
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=cddbd60e-5371-4e27-8ec9-892f1ea338ba&do=www.theonion.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.105 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-length
0
content-type
text/html
setuid
ib.adnxs.com/prebid/ Frame 993C 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=cddbd60e-5371-4e27-8ec9-892f1ea338ba&do=www.theonion.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_n-Tappx_n-sharethrough_pm-db5_ym_rbd_n-vmg_n-nativo_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
an-x-request-uuid
983dd54a-f5e3-4447-9c25-070ff7548007
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 1F39
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=hCcQLHxZNUMxVEdYMWc1V2k3V2E1ZkNkOWJOZFBIeW1tbEZJT0tFczlvTElKWmRQNHlvbm5BUVhXZ0ZaclFaWXZ0NjNxU0U2dDg0TWRydHp2RGxScWtSU2dNOHFOUFBOanFtS01KZkEwVlJmTUYyNjAxRDBYOGNUeklrRE...
0
0
container.html
16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 20A5 		6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
Fri, 22 Nov 2024 13:36:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bl-cf1706d-0277468f.js
tagan.adlightning.com/gomedia/ Frame 585F 		0
0
b-cf1706d-4a4114ab.js
tagan.adlightning.com/gomedia/ Frame 585F 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 585F 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 585F 		0
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 585F 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 585F 		0
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 585F 		0
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 585F 		0
0
cap
choices.trustarc.com/ Frame 6314 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=brandcdn01&pid=brandcdn01&cid=0701&w=728&h=90&c=752a
Requested by
Host: 16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
URL: https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.202.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-202-117.msp50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:45:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
via
1.1 b36843a7bd4212fd735b5bd31b22784a.cloudfront.net (CloudFront)
x-amz-cf-pop
MSP50-C2
cross-origin-embedder-policy
unsafe-none
age
3067
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
max-age=3600
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
rl2_SZYhauKcZqf8Z-VtaDwyMIoVLo1IQZDhePRSgi4jxXNhAR3E2w==
expires
Thu, 23 Nov 2023 13:45:32 GMT
cksync.php
contextual.media.net/ Frame 0C35 		53 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d1cdad28202b44ab296a78c54a72058de%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 13:36:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 23 Nov 2023 13:36:39 GMT
us
capi.connatix.com/core/ Frame 0C35
Redirect Chain
  • https://cks.connatix.com/cks?pid=24&ev=1cdad28202b44ab296a78c54a72058de&pname=IronSource&api-tier=2&uid=x53NyBr-kp_s&direct=1
  • https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=x53NyBr-kp_s&UserId=&tier=2
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=x53NyBr-kp_s&UserId=&tier=2
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d1cdad28202b44ab296a78c54a72058de%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a9cd681f1a3705-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 23 Nov 2023 13:36:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
location
https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=x53NyBr-kp_s&UserId=&tier=2
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82a9cd679901ab3b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
usync.js
eus.rubiconproject.com/ Frame DDBB 		0
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 7AFC 		43 B
979 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=372401555&pcid=1cdad28202b44ab296a78c54a72058de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21fa:ae00:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:39 GMT
via
1.1 a69dfa505dbe2e8eeb459da62facb688.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
MSP50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
uxkAZIE6DhfLKZKQJERqEVT9TH7W8JJ6IopIf1l2d2BArKrxpc-ouA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 7AFC
Redirect Chain
  • https://i.liadm.com/s/81549?bidder_id=246480&bidder_uuid=1cdad28202b44ab296a78c54a72058de
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
ccedd771010e2ec3efa4628ba8662f67cb82cbedd83280325d89efd345be9bef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30397
x-xss-protection
0
server
cafe
etag
540 / 19684 / 31079744 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 13:36:39 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 7AFC 		0
0
9dd3569b-a2c6-4da9-b9e3-1effc9c35114.bin
vid.connatix.com/pid-10de8f06-8162-486c-a4a7-d7f5e69a6971/afa9ca6c-aaa2-4fcb-b73f-26a17e0674ee/ Frame 7AFC 		0
0
usync.js
eus.rubiconproject.com/ Frame 422E 		0
0
main.19.8.461.js
static.adsafeprotected.com/ Frame BF92 		0
0
visit.js
tps.doubleverify.com/ Frame 6108 		0
0
container.html
16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 801B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 13:36:38 GMT
expires
Fri, 22 Nov 2024 13:36:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
id.rtb.mx/ Frame 993C 		0
0
/
ssc-cms.33across.com/ps/ Frame 2E97 		0
0
/
ssc-cms.33across.com/ps/ Frame 96A2 		0
0
generic
match.adsrvr.org/track/cmf/ Frame 96A2 		0
0
/
ssc-cms.33across.com/ps/ Frame 96A2 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 96A2 		0
0
sync
sync.srv.stackadapt.com/ Frame 96A2 		0
0
/
ssc-cms.33across.com/ps/ Frame 96A2 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame C326 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C326 		0
0
iev
csm.va.us.criteo.net/ Frame 1F39 		0
0
iex
csm.va.us.criteo.net/ Frame 1F39 		0
0
map
bcp.crwdcntrl.net/6/ 		235 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.54.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-54-186.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1fc0e29f0364ed9462fd1d4a90916a58da3133b2bcf50cd2fb7cd32c21f2fb20

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache
x-server
10.40.49.39
access-control-allow-credentials
true
content-length
235
expires
0
mbox
vidanalytics.taboola.com/putes/ 		2 B
150 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vidanalytics.taboola.com/putes/mbox
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-cache-hits
0
date
Thu, 23 Nov 2023 13:36:40 GMT
via
1.1 varnish
x-backend-name
5i41NEgLZrTBnTzubPzIMu--F_NLB_STAGING001
server
nginx
x-timer
S1700746601.539470,VS0,VE166
x-cache
MISS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-served-by
cache-yyz4550-YYZ
crum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5965519997845925682&us_privacy=1YNY
43 B
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5965519997845925682&us_privacy=1YNY
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvlmvNCDXm8rcLv1FB8iLzlSzwzF8qGx25PxGQ5mu0fmzhQ2KtP%2Fmvz2lLgYlL4e9C1KKToeVs%2B6QNiMpR2PfqeAfy7pwk8b5lmrpNHXUIHbqf0W63KiMqlypDi320plOukjL7iMAZLyzyJxvja3JLDx1po%2BQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a9cd6e3a814bcd-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:40 GMT
an-x-request-uuid
01198737-dca5-4ad6-8244-249f6517f86a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5965519997845925682&us_privacy=1YNY
x-proxy-origin
96.9.249.38; 96.9.249.38; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=161204&us_privacy=1YNY
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:36:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
xuid
eb2.3lift.com/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&us_privacy=1YNY&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Nov 2023 13:36:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&dongle=0cfd&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 13:36:40 GMT
server
Kestrel
content-length
251
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://match.adsrvr.org/track/usersync?us_privacy=1YNY&gdpr=0&gdpr_consent=undefined&ust=image
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
34.236.96.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-96-120.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
beacon-n021-ash-prod.krxd.net
date
Thu, 23 Nov 2023 13:36:40 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1700746600
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
date
Thu, 23 Nov 2023 13:36:40 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a015-ash-prod.krxd.net
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FBJXBGD4M8&gtm=45je3b81v9113953751z8894640252&_p=1700746596416&gcd=11l1l1l1l1&dma=0&cid=1282057542.1700746597&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700746597&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonion.com%2Fstudy-finds-link-between-dna-and-cannabis-addiction-1851043563&dt=Study%20Finds%20Link%20Between%20DNA%20And%20Cannabis%20Addiction&en=page_load_time&epn.loading_time_sec=1.92&_et=7&tfd=8114
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 13:36:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=about%3Ablank&pid=MRpoirP3cqE2r&cb=4&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-8%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Farticle_top-banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%2239377393-f313-479d-97cf-ac257399d457%22%2C%22lotame%22%3A%22a4a3877ba45b8733e12f88f92a9da9fb927aeb9d85f88755a815cea44a3decf2%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.97.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-97-132.msp50.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:37:02 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f43ae31ebd011dd2296923e420a7df3c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MSP50-P1
x-amz-rid
1750QD5RPXRXFXJ0ZC36
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
CwSLA006iTZKGzVV0wCOclLGtoBOGL304AT559Z_DRbWSpgBGeBRzg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=about%3Ablank&pid=MRpoirP3cqE2r&cb=5&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-10%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Farticle_left_top%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%2239377393-f313-479d-97cf-ac257399d457%22%2C%22lotame%22%3A%22a4a3877ba45b8733e12f88f92a9da9fb927aeb9d85f88755a815cea44a3decf2%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.97.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-97-132.msp50.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:37:02 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f43ae31ebd011dd2296923e420a7df3c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MSP50-P1
x-amz-rid
ZAD8SGM9E2M2AKWYXHA1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
njJYjdVfg0nwZl28wfquspsxbX2YBkPhvCMcF4O9sVtToaLChLb9VA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=about%3Ablank&pid=MRpoirP3cqE2r&cb=6&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-11%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Farticle_left%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%2239377393-f313-479d-97cf-ac257399d457%22%2C%22lotame%22%3A%22a4a3877ba45b8733e12f88f92a9da9fb927aeb9d85f88755a815cea44a3decf2%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.97.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-97-132.msp50.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:37:02 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f43ae31ebd011dd2296923e420a7df3c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MSP50-P1
x-amz-rid
WF6DZJXJCVTK0K4TP7A8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ZKUbDt4BTNAeBDOyKeU6onviNC_JCsCLAAjdHRg4ZlvhnENeA4glVg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=about%3Ablank&pid=MRpoirP3cqE2r&cb=7&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-12%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Farticle_left%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%2239377393-f313-479d-97cf-ac257399d457%22%2C%22lotame%22%3A%22a4a3877ba45b8733e12f88f92a9da9fb927aeb9d85f88755a815cea44a3decf2%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.97.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-97-132.msp50.r.cloudfront.net
Software
Server /
Resource Hash
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:37:02 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f43ae31ebd011dd2296923e420a7df3c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MSP50-P1
x-amz-rid
S6E8K5RNZ1F1KHA9ECZQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
4NqmVz83SRYPV_K0D326B4e1dIcJBhk3kF98bnkYpMxskE4y_vUekA==
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=112609013164568&correlator=1605929909951497&eid=31079667%2C44807410%2C31079525%2C31068826%2C31078978&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Carticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90%7C1600x350&ifi=6&didk=1378598710&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1f5bc007911fdfce%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MY7TJsDQXFvX851TYDK3Nf-VAx6Pg&gpic=UID%3D00000da373c99d24%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MbRsCcyQzzc-X937nk247j8I0gXtg&abxe=1&dt=1700746623549&lmt=1700746623&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1282057542.1700746597&ga_sid=1700746598&ga_hid=878563414&ga_fc=true&dlt=1700746595236&idt=1729&ppid=b1603b65-686d-4b2c-9308-86c81697bbd3&prev_scp=autoRefresh%3D1%26binaryAutoRefresh%3Dtrue%26article_position%3D1%26pos%3Dtop%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dtop-01%26amznbid%3D2%26amznp%3D2&cust_params=veritas-iab%3D1-4%252C%252012%26tags%3Ddna%252Ccannabis%252Caddiction%252Centertainment%252C%2520culture%252Chelices%252Cbiotechnology%252Cseth%2520mendez%252Cjudy%2520robison%252Cgenetics%252Cwes%2520konner%26blogName%3Dtheonion%26channel%3Dopinion%26section%3Damerican-voices%26subsection%3D%26page%3Darticle%26postId%3D1851043563%26content_originator%3DThe%2520Onion%26veritas-segments%3D12%252C%252014&adks=1183874867&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
0cdbc5bd805d3aebef161b31ce2e6fc79b2b8a14950833d62b975248f4ed9b30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:37:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13474
x-xss-protection
0
google-lineitem-id
6394873656
pragma
no-cache
server
cafe
google-creative-id
676691214420
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		303 B
159 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=112609013164568&correlator=1605929909951497&eid=31079667%2C44807410%2C31079525%2C31068826%2C31078978&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Carticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x60&ifi=7&didk=1378598711&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1f5bc007911fdfce%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MY7TJsDQXFvX851TYDK3Nf-VAx6Pg&gpic=UID%3D00000da373c99d24%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MbRsCcyQzzc-X937nk247j8I0gXtg&abxe=1&dt=1700746623556&lmt=1700746623&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1282057542.1700746597&ga_sid=1700746598&ga_hid=878563414&ga_fc=true&dlt=1700746595236&idt=1729&ppid=b1603b65-686d-4b2c-9308-86c81697bbd3&prev_scp=autoRefresh%3D1%26binaryAutoRefresh%3Dtrue%26article_position%3D1%26pos%3Dsection_sponsorship%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dsection_sponsorship-01&cust_params=veritas-iab%3D1-4%252C%252012%26tags%3Ddna%252Ccannabis%252Caddiction%252Centertainment%252C%2520culture%252Chelices%252Cbiotechnology%252Cseth%2520mendez%252Cjudy%2520robison%252Cgenetics%252Cwes%2520konner%26blogName%3Dtheonion%26channel%3Dopinion%26section%3Damerican-voices%26subsection%3D%26page%3Darticle%26postId%3D1851043563%26content_originator%3DThe%2520Onion%26veritas-segments%3D12%252C%252014&adks=1661608277&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
016ca2c707d679a1067d9a03f1aa97132a3e03e917accebcf81b4dc35708a458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:37:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=112609013164568&correlator=1605929909951497&eid=31079667%2C44807410%2C31079525%2C31068826%2C31078978&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Carticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C360x430&ifi=8&didk=136931552&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1f5bc007911fdfce%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MY7TJsDQXFvX851TYDK3Nf-VAx6Pg&gpic=UID%3D00000da373c99d24%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MbRsCcyQzzc-X937nk247j8I0gXtg&abxe=1&dt=1700746623578&lmt=1700746623&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1282057542.1700746597&ga_sid=1700746598&ga_hid=878563414&ga_fc=true&dlt=1700746595236&idt=1729&ppid=b1603b65-686d-4b2c-9308-86c81697bbd3&prev_scp=autoRefresh%3D1%26binaryAutoRefresh%3Dtrue%26article_position%3D1%26pos%3Dleft_top%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dleft_top-01%26amznbid%3D2%26amznp%3D2&cust_params=veritas-iab%3D1-4%252C%252012%26tags%3Ddna%252Ccannabis%252Caddiction%252Centertainment%252C%2520culture%252Chelices%252Cbiotechnology%252Cseth%2520mendez%252Cjudy%2520robison%252Cgenetics%252Cwes%2520konner%26blogName%3Dtheonion%26channel%3Dopinion%26section%3Damerican-voices%26subsection%3D%26page%3Darticle%26postId%3D1851043563%26content_originator%3DThe%2520Onion%26veritas-segments%3D12%252C%252014&adks=1057778054&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
a28be169c111af8675a138c4e226099eba702555ae08fae6c142e03565518380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:37:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13245
x-xss-protection
0
google-lineitem-id
6394873656
pragma
no-cache
server
cafe
google-creative-id
676691220918
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=112609013164568&correlator=1605929909951497&eid=31079667%2C44807410%2C31079525%2C31068826%2C31078978&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Carticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=9&didk=136931551&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1f5bc007911fdfce%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MY7TJsDQXFvX851TYDK3Nf-VAx6Pg&gpic=UID%3D00000da373c99d24%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MbRsCcyQzzc-X937nk247j8I0gXtg&abxe=1&dt=1700746623605&lmt=1700746623&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1282057542.1700746597&ga_sid=1700746598&ga_hid=878563414&ga_fc=true&dlt=1700746595236&idt=1729&ppid=b1603b65-686d-4b2c-9308-86c81697bbd3&prev_scp=autoRefresh%3D1%26binaryAutoRefresh%3Dtrue%26article_position%3D1%26pos%3Dleft%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dleft-03%26amznbid%3D2%26amznp%3D2&cust_params=veritas-iab%3D1-4%252C%252012%26tags%3Ddna%252Ccannabis%252Caddiction%252Centertainment%252C%2520culture%252Chelices%252Cbiotechnology%252Cseth%2520mendez%252Cjudy%2520robison%252Cgenetics%252Cwes%2520konner%26blogName%3Dtheonion%26channel%3Dopinion%26section%3Damerican-voices%26subsection%3D%26page%3Darticle%26postId%3D1851043563%26content_originator%3DThe%2520Onion%26veritas-segments%3D12%252C%252014&adks=3358020545&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
aeefd353988d08f93c9dd1bc556d25b6fd24ae82fcb01eb6ac0bd4710d3d63a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13347
x-xss-protection
0
google-lineitem-id
6394873656
pragma
no-cache
server
cafe
google-creative-id
676691220918
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=112609013164568&correlator=1605929909951497&eid=31079667%2C44807410%2C31079525%2C31068826%2C31078978&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Carticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=10&didk=136931550&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1f5bc007911fdfce%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MY7TJsDQXFvX851TYDK3Nf-VAx6Pg&gpic=UID%3D00000da373c99d24%3AT%3D1700746597%3ART%3D1700746597%3AS%3DALNI_MbRsCcyQzzc-X937nk247j8I0gXtg&abxe=1&dt=1700746623618&lmt=1700746623&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1282057542.1700746597&ga_sid=1700746598&ga_hid=878563414&ga_fc=true&dlt=1700746595236&idt=1729&ppid=b1603b65-686d-4b2c-9308-86c81697bbd3&prev_scp=autoRefresh%3D1%26binaryAutoRefresh%3Dtrue%26article_position%3D1%26pos%3Dleft%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dleft-03%26amznbid%3D2%26amznp%3D2&cust_params=veritas-iab%3D1-4%252C%252012%26tags%3Ddna%252Ccannabis%252Caddiction%252Centertainment%252C%2520culture%252Chelices%252Cbiotechnology%252Cseth%2520mendez%252Cjudy%2520robison%252Cgenetics%252Cwes%2520konner%26blogName%3Dtheonion%26channel%3Dopinion%26section%3Damerican-voices%26subsection%3D%26page%3Darticle%26postId%3D1851043563%26content_originator%3DThe%2520Onion%26veritas-segments%3D12%252C%252014&adks=3358020550&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
509a2ec1ee3e17a2bf5f4feeea4ee1e5df7bab4c4ce9161488b84cd7f63dd21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 13:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13555
x-xss-protection
0
google-lineitem-id
6394873656
pragma
no-cache
server
cafe
google-creative-id
676691220918
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id5-sync.com
URL
https://id5-sync.com/c/102/112/3/7.gif?puid=1A453196640F0FE9&gdpr=0&gdpr_consent=
Domain
ads.brandcdn.com
URL
https://ads.brandcdn.com/html/7089951_728x90_63a35f0fbdd69.html?fas_c=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D5a18a223-56f6-481c-bd7f-3dedf484952f%26ag%3Ds4ihwt5%26sfe%3D1796d565%26sig%3DFRRd9G-nVtgMfwi3O0hoYOcf93aod4nAq4kACstUKoI.%26crid%3D4cafjgm0%26cf%3D4404119%26fq%3D0%26t%3D1%26td_s%3Dwww.theonion.com%26rcats%3D%26mste%3Dtheonion.com%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dgomedia%26uhow%3D104%26agsa%3D%26wp%3D0.65%26rgz%3D14202%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D1%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D4.760000000000048%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCg1Vbml0ZWQgU3RhdGVzEghOZXcgWW9yaxoDNTE0IgdCdWZmYWxvOAFQAYABAIgBAZABALABALoBBAhBGASSAhdmbWcub25pb24vYXJ0aWNsZS8xL3RvcNgCiA7gAogO-AIBgAMBiAMDkAMBmAMEoAM9uAP40AQ.%26dur%3DCkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQpICiFjaGFyZ2UtYWxsTW9hdFZpZXdhYmlsaXR5VHJhY2tpbmciIwil__________8BEg5tb2F0LXJlcG9ydGluZyoGCKCNBhgM%26durs%3DA8szsB%26crrelr%3D%26npt%3D%26fpa%3D929%26pcm%3D3%26ict%3DUnknown%26said%3D59604c1a536853%26auct%3D1%26us_privacy%3D1YNY%26tail%3D1%26r%3D&oid=7813216&fas_m=16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com&fas_r=16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com&impid=5a18a223-56f6-481c-bd7f-3dedf484952f
Domain
capi.connatix.com
URL
https://capi.connatix.com/core/us?DemandPartner=31&UserId=1cdad28202b44ab296a78c54a72058de&DemandPartnerName=MediaNet&tier=2&DemandPartnerUserId=3437481986634263000V10
Domain
cks.connatix.com
URL
https://cks.connatix.com/cks?pid=34&ev=1cdad28202b44ab296a78c54a72058de&pname=Colossus&api-tier=2&uid=fa0145d5-6dea-41c2-a612-b0ded0b2e3af
Domain
c3.a-mo.net
URL
https://c3.a-mo.net/b?uid=7fade971-a5a2-4e70-83be-ba1535b28ce7&sh=id.a-mx.com&
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
mug.criteo.com
URL
https://mug.criteo.com/sid?cpp=hCcQLHxZNUMxVEdYMWc1V2k3V2E1ZkNkOWJOZFBIeW1tbEZJT0tFczlvTElKWmRQNHlvbm5BUVhXZ0ZaclFaWXZ0NjNxU0U2dDg0TWRydHp2RGxScWtSU2dNOHFOUFBOanFtS01KZkEwVlJmTUYyNjAxRDBYOGNUeklrRE5tRU44a0s1R2NRT1FyRzF5QXVTajJOK1ExaWZmTUlpYUZtbk9wOE1jaFlDNS9lOUFISlhjeWtKZFUzNTExc3E1Tncwa1ZZRVJKUGlZd3Y3ZEhTZ05DQXB1OFlNT1dadlBtaVpVYUxhTHRDNkt1a0o2elZPUkFkTldWMWtPUVh5b0NUS3NSTlhhOGI3cFJuYnJJSmZBUUdyalhQOW1Hdz09fA&cppv=2
Domain
tagan.adlightning.com
URL
https://tagan.adlightning.com/gomedia/bl-cf1706d-0277468f.js
Domain
tagan.adlightning.com
URL
https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_ntQQJmJSGWqZ0Xcj1fkn0aji0vJ2yRPXjhlLGP6iGMAt0f8nTKKmx4OJlf7hZp9WTJ438RKxh1r8RD5iMl5fDWRpZILWl3-emnqROnUpAN2JyJU
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13218777964853478820&x=1&ct=76
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-10de8f06-8162-486c-a4a7-d7f5e69a6971/afa9ca6c-aaa2-4fcb-b73f-26a17e0674ee/9dd3569b-a2c6-4da9-b9e3-1effc9c35114.bin
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js
Domain
static.adsafeprotected.com
URL
https://static.adsafeprotected.com/main.19.8.461.js
Domain
tps.doubleverify.com
URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=532&ttfrms=27&brid=3&brver=119.0.6045.159&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau%60e56_c%606f65aebfa4dd666hf6ege7gg2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETauDEF5J%5C7%3A%3F5D%5C%3D%3A%3F%3C%5C36EH66%3F%5C5%3F2%5C2%3F5%5C42%3F%3F23%3AD%5C255%3A4E%3A%40%3F%5C%60gd%60_cbdeb&srcurlD=0&aUrlD=-1&ssl=https:&dfs=241&ddur=141&uid=1700746599745574&jsCallback=dvCallback_1700746599745764&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4951&tgjsver=4951&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=18&brh=2&dvp_epl=412&noc=4&nav_pltfrm=Win32&ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&btreg=6249408446138425937821&btadsrv=6249408446138425937821&adsrv=104&unit=1x1&seltag=1&sadv=5282684063&ord=3169522532&litm=6249408446&scrt=138425937821&splc=152253218&adu=22443057970&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&cb=1076801462&region=70dvtagver=6.1.src&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=531643943.76009566&ee_dp_sukv=531643943.76009566&dvp_tukv=205201643.35749897&ee_dp_tukv=205201643.35749897&dvp_strhd=0.6000003814697266&dvpx_strhd=0.6000003814697266&dvp_tuid=1683162518820&jurtd=1396498894
Domain
id.rtb.mx
URL
https://id.rtb.mx/rum?
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1700746599476.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?_=1700746599476.&ri=0015a00002y7TWTAA2&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D1cdad28202b44ab296a78c54a72058de%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1700746599476.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1700746599476.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLZ7nYl70y30tmbZowg5F3HnXStc48UXkWvhP7-SZOSxOFgAE4QXEzAGuID_F4t1I7zCsZzujMBPHktCX-ib3gRXqz8QOpNlc_xlgH6FCoTWsRJJkY6H1Qt9_WLrWWujLa-EhMeDbIoqlPcNWG6IJ4YWKd4ohdGHobsBO-8KShL9vOgw7lc62sU6QfpTvLXP0MmKbCNTla7NdbfbNNZpnLZvbrRp8zosBEowIg8b9J8rD09nYA6VTyJ0YGBfyNP2ipg5OUgtRY8ueVizfyvPMMijdGf_xRjsvHUqcPDvabsEJABDQUfdfkRQbo-jocDaeq4kjwcKETqDGVvzvxvAtvL5DxjOPboR2DJ01wY94D&sai=AMfl-YQlCsHOXC28fw2HJuAFrpyyvEjGIZm21Cw1VmVNiIoSXt_N2MVt0lvrNWzCjwHSUmb9iXXuP5SaIZI-tgxrCc8TT23DEdK3SQbdVhdZwaMS8R-oXa0Z20341OMPlhnk2EOGGkxSeDmHbYd1edWLTQ&sig=Cg0ArKJSzHU6ZYyr4sViEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiVgfFJMBHb5mGylPudH3C6ZBuFtLrPf0dkVf9lyaWiBnwPB8TJvQeUPtZnaebYuzNpBnCc8y8P6g9OuezCO0P-iPDIbzDx43scWfhbmPMYAagvHanr7a0KEbKAbbFlBpOXW1Gpt6pgQ&sig=Cg0ArKJSzKhq4T_IJfBnEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=19&adk=1160756866&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1700746598328&rpt=1544&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
csm.va.us.criteo.net
URL
https://csm.va.us.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1
Domain
csm.va.us.criteo.net
URL
https://csm.va.us.criteo.net/iex?gPath=Gum.ChromeSyncframe.SidReadError&msg=Failed%20to%20fetch&tag=Gum&tag=ChromeSyncframe&tag=SidReadError

Verdicts & Comments Add Verdict or Comment

323 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| countryCode object| blockthrough object| domContentLoaderPromise object| dataLayer object| defaultPageContext string| GoogleAnalyticsObject function| ga object| _comscore object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| _taboola function| taboolaInit function| cnxps function| connatixInit object| kinja object| googletag object| headertag function| _thirdPartyFastToken object| _user object| webpackJsonp object| videoHtml5Controllers function| stopVideoHtml5 function| deleteVideoHtml5Controller object| google_tag_data object| gaplugins object| COMSCORE object| ns_p object| taboolaEvents object| _tblConsole number| trc_debug_level object| TRC object| TRCImpl undefined| __startEngine boolean| __tblTrecsInit function| __trcDebug function| __trcError function| __trcInfo function| __trcWarn string| pm_pgtp number| taboola_view_id object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand boolean| _tb_vautop object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam string| trc_article_id string| trc_item_url string| trc_map_url object| trc function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg object| image string| nam object| placementData object| googleImaVansAdapter function| initVideoHtml5 function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| cmTag object| apstag object| pbjs object| regeneratorRuntime function| veritasStart string| veritas_version object| gaGlobal object| gaData function| filterCSS function| filterXSS object| _sf_async_config number| _sf_endpt string| ENTRY_POPUP object| ggeac object| _cm_wfCounters object| pbjsChunk object| _pbjsGlobals object| BULBS_ELEMENTS_ADS_MANAGER object| T8IQWR function| T8IQWk object| xop object| 17iaavr27fgg object| 1ge7fkznkkjk object| google_tag_manager object| _aps boolean| apstagLOADED object| apscustom undefined| google_measure_js_timing object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY boolean| creativeVendorLibraryLoaded object| Criteo object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| N2Qc1a2 function| N2Qc1a3 function| xblocker object| mRlbxb function| mRlbxl object| xblacklist object| _ml string| channel string| trackonomicsId object| scrEm function| _33AcrossIdMappingsProvider boolean| __bt_already_invoked object| PublisherCommonId function| clearImmediate function| setImmediate object| ats object| trx function| md5 number| google_unique_id object| c object| GoogleGcLKhOms object| cnx_player_usr_storage boolean| DFPMessageEnabled object| cnx_usr_storage object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| lotame_sync_17331 object| player_instance_5c9da463d8a24ddb9b49847ef6a31237 object| cnxPlugins object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval function| lotameIsCompatible function| sync17331_aa function| sync17331_c undefined| sync17331_d undefined| sync17331_ba undefined| sync17331_e function| sync17331_f object| sync17331_h function| sync17331_ca function| sync17331_j function| sync17331_da object| sync17331_ object| sync17331_ga object| sync17331_v object| sync17331_oa object| sync17331_xa object| sync17331_ya function| sync17331_a function| sync17331_b function| sync17331_g function| sync17331_i function| sync17331_k function| sync17331_l function| sync17331_m function| sync17331_n function| sync17331_o function| sync17331_p function| sync17331_q function| sync17331_r function| sync17331_fa function| sync17331_ea function| sync17331_s function| sync17331_t function| sync17331_u function| sync17331_w function| sync17331_ha function| sync17331_ia function| sync17331_y function| sync17331_ja function| sync17331_z function| sync17331_A function| sync17331_x function| sync17331_B function| sync17331_ka function| sync17331_C function| sync17331_D function| sync17331_E function| sync17331_F function| sync17331_G function| sync17331_H function| sync17331_I function| sync17331_J function| sync17331_K function| sync17331_L function| sync17331_la function| sync17331_ma function| sync17331_na function| sync17331_M function| sync17331_N function| sync17331_pa function| sync17331_O function| sync17331_qa function| sync17331_ra function| sync17331_sa function| sync17331_P function| sync17331_ta function| sync17331_ua function| sync17331_va function| sync17331_wa function| sync17331_Q function| sync17331_R function| sync17331_za function| sync17331_S function| sync17331_T function| sync17331_U function| sync17331_V function| sync17331_Aa function| sync17331_W function| sync17331_X function| sync17331_Y function| sync17331_Z function| sync17331__ function| sync17331_0 function| sync17331_Ea function| sync17331_Ba function| sync17331_1 function| sync17331_Da function| sync17331_Ca function| sync17331_2 function| sync17331_3 function| sync17331_4 function| sync17331_5 function| sync17331_Ga function| sync17331_Ha function| sync17331_Ja function| sync17331_Fa function| sync17331_7 function| sync17331_Ia function| sync17331_La function| sync17331_Ka function| sync17331_8 function| sync17331_6 function| sync17331_9 function| sync17331_Ma function| sync17331_Na function| sync17331_Oa function| sync17331_Pa function| sync17331_$ function| sync17331_Qa function| sync17331_Ra function| sync17331_Sa function| sync17331_Ta function| cnxAddEventListener

272 Cookies

Domain/Path Name / Value
.taboola.com/gomedia1-theonion/ Name: taboola_session_id
Value: v2_ae11b243e086d50ce789ad5728306627_49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3_1700746595_1700746596_CNawjgYQ5LxeGNeZluO_MSABKAEw4QE4kaQOQNWmD0iQ0NkDUJoEWABgAGiLspCgye6O3i5wAQ
.3lift.com/sync Name: sync
Value: CgkIOhCfwZbjvzE=
i.liadm.com/s Name: _li_ss
Value: Cg8KBgiiARDIFgoFCAoQyBY
www.theonion.com/ Name: geocc
Value: US
.theonion.com/ Name: KinjaBucket
Value: d
www.theonion.com/ Name: KinjaSetBucket
Value: d|1700746500|qKlvNne4ihdepUBwM+MuysiqzhWFrJ/vXhRapwXq1xM=
kinja.com/ Name: KinjaSession
Value: e3b21961-bc52-4a68-9a84-8817e6e35a8f
.kinja.com/ Name: KinjaBucket
Value: d
kinja.com/ Name: KinjaSetBucket
Value: d|1700746500|qKlvNne4ihdepUBwM+MuysiqzhWFrJ/vXhRapwXq1xM=
www.theonion.com/ Name: lux_uid
Value: 170074659537034467
.scorecardresearch.com/ Name: UID
Value: 16537bc3e41fbcec2332a751700746595
.taboola.com/ Name: t_gid
Value: 49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3
.taboola.com/ Name: t_pt_gid
Value: 49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3
www.theonion.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3
.rubiconproject.com/ Name: khaos
Value: LPB8M0BO-E-37IV
.mediago.io/ Name: __mguid_
Value: 1b7de7e8c21423022jb8kt00lpb8m0ch
.doubleclick.net/ Name: IDE
Value: AHWqTUnljWEQXu5i0UsIxMeu6NLNeKTMUDpB01WyOnj4vvm0b9FDoD4CMx6d4vEvvWI
.adsrvr.org/ Name: TDID
Value: f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
.contextweb.com/ Name: V
Value: 0lkYl0LklrOt
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 6c63fc138884e40d
.postrelease.com/ Name: visitor
Value: db6a8b0a-bdfb-46e8-9ff3-da85b7ab6ce8
.smartadserver.com/ Name: pid
Value: 1520263800190791698
.bidswitch.net/ Name: tuuid
Value: cce8f51c-6cfc-41c9-b958-7247d6a4d2e8
.bidswitch.net/ Name: c
Value: 1700746596
.bidswitch.net/ Name: tuuid_lu
Value: 1700746596
.openx.net/ Name: i
Value: 624efa20-36f9-0938-170a-2bfa777b92d0|1700746596
.mfadsrvr.com/ Name: tuuid
Value: 2c04ab40-49db-462f-8fb7-e222430fb4d8
.mfadsrvr.com/ Name: c
Value: 1700746596
.mfadsrvr.com/ Name: tuuid_lu
Value: 1700746596
.3lift.com/ Name: tluid
Value: 659112826076576016317
.mfadsrvr.com/ Name: ssh
Value: !taboola,1700746596
.storygize.net/ Name: U
Value: 95314614-9b3c-448a-ae24-dfbbdcdac958
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
sync-dmp.mobtrakk.com/ Name: pid
Value: MTAxOGY1MWQyNzg4ZWIxNw
.theonion.com/ Name: _gid
Value: GA1.2.1399189417.1700746597
.theonion.com/ Name: _gat_unique
Value: 1
.theonion.com/ Name: _gat
Value: 1
.socdm.com/ Name: SOC
Value: ZV9VZMCo5uYAALKMH-cAAAAA
.theonion.com/ Name: _sharedID
Value: b1603b65-686d-4b2c-9308-86c81697bbd3
.theonion.com/ Name: _sharedID_cst
Value: 1izpLMgsJw%3D%3D
.adnxs.com/ Name: uuid2
Value: 5965519997845925682
www.theonion.com/ Name: pageDepth
Value: 1
.liadm.com/ Name: lidid
Value: 492e2545-4cdc-4552-a7e2-a2f073bfbbb3
.rkdms.com/ Name: sessionid
Value: h-c5108dd8f9414c71a8e17ebb93705a44_t-1700746597
.theonion.com/ Name: _cb
Value: D5JiV7bT484B0yPEf
.theonion.com/ Name: _chartbeat2
Value: .1700746597049.1700746597049.1.C_k5LUB9tqYmD3lobqDuaR8AIYeyR.1
.theonion.com/ Name: _cb_svref
Value: null
.casalemedia.com/ Name: CMID
Value: ZV9VZf8jDOcP96AbbzfkBwAA
.casalemedia.com/ Name: CMPS
Value: 1434
.casalemedia.com/ Name: CMPRO
Value: 1434
.lijit.com/ Name: ljt_reader
Value: HtFwhRZHc4ldxZ4dTD-iUtLg
.lijit.com/ Name: _ljtrtb_42
Value: 49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3
.kargo.com/ Name: ktcid
Value: e0be3db0-a89b-0955-1166-899b3f3aec1a
.33across.com/ Name: check
Value: true
.theonion.com/ Name: _ga
Value: GA1.1.1282057542.1700746597
.theonion.com/ Name: _ga_FBJXBGD4M8
Value: GS1.1.1700746597.1.0.1700746597.0.0.0
www.theonion.com/ Name: vtas_f
Value: 83ea558319c7f2d06b4e1addacf460867f881a67
www.theonion.com/ Name: vtas_version
Value: 1.1.5
.ml314.com/ Name: pi
Value: 3640140528887529519
.ml314.com/ Name: tp
Value: 4%253b11%252f23%252f2023%2B13%253a36%253a37%253b0
www.theonion.com/ Name: vtas_kv
Value: {"veritas-segments":"12, 14","veritas-iab":"1-4, 12"}
www.theonion.com/ Name: _lr_geo_location
Value: US
www.theonion.com/ Name: _lr_geo_location_state
Value: NY
.gumgum.com/ Name: vst
Value: u_c799d1f4-5b38-4a96-9ad5-fda2185835dd
.amazon-adsystem.com/ Name: ad-id
Value: A-NiIOf4jUw8lM9KfUzpr6o
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.demdex.net/ Name: demdex
Value: 84724956709743036273355488684436879848
.eyeota.net/ Name: mako_uid
Value: 18bfc6595d9-74900000010a5def
.eyeota.net/ Name: SERVERID
Value: 24047~DM
.postrelease.com/ Name: status
Value: 1
.postrelease.com/ Name: ver
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 84724956709743036273355488684436879848
.openx.net/ Name: pd
Value: v2|1700746597|vMgavPkWgy
.rlcdn.com/ Name: pxrc
Value: COWq/aoGEgUI6AcQABIFCNtOEAA=
.tappx.com/ Name: TXUSERID
Value: c2dd7f18-242f-4d0b-aaac-82b31109bcd1f1a
.tappx.com/ Name: TXCD
Value: 1700746597
.bidr.io/ Name: bito
Value: AAAWOk7KvqsAABKdyZEUAg
.bidr.io/ Name: bitoIsSecure
Value: ok
.sharethrough.com/ Name: stx_user_id
Value: 2775a971-6181-4c64-be1d-a2861ce7f36f
.yieldmo.com/ Name: yieldmo_id
Value: 3F30DVV880VBCWyYXWKp%7C1700697600000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: rc%3D1181914%7Cunl%3D1181914%7Cc%3D1181914%7Ctapad%3D1181914%7Can%3D1181914
.yellowblue.io/ Name: wrvUserID
Value: x53NyBr-kp_s
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220231123%22%7D
.deepintent.com/ Name: CDIUSER
Value: di_140b8c2ff1b64c5594b45
.adform.net/ Name: C
Value: 1
.zemanta.com/ Name: zuid
Value: IJKr-MNp3ZvAgzNvsqEw
.yahoo.com/ Name: A3
Value: d=AQABBGVVX2UCEIEvwnFxR4XvC2CIffHeJRYFEgEBAQGmYGVpZdxS0iMA_eMAAA&S=AQAAAiSj7SKQdhd4D_Dp7z8phVc
.presage.io/ Name: presage-ssp
Value: %7B%22uuid%22%3A%229e6b4bb7-7ae7-41e3-a421-e30df998715e%22%7D
.adform.net/ Name: uid
Value: 9047554035501915527
.openx.net/ Name: univ_id
Value: 537072971|f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b|1700746598018073
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f52a27e5-963b-512b-43e0-7607f1eb2d62.zU1wI4b4BwIaQZP18BuftMDGkozvxChl2Kox3LzYaLY
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f52a27e5-963b-512b-43e0-7607f1eb2d62.zU1wI4b4BwIaQZP18BuftMDGkozvxChl2Kox3LzYaLY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9Son5ZY7UStD4HYH8estYmAJ-SY.sBJJ%2Fn9xxMeSR0u8Ol1Fp6eeOvN%2BaqTDTd7XSfmmxYI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9Son5ZY7UStD4HYH8estYmAJ-SY.sBJJ%2Fn9xxMeSR0u8Ol1Fp6eeOvN%2BaqTDTd7XSfmmxYI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICdibiP5baNw__d6nb7zz9ewuzmnLmdXh0zaYLwTYwb9EHwYBCDmqv2qBjABOgRyABfNQgS5mexq.%2Bmtjw4n70PgierZRvuD8AMW9whcecTLlFmUKxnSgZVY
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICdibiP5baNw__d6nb7zz9ewuzmnLmdXh0zaYLwTYwb9EHwYBCDmqv2qBjABOgRyABfNQgS5mexq.%2Bmtjw4n70PgierZRvuD8AMW9whcecTLlFmUKxnSgZVY
.ipredictive.com/ Name: cu
Value: 72374bf9-0da0-4f2c-a88a-08aa198513d1|1700746598047
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 71A53502-0352-4DDA-BC37-6369BFD775C2
.pubmatic.com/ Name: DPSync3
Value: 1701907200%3A201_263%7C1700784000%3A248%7C1701302400%3A265
.33across.com/ Name: 33x_ps
Value: u%3D212354975239421%3As1%3D1700746598104%3Ats%3D1700746598104
.tapad.com/ Name: TapAd_TS
Value: 1700746598115
.tapad.com/ Name: TapAd_DID
Value: a3086665-47d6-49d0-ba6d-402927fddd3e
.tappx.com/ Name: TXCSDMN_32
Value: 5965519997845925682
.theonion.com/ Name: __gads
Value: ID=1f5bc007911fdfce:T=1700746597:RT=1700746597:S=ALNI_MY7TJsDQXFvX851TYDK3Nf-VAx6Pg
.theonion.com/ Name: __gpi
Value: UID=00000da373c99d24:T=1700746597:RT=1700746597:S=ALNI_MbRsCcyQzzc-X937nk247j8I0gXtg
.adkernel.com/ Name: SSPZ
Value: 200784
.adkernel.com/ Name: DSP2F_40
Value: 541704
.adkernel.com/ Name: DSP2F_63
Value: 546302
.adkernel.com/ Name: ADKUID
Value: A387348083428015618
.ads.stickyadstv.com/ Name: UID
Value: bd9676847ce152021c622d16cba02c
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 18d83ebd-abf7-5347-b165-4806d43a1d60
.betweendigital.com/ Name: ss
Value: 1
.go.sonobi.com/ Name: __uis
Value: 8ad7315b-ac9b-4399-b1f5-5c9722c9ea70
.go.sonobi.com/ Name: HAPLB8G
Value: s8511|ZV9Va
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ3u_HeT6gA4HX9WHdnM45Qu0J0MOuDttcI7C0_i35hrW4YkrJmr2NKfF5ZQC4TM1
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_1892e714-0c59-45d0-b6c7-bcfb826cbc47
.ads.yieldmo.com/ Name: ptrc
Value: CAESEDiQz_3iRL52HfcVog1IMHo
.360yield.com/ Name: tuuid
Value: 0087d201-0a94-499d-8070-181696fff66c
.360yield.com/ Name: tuuid_lu
Value: 1700746598
.ads.yieldmo.com/ Name: ptran
Value: 5965519997845925682
.tappx.com/ Name: TXCSDMN_80
Value: 2775a971-6181-4c64-be1d-a2861ce7f36f
.media.net/ Name: visitor-id
Value: 3437481986634263000V10
.media.net/ Name: data-ris
Value: {{APID}}~~25
.tappx.com/ Name: TXCSDMN_28
Value: 659112826076576016317
.tappx.com/ Name: TXCSDMN_13
Value: HtFwhRZHc4ldxZ4dTD-iUtLg
.tynt.com/ Name: uid
Value: FtT2L2VfVWYtP33rQVyLRw==
.creativecdn.com/ Name: u
Value: mS3xHJkfRgFobjLCqvAa
.creativecdn.com/ Name: g
Value: mS3xHJkfRgFobjLCqvAa_1700746598208
.creativecdn.com/ Name: ts
Value: 1700746598
.nrich.ai/ Name: _nauid
Value: 32886513-7f4a-469c-86f0-9c6a3a50af00
.rezync.com/ Name: zync-uuid
Value: 28e8594e-12c5-438f-aee8-514a9389362e:1700746598.274225
.csync.loopme.me/ Name: viewer_token
Value: 7e5c97a5-6a6a-4c79-a636-1ad4942b5056
.betweendigital.com/ Name: ut
Value: ZV9VZgAFcojdbQiU1zlj244aUi2k3PdlgMzZpg==
.ads.yieldmo.com/ Name: ptrrc
Value: LPB8M0BO-E-37IV
.adx.opera.com/ Name: UID
Value: OPUd3f1c928ded74fb388bc782ca51b6572
.tappx.com/ Name: TXCSDMN_109
Value: 604ca7de-8027-4646-8063-3767ab6a977a
.tappx.com/ Name: TXCSDMN_253
Value: 0087d201-0a94-499d-8070-181696fff66c
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzI3MjUxtjA3AvKE-Ax1QwujCp3N4rOrSjPcAJP2zT4kAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByQ2AMAwEwA_tGMXra003UWQKoXJmvivBYbSPKE6IG1_ZM5RQ321sS8yjtVZ5RvNGORA_rQ06LjkAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzI3MjUxtjA3AvKE-Ax1QwujCp3N4rOrSjPcAJP2zT4kAAAA
.tappx.com/ Name: TXCSDMN_1135
Value: OPUd3f1c928ded74fb388bc782ca51b6572
.tappx.com/ Name: TXCSDMN_724
Value: 18d83ebd-abf7-5347-b165-4806d43a1d60
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-72374bf9-0da0-4f2c-a88a-08aa198513d1&KRTB&23011-72374bf9-0da0-4f2c-a88a-08aa198513d1&KRTB&23355-72374bf9-0da0-4f2c-a88a-08aa198513d1
.turn.com/ Name: uid
Value: 2987841845179767085
.lijit.com/ Name: ljtrtb
Value: eJwFwcsRgDAIBcBeuL%2BZBIkkdoN8Kognx97dfUmYLpJloUs7uFVBig03h%2BB07aE5s6VjP759zLA86PsBr%2B4QFg%3D%3D
.lijit.com/ Name: _ljtrtb_92
Value: 5965519997845925682
.onetag-sys.com/ Name: OTP
Value: ChkcC3hX3kjyf_fJDKHeJEJRqZDPGNPZjJSKe5tjTAQ
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEKwyAMANC75LsOTY1JvEyRLgPZ6kbtflZ69_n54J2wfGzfSrN2QD72r02wvupQh3xCr7_NnpBBk6hnZKQ4C-MQXBN0672-21Lvo6CYkEZzAVdyoz1cMRNHIRadReeElgN7zzGRyg05IhJcf2HRJNc.ZV9VZg.XqWGsNxmxmsHt4r5DaYVw5a4DoI
.id5-sync.com/ Name: id5
Value: c5169a1e-818e-73ca-9e88-4d49bab5f4d0#1700746596467#3
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5965519997845925682&KRTB&23339-5965519997845925682
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&KRTB&22918-f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&KRTB&22926-f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b&KRTB&23031-f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b
.simpli.fi/ Name: suid
Value: 2140A94FBC324532807E7B743EE659A3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEEk3I9jakdWYA3zYDSZRwBg&KRTB&23025-CAESEEk3I9jakdWYA3zYDSZRwBg&KRTB&23386-CAESEEk3I9jakdWYA3zYDSZRwBg
.mathtag.com/ Name: uuid
Value: 70e7655f-5566-4d00-b5b0-5ec6fb1ffda0
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:2140A94FBC324532807E7B743EE659A3&KRTB&23486-uid:2140A94FBC324532807E7B743EE659A3&KRTB&23489-uid:2140A94FBC324532807E7B743EE659A3&KRTB&23539-uid:2140A94FBC324532807E7B743EE659A3
.pubmatic.com/ Name: SPugT
Value: 1700746596
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZV9VZgAByG6BTABH
.a-mo.net/ Name: amuid2
Value: cddbd60e-5371-4e27-8ec9-892f1ea338ba
.prebid.a-mo.net/ Name: sd_amuid2
Value: cddbd60e-5371-4e27-8ec9-892f1ea338ba
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7861-2!7861
.richaudience.com/ Name: pdid
Value: d0b88fd7-2313-43b7-83c8-1zz1700746585
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-905b5109-b08e-4801-96f3-68aa3693ea87-005%22%7D
.c.appier.net/ Name: _auid
Value: k-Olyo6lCzakzPPjZlVfZQ
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XMqxGAQAwAUYNFXR1hLv-Ebm6YUBASiaRKJCBXvL2nGb13F9MMMz6aUVRoSgHSpiAcO4yqAEUZyZFsVOuLFnIh0rN9RkJ-_Tseb1jX2GkAAAA
.tappx.com/ Name: TXCSDMN_58
Value: 212354975239421
.omnitagjs.com/ Name: ayl_visitor
Value: b1909214b92eb6624c0b7b606f679127
.sportradarserving.com/ Name: zuuid
Value: a2647777-af24-46eb-8cf5-4bb4e6e8269c
.sportradarserving.com/ Name: c
Value: 1700746598
.sportradarserving.com/ Name: zuuid_lu
Value: 1700746598
.tappx.com/ Name: TXCSDMN_728
Value: k-Olyo6lCzakzPPjZlVfZQ
.tappx.com/ Name: TXCSDMN_52
Value: LPB8M0BO-E-37IV
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1700746598
.pippio.com/ Name: did
Value: 4fvlxKXE0pICUDcF
.pippio.com/ Name: didts
Value: 1700746598
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.dotomi.com/ Name: DotomiTest
Value: 670bc134c9db122b
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHS7AGDgcmPAM9lSz2AAAAAAA&KRTB&22713-AAAHS7AGDgcmPAM9lSz2AAAAAAA&KRTB&22715-AAAHS7AGDgcmPAM9lSz2AAAAAAA&KRTB&23519-AAAHS7AGDgcmPAM9lSz2AAAAAAA
.mxptint.net/ Name: mxpim
Value: R33645_10C999B5C_2112C74E.1.0000000000000000655F5566
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33645_10C999B5C_2112C74E&KRTB&23092-R33645_10C999B5C_2112C74E
.tappx.com/ Name: TXCSDMN_108
Value: d0b88fd7-2313-43b7-83c8-1zz1700746585
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.primis.tech/ Name: csuuid
Value: 655f5566dc201
.linkedin.com/ Name: bcookie
Value: "v=2&9bc2ba1e-0b4c-45fc-8103-3f5f79eeaf24"
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2810:u=1:x=1:i=1700746598:t=1700832998:v=2:sig=AQGy7JA5b6cwC2uz5xCjiexU3Vupx-UL"
.sitescout.com/ Name: ssi
Value: 9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd#1700746598944
.technoratimedia.com/ Name: tads_uidp_37
Value: c8d75037-d520-38df-81ad-eca0057d7309
.technoratimedia.com/ Name: tads_uidp_44
Value: LPB7RKIX-27-C4P2
.technoratimedia.com/ Name: tads_uidp_46
Value: 1380884114487864656
.technoratimedia.com/ Name: tads_uidp_49
Value: AAABoi4vUa-u3wM_JgoMAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: 6de13712-dc64-45ec-8acb-93614bb2cf21
.technoratimedia.com/ Name: tads_uidp_61
Value: 212354030282458
.technoratimedia.com/ Name: tads_uidp_62
Value: 3437467756634862000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: e1TN7dfpq1Farst4fgMM4qLNhwVGfjoK
.technoratimedia.com/ Name: tads_uidp_7
Value: 061a7e38-e508-403c-a921-fa693449dee2
.technoratimedia.com/ Name: tads_uidp_73
Value: AAAWOk7KvqsAABKdyZEUAg
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-224a746a-218c-49fe-963c-d9f07e7f513c-005
.technoratimedia.com/ Name: tads_uidp_77
Value: yrnQj_UhaztZbJL-cYzXWGdthxDgqg-wRxZB3NTHEBM
.technoratimedia.com/ Name: tads_uidp_79
Value: d40643a3-8ff7-4872-9e54-6240e04d0d47
.technoratimedia.com/ Name: tads_uidp_80
Value: y-w5uLjElE2uFThmrJ6wqrgGWz.RgXAH1_~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZV9P17Rk.MZwkU3aMj9fSwAA&3649
.technoratimedia.com/ Name: tads_uidp_88
Value: 1470496674018580862868
.technoratimedia.com/ Name: tads_uid
Value: 17FECB2AD8214DCB8A783F133F3C5B28
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230815153227+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAAWOk7KvqsAABKdyZEUAg
.smartadserver.com/ Name: csync
Value: 86:5965519997845925682|111:ID5-ee80AvH94oJ4u5hAbjVXQ8GWEr6Lkcw1rWp30FAN4w|117:b1909214b92eb6624c0b7b606f679127|127:AAAWOk7KvqsAABKdyZEUAg
.rubiconproject.com/ Name: audit
Value: 1|wy/hmJw89e6u3f4fzPpuH0ZR+3/CwBrd1VMg5JM1G4d+xL8LlrcUaM8crkKangHafF19zVwzuaZCqQ3+tQhlLHMDvubSxZCGZ60cWpGl5GR/GuxdKCOxK/jTJDV7O5YUbXuNSEpEtuy2gpsOY1Vx9w==
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553&KRTB&23418-9e42ffd2-3e93-4ccb-b966-968dfaa0d9fd-655f5566-5553
.intentiq.com/ Name: intentIQ
Value: nP4mHM0vGX
.intentiq.com/ Name: IQver
Value: 1.9
.connatix.com/ Name: cnx_userId
Value: 1cdad28202b44ab296a78c54a72058de
.tappx.com/ Name: TXCSDMN_1111
Value: A387348083428015618
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 2d30ac45-4ecf-402d-bc43-c2f4b534c3f0
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2987841845179767085&KRTB&23150-2987841845179767085&KRTB&23527-2987841845179767085
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1700746599263
.hb.yahoo.net/ Name: visitor-id
Value: 3437481996634264000V10
.hb.yahoo.net/ Name: data-mag
Value: LPB8M0BO-E-37IV~~63
www.theonion.com/ Name: cnx_userId
Value: 1cdad28202b44ab296a78c54a72058de
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-9047554035501915527&KRTB&23263-9047554035501915527&KRTB&23481-9047554035501915527
.pubmatic.com/ Name: PugT
Value: 1700714580
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o5k|7bq.0.1|7Xz.0.1|7dN.0.AAAWOk7KvqsAABKdyZEUAg|8i8.0.1
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMDc0NjU5OTA1NSwiMzkiOjE3MDA3NDY1OTk0NDcsIjciOjE3MDA3NDY1OTk0NDd9
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1700746598340%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1700746599476%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1700746598340%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1700746599476%7D%2C%7B%22p%22%3A%221fbac30d28%22%2C%22f%22%3A1%2C%22ts%22%3A1700746599476%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1700746598340%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1700746599476%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1700746598340%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1700746598340%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1700746599476%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1700746598340%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1700746599476%7D%5D
.pubmatic.com/ Name: SyncRTB3
Value: 1701302400%3A2_15_223%7C1701907200%3A48_56_104_250_166_55_21_54_13_178_71_3_220_81
.adnxs.com/ Name: anj
Value: dTM7k!M4.gD>6NRF']wIg2E?cqID9R!]td+8bhzs#DNB)PYwUr*ZefwTH05pTNA=%^0KRQV+%'1MtnrL3M1R[W:IBco(2LH<T+R24N%'V5+`HG5.b^ak@s1H`fdcm4jOTy=k.h><7oWD'fj:t>w-/6Nf#A?
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQQjhNMEJPLUUtMzdJViIsImV4cGlyZXMiOiIyMDI0LTAyLTIxVDEzOjM2OjM4WiJ9LCJhbXgiOnsidWlkIjoiY2RkYmQ2MGUtNTM3MS00ZTI3LThlYzktODkyZjFlYTMzOGJhIiwiZXhwaXJlcyI6IjIwMjQtMDItMjFUMTM6MzY6MzlaIn19LCJiaXJ0aGRheSI6IjIwMjMtMTEtMjNUMTM6MzY6MzhaIn0=
.tremorhub.com/ Name: tvid
Value: 88847728943745d39fa115a314d9380b
.tremorhub.com/ Name: tv_UISCX
Value: 1cdad28202b44ab296a78c54a72058de
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2f7p:194o~2f7p:190u~2f7p:18vk~2f7p:19e0~2f7p:196y~2f7p"
.resetdigital.co/ Name: ckbk
Value: 0000011E2DCE1E8E
cookies.nextmillmedia.com/ Name: syncedBidders
Value: {"amx":1,"ix":1,"loopme":1,"rubicon":1}
.ctnsnet.com/ Name: cid_b4c58cf361b34d86bbea2a63ad8d7462
Value: 1
.sundaysky.com/ Name: sskyu
Value: d6.2c767aa1dcbf4caca524c8ef8d8d5ea2
.sundaysky.com/ Name: sskyCreationTime
Value: 1700746599551
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiY2RkYmQ2MGUtNTM3MS00ZTI3LThlYzktODkyZjFlYTMzOGJhIiwiZXhwaXJlcyI6IjIwMjMtMTItMDdUMTM6MzY6MzkuNTgwOTg4OTUyWiJ9fX0=
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
pbs.nextmillmedia.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiY2RkYmQ2MGUtNTM3MS00ZTI3LThlYzktODkyZjFlYTMzOGJhIiwiZXhwaXJlcyI6IjIwMjMtMTItMDdUMTM6MzY6MzkuNTkwMjg5NDg4WiJ9LCJydWJpY29uIjp7InVpZCI6IkxQQjhNMEJPLUUtMzdJViIsImV4cGlyZXMiOiIyMDIzLTEyLTA3VDEzOjM2OjM5LjIyNjI4NTM5OFoifSwieWllbGRtbyI6eyJ1aWQiOiIzRjMwRFZWODgwVkJDV3lZWFdLcCIsImV4cGlyZXMiOiIyMDIzLTEyLTA3VDEzOjM2OjM4LjgwOTYxNTk2NVoifX19
.a-mx.com/ Name: amdt_t
Value: g::1700746599594
.a-mx.com/ Name: amuid2
Value: 7fade971-a5a2-4e70-83be-ba1535b28ce7
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.id5-sync.com/ Name: 3pi
Value: 464#1700746596581#50131119#49ad7971-20ff-4f2a-b2d4-6c71d7e8e0ec-tuctc58dae3|2#1700746596908#982824336#5965519997845925682|102#1700746599176#135540227|264#1700746598402#-1232324731#f3e3e4e4-aa4e-4c90-abf7-ee8814e9374b|104#1700746599620#-1401896409#cce8f51c-6cfc-41c9-b958-7247d6a4d2e8|441#1700746597695#501121715#u_c799d1f4-5b38-4a96-9ad5-fda2185835dd|10#1700746598923#-1381080421#9047554035501915527|155#1700746598056#220013824#AAAWOk7KvqsAABKdyZEUAg|123#1700746599424#-1532153925|1244#1700746597433#-876062186|429#1700746598771#-1462494114#71A53502-0352-4DDA-BC37-6369BFD775C2|1246#1700746598602#-876062186
.prebid.a-mo.net/ Name: _sv3_14
Value: 1
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUd1JMUEdMIzE1Mzg2XzAmVHdSTFBOSQ
.intentiq.com/ Name: IQPData
Value: 1611265732#1700746599694#0#1700746599261
.sundaysky.com/ Name: sskya
Value: "e2N4Ont0czoiNDRieHQzIix0OiJuaSJ9fQ=="
.rlcdn.com/ Name: rlas3
Value: OJG1YLjRlREd4NBUbss016pYAKasJoPBhpgGwjI51gI=
.semasio.net/ Name: SEUNCY
Value: 1A453196640F0FE9
.colossusssp.com/ Name: gtm_usr
Value: fa0145d5-6dea-41c2-a612-b0ded0b2e3af
.colossusssp.com/ Name: lmg_r
Value: 74
.adsby.bidtheatre.com/ Name: __kuid
Value: 06fb8474-4084-4350-a23f-c79a62f4bf96.469960599
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-905b5109-b08e-4801-96f3-68aa3693ea87-005%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: pi
Value: 161204:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 13
.rtb.mx/ Name: amdt_t
Value: g::1700746600670
.rtb.mx/ Name: amuid2
Value: bc510bc7-b752-4380-8666-4425d5970778
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsImPfm-OeMtjwQBRIWCgdydWJpY29uEgsIkKf1iuiMtjwQBRIVCgZjYXNhbGUSCwi6r4v654y2PBAFEhYKB2QwdHJvMWoSCwjK9-yA6Iy2PBAFEhsKDHNoYXJldGhyb3VnaBILCIi12oTojLY8EAUSFAoFdGFwYWQSCwiGqOiH6Iy2PBAFEhIKA2FhbRILCMqStb2u2qo8EAUSEwoEa3J1eBILCI67qr6u2qo8EAUYBSABKAEyCwjC6I3K_oy2PBAFOAFaBnByZWJpZGABcgRrcnV4
.crwdcntrl.net/ Name: _cc_id
Value: c3ccbfed6496b580c65721ec6c55ef32
.theonion.com/ Name: _cc_id
Value: c3ccbfed6496b580c65721ec6c55ef32
.theonion.com/ Name: panoramaId_expiry
Value: 1700833000690
.theonion.com/ Name: panoramaId
Value: a4a3877ba45b8733e12f88f92a9da9fb927aeb9d85f88755a815cea44a3decf2
.theonion.com/ Name: panoramaIdType
Value: panoDevice
.krxd.net/ Name: _kuid_
Value: P7uHOQtO

29 Console Messages

Source Level URL
Text
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2071A53502-0352-4DDA-BC37-6369BFD775C2&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy={{US_PRIVACY}}&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy={{US_PRIVACY}}&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7BUS_PRIVACY%7D%7D%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.adkernel.com/user-sync?zone=175005&r=xFqxkvWpHy1VFyDwjkVOKDjPMCrEOvd8223rAhGK81s
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ssp.api.tappx.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ssc-cms.33across.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pbs.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pbs.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pbs.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pbs.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pbs.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pbs.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cookies.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pbs.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.theonion.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.theonion.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imprnjmp.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://us-match.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.amazon-adsystem.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.theonion.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.theonion.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tpc.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: about:blank
Message:
Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=1520263800190791698&pId=40&gdpr=0&gdpr_consent=' because its MIME type ('image/gif') is not executable.
security error URL: about:blank
Message:
Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=RX-905b5109-b08e-4801-96f3-68aa3693ea87-005&pId=44' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
16de041e7ed26372c55eee97e686f88a.safeframe.googlesyndication.com
33across-match.dotomi.com
a.sportradarserving.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.betweendigital.com
ads.brandcdn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
ap.lijit.com
api.btloader.com
api.rlcdn.com
assets.a-mo.net
ats.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
btloader.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c3.a-mo.net
capi.connatix.com
cd.connatix.com
cdn-ima.33across.com
cdn-magiclinks.trackonomics.net
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.speedcurve.com
cdn.taboola.com
cds.connatix.com
cds.taboola.com
ce.lijit.com
ch-trc-events.taboola.com
choices.trustarc.com
choices.truste.com
cks.connatix.com
cm.adform.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connatix-supply-partners.tremorhub.com
contextual.media.net
cookies.nextmillmedia.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.media.net
cs.yellowblue.io
csm.va.us.criteo.net
csync.loopme.me
d24zb9qreavi2u.cloudfront.net
de.tynt.com
direct.adsrvr.org
dis.criteo.com
dpm.demdex.net
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
f.kinja-static.com
fastlane.rubiconproject.com
geo.privacymanager.io
grid.bidswitch.net
gum.criteo.com
hb.yahoo.net
hb.yellowblue.io
hbopenbid.pubmatic.com
hde.tynt.com
htlb.casalemedia.com
i.ctnsnet.com
i.kinja-img.com
i.liadm.com
ib.adnxs.com
id.a-mx.com
id.rlcdn.com
id.rtb.mx
id.sv.rkdms.com
id5-sync.com
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
imprnjmp.taboola.com
ins.connatix.com
insight.adsrvr.org
jadserve.postrelease.com
js-sec.indexww.com
kinja-com.videoplayerhub.com
kinja.com
krk2.kargo.com
lexicon.33across.com
live.primis.tech
live.rezync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
ml314.com
ms-cookie-sync.presage.io
mug.criteo.com
ny1-bid.adsrvr.org
onetag-sys.com
ow.pubmatic.com
p.rfihub.com
pagead2.googlesyndication.com
pbs.nextmillmedia.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pm-widget.taboola.com
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.a-mo.net
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.c.appier.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sid.storygize.net
simage2.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.api.tappx.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-dmp.mobtrakk.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
t.adx.opera.com
tagan.adlightning.com
tags.crwdcntrl.net
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
trace.mediago.io
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-match.taboola.com
us-u.openx.net
us-vid-events.taboola.com
us01.z.antigena.com
usermatch.krxd.net
usersync.gumgum.com
vid.connatix.com
vid.vidoomy.com
vidanalytics.taboola.com
vidstat.taboola.com
visitor.omnitagjs.com
vop.sundaysky.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.theonion.com
x.bidswitch.net
x.kinja-static.com
xsync.iqzone.com
ads.brandcdn.com
c3.a-mo.net
capi.connatix.com
cks.connatix.com
csm.va.us.criteo.net
eus.rubiconproject.com
id.rtb.mx
id5-sync.com
imasdk.googleapis.com
match.adsby.bidtheatre.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
static.adsafeprotected.com
sync.srv.stackadapt.com
tagan.adlightning.com
tpc.googlesyndication.com
tps.doubleverify.com
vid.connatix.com
www.googletagservices.com
104.18.36.155
104.18.38.76
104.18.41.104
104.36.115.111
107.178.254.65
13.227.37.107
13.227.37.11
13.227.37.32
13.227.37.59
13.227.37.86
13.227.42.218
130.211.23.194
131.153.242.59
138.201.8.249
139.162.78.222
141.226.124.48
141.226.224.32
141.226.224.48
141.95.33.120
142.234.204.77
142.251.16.157
142.251.163.149
143.244.208.184
143.244.220.80
147.28.129.37
151.101.129.44
151.101.130.166
151.101.194.166
151.101.194.49
151.101.2.166
151.101.2.217
151.101.65.44
162.248.18.34
172.240.127.128
172.64.146.152
172.64.151.101
172.64.152.89
174.137.133.32
18.160.96.14
18.160.96.18
18.160.96.67
18.160.96.98
18.160.97.132
18.204.167.253
18.245.96.4
18.67.39.95
185.167.164.49
185.184.8.90
192.132.33.69
198.148.27.131
199.127.204.171
199.250.161.129
199.38.167.130
207.198.113.86
211.120.53.205
213.19.162.80
216.22.16.36
23.1.200.83
23.105.12.172
23.218.1.25
23.219.8.22
23.220.112.22
23.220.124.197
23.222.5.138
23.55.205.215
23.83.76.84
23.83.76.85
2600:1408:c400:29::17da:da4e
2600:1f18:4e9:5a02:2d35:9b03:a9f9:e139
2600:1f18:612b:4280:65cc:ec18:ffd9:693
2600:9000:2044:1000:8:48e:53c0:93a1
2600:9000:2044:7e00:1d:8c8c:47c0:93a1
2600:9000:21fa:400:18:1fcd:353:c61
2600:9000:21fa:ae00:1b:6b7d:2300:93a1
2600:9000:26c2:ac00:1a:5235:f980:93a1
2602:803:c002:200::52
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700:10::6816:4bd8
2606:4700:20::681a:832
2606:4700:20::ac43:4513
2606:4700:4400::6812:249b
2606:4700::6813:9e13
2606:ae80:1451:19::1400
2607:f8b0:4004:c07::84
2607:f8b0:4004:c09::63
2607:f8b0:4004:c09::64
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::84
2607:f8b0:4004:c1d::9b
2607:f8b0:4004:c1d::9d
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:1ec:21::14
2a02:6ea0:e200::2
2a04:4e42:400::485
3.138.212.158
3.214.33.241
3.215.27.95
3.220.202.247
3.222.15.142
3.223.198.8
3.229.230.187
3.234.8.37
34.111.113.62
34.117.239.71
34.117.77.79
34.120.155.137
34.192.242.192
34.200.65.202
34.202.199.100
34.204.239.76
34.225.57.219
34.231.249.50
34.234.39.43
34.235.189.242
34.236.96.120
34.86.30.129
34.98.64.218
35.174.214.9
35.186.193.173
35.194.66.159
35.207.24.140
35.208.249.213
35.211.178.172
35.211.233.246
35.211.5.82
35.214.220.104
35.227.252.103
35.244.154.8
35.244.193.51
35.71.131.137
35.71.139.29
37.157.6.243
38.98.69.175
40.76.134.238
44.193.54.186
44.205.97.183
5.161.92.137
51.222.239.230
51.68.39.188
52.2.49.56
52.22.32.84
52.22.94.120
52.45.97.77
52.46.130.91
54.147.116.174
54.165.15.229
54.174.197.164
54.198.207.123
54.204.169.211
54.230.202.117
54.243.45.130
63.251.28.233
63.251.86.49
63.251.86.50
64.74.236.223
67.202.105.22
67.202.105.33
67.202.105.34
67.220.224.150
68.67.160.75
69.166.1.34
74.119.119.150
74.121.140.211
8.18.47.7
8.28.7.105
8.28.7.81
8.28.7.82
8.28.7.83
8.43.72.97
8.43.72.98
82.145.213.8
016ca2c707d679a1067d9a03f1aa97132a3e03e917accebcf81b4dc35708a458
0524dcded63eccd463d0d55278aac4b899f01f74aa2fac895a3d125fbc53f176
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
062eeb2900fac188f1655ce2d021330e17315178949502e7f8a45e8c1baa1f3c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06de9f97775ad8ab1ff59b4513baffe9a5f968c5b6e86f753391482ccf07737c
071ce5423fca7948a1ab7cc4b23443dd6069e6799697e402b2b136d9e7348bef
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08fa7ff07736c62eb09f473459e4123d902f388debf370e10103f03ba3c61ec2
097df279a038302329698eb56e73a668ae250e85e0864f9a44bbfc4c8bc9bf53
0b4bd8a10e3c42db650d2b1de8861c1356ab421d4329b9b4a04aeab88349e01c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cdbc5bd805d3aebef161b31ce2e6fc79b2b8a14950833d62b975248f4ed9b30
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0ee729052c49b8104ebd6ec49249d6383a982afc8b1e08905f1f00ace536a62d
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
13f97430ec64942f6a1afc5a4df87459029c17aa0d3083ad0bc13e76f16c0a4f
149d9f8ecacdff4049f9f62b61e1676f4be10be551d02a91f3e95d6d7789e7d0
172fcbf830c923bc6f0f32a1f4209fb7a44a404109185507477e94b99bc6bacc
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a20771286b46a7107cee12cc5770e539d381b7d48b36c4e2724f8668e7f1300
1a92d33f554ce1738ba8de92d34c2e82eb9aa06f4c29a530e7fe5348954dee07
1ace9e08da91ddfaadf070b93307666c4bbdbe83b14c975d703bbe884ae90926
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1baccffab1dae5da4fccd3ccafb523b84920e32bf6997653188b940850822746
1cb46d6e5856d62d4b6ddec0111b874d5f8271a45cca47d79223894c0b9f523b
1df09d9c7cc7b35e4964773eb56e92a988fb114affe4d1599a2eb3815c5bc505
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f02bbb488437048485111d3ecdb1136fae1261e5ba9295f7cb08e6e81cee81a
1f885adfdf05b86debfe2203ee6ec28c8d60894680de9a7a4d971301b66e4089
1fc0e29f0364ed9462fd1d4a90916a58da3133b2bcf50cd2fb7cd32c21f2fb20
203377898c32d8acb925c909d57508c6b43b048b71f01b07c83e65819cbd0f71
2171f4898cf5a342218bb38818251331c858781fe4b1bcfe99eadaedd9c1a077
21a51bfa6dcd95b688f195e3290e70e30ab422101b86b5194143fb1aa364068e
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
2344d02f9553821a1a2c157f178ea59766ca0a789ddfcf64d6cb5423ccece952
23daa7b41d0b751075c80cfef447e6480be14ee5f8098018d4c9b7cf19464bbd
2537ea029ca31f11fcaf42d5374e9d41dd08a42de1d3377c6cd2b09f7c8b0617
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
270f9ef779c1eec63161e63a842f95578aee0ede1b4e25559346ec71478612f8
278297cb907ff7c5eb8f8444423995c281bc5fa6cf01ac31f5357e1dc3c25d1a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aafc3889b2ed0cdca5c90cd5369370bae84a7ca777e96fd082c7d4e9fc27ac6
2c046b4e1ab87d9dbc7a92d8e86464e63b3d2f8e3cbaeaa9d835df6ee11116a0
2dc9ce6ff07aa809dfdfad4e380d74ba7df1bcace68085a8ef1ac8b4ee785bae
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3
3158a62a353701d639f6613783a002ad5d51429634080717bf973e887b8685ce
32a4f630fcc22ae4d318d9d3a94ab47e165cb2026c21e58de13260c54d4eba74
331c47ff8e151f258db82054e6d8804270d2c0a86e16066c8088d81e3926a3a0
353c493b7ff3cc76c99b3fb094406e6536a6623344919dfa1f0f175c3bd2916c
35a39d00f9b922e1cf96f88e0cc7966e8612e707a282c25ef92cd5ad83473b62
37c39ff96587d3bbf3ff13d7e2d3d19ae903f54d90f2052efde272b8a47d1489
3808183c4e2a5463ca4622d4802e1c5ff8d668870a096ac90f281b886d6e0111
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
395f2986b57ba12fddd470c2e2336fb65faa8f063cc05d934ce02fb13f213768
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3de1d33981fc80635467bfb8114f5f80f4918fa95a1e06c2f7921f9fa4193adf
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fa6f549066891742de3426a34d3ed3936be8f7d64d0cc7bb0a878b81ba8cfe7
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4300454348aab742b1eff507c0bc32134b45a5d6aca003be799d9ff24af4a10d
4331bac2193cbde53c6e8bcd7f79ec503a4aec25a9eae47b557e4f118f5d2a9c
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
4382d9e0849ba6fdaf86d0a396112ab11aeaedbb8cee35bb4ea992d019df91f3
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
474e6165fcdc83e3fcc8a8b730b8dde0b7923ed7214b0558a7e60a6ced90cf51
484fa814e948a64ef999027bde96c0fdb6e86f9aaf0dd154e7599273888f8550
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4928e318e24ee71aea66837ef00ec4a702cb700147993ce527db8710222e16db
4aa1404542fa3f3e70d6da6348b75d0b621530c7a85b54eac5aa8939ccde43b7
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
4c7704d78689dfe9732f77c09a20be32dbd5ef48e20a0ae84b84ea1a155d454d
4c8e3116a2a89e1f2aeb829f9f6f5a846a1af34238435f7c80dff700787a4d03
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4d4c414236f823c70ca9fa12d8bbb8fbc0d01d1c592444921b8da61b63c05052
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2558431fa15502b287eaffaf838d80ecad4bfcd26ce1543bcb206ca98dcb83
4e26deffb409d54bad3ee0136cb720a41853e80674879efe763d44a80e079c2d
4edc4e8c804d59ff0dbb24ca8d4a6c9c4f25ed238e353426e6eaf7bcda88df3c
509a2ec1ee3e17a2bf5f4feeea4ee1e5df7bab4c4ce9161488b84cd7f63dd21a
50ddfaa97972ccc536bbdc78c73cf422dac3513d2ed5476d2313cc42fbd504e3
51d62eb6d89c9f6ed16b87ce68a3a41e613f5972048674b41a5441032a5596e8
52bc8e71a34490457c6bc6b85a7e4f737f0431abb69e535556d03e838b810f7b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556b62129d954b0d5b92c4f286ec0234774ac6d41353a3c84f8349fa94d88cf1
557f64e58e17972bffbe930e0534973a28d06da7e906ee34414a57d6cc245ccd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5615832edd5efee99f5672e79505a1da5c627a1f786664a395e47778d73a9f7e
56cbfeaf6b916df17ca63baa0025b3dce9fc10565aeb0227affe2313dd13566b
56f60a648c1abcdb64f36f865b3525220b9563f8f1c43592c69c63085bfe8ce4
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc
5e7e337e9b90ce3eae8fb267bbc624428a3d3e24b01f093176ad8790727e9e7a
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
607716b57e9c5de96b53cb52cd94f3c74b24e5e4823d362cac5bf70a401f1d6a
60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61a0a49fed8dff3a292570a50238b28b4e75e2c4774f495cb21bdeb294377877
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f205d98877a85268716f3dcd1e97cffe19d5859eefe913e78c5e0f0a9d0045
622fb51880ca649d2bec903515a6ce45ceb17a8b146b38f1909f08cc96874c8f
63710710890c4cb490bcbb990c93396d49f05cff1a2f7206d5de257107939d6b
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224
684b4de220f2acb97bbd72a8d06ad77da72693f611a47ada428892ba3018c9d8
6a114856b8ae7e3dd5a02c4bcf471490c75a5f65b8e7337b031d6e2b4166774b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d87c7ff3d2452025a212149a7dac507a9c36b0dcc9f851a52a29d2d87e8ba2b
6e1cf560a4e42b1321a32a04030dddb56c511f0e7493718f82cfd1797e5aa9a7
6e7942aa221892e56b1837e6bb5afb55e506674fdb8ecb2b050b2e1a790fe495
6f421c552d65985eb7aac481589739e5daccd391c3fc86bec7feb58a707415ff
70473dfc509c325ebee79d439e8745d52086498d1c9b6ff4d90a145d20a7f182
742bdcd300d7076fe7fffd2a846e4a47944030dfea4eabb1a93daf236bdb4782
770c54e33483d26e725d456097c1c217cf2f5bdc264909154b3306acd3380462
78061b1127990e3338eb0ff5ee53461fb891cba7a061f9d8ef40b9007097c6ea
79179643470fa1a743b7dcd5d6030abcd7a866096e14c1cadd2ee4c929705998
7d859e76d73706de9f095d64c96661bc4ffc6ffa530d1ff4a2b17f1e0cff4e78
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
831a98915018d82b1f5ad42ea26a21d6735519904083f12f726aba42a26dc508
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834d29860cd8d39d019f0cc928ebfd6338eb22bcc2297e8e79bd5b3c969b54ad
83992d5da583494b56f97997360b7299e8d666022125e0910d44fb765a7a227b
873a5fb0a14d5759711a125c703204285d64bad9c7f6edad4705c06b52070627
88471d15f60eec136453585139c166af06ca515ca762c03152689518280c02f5
88c5ec294f1f31163f92cca93ce7c0acebd116499b43ead97efe19b812d54a68
8912e79c8609fdcf93a01d14b236bc0b2d218bd54baa00b69913cb49ea10574f
89f3017808a34eae9f93255311f650f44f9e0c9822aed9a559fc1fa5d40bdf4c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c068fd489e64799a955f1824ba2a6f42c44a85b16ddc34161d164fd44de8798
8c869ba2797b1a98c006341a25955d42ff409bb8972087d28599b3da8781786f
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
8f20a93fbc70fc40c2069df18229a711f55dceebe4e72f9d04249651a7f45e0b
8f576c40868a28eca9cfd5800eb9d2d9015268284e273f8f36416fc439e8fbd8
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57
9368f4be08ed76f566a972f74f4bc578e2a2d7e8c73ecd6079fc94c06e80486e
9426567f042fca32ee04034ef8c83cf73aa1f698f8bf465a72671de0ecaaad74
9529c6bdf27ee2446076da0b13e38d192469f2f80516c45937d7bd58cb179ad5
95560376d46b2790b10aab9e36c0a21a9810db8a1e9d0e64ebd417e8880dfd40
96fe5e1e56545825d0ee77d3e90eb0ce75e211f61d8b97b9a85f151146fc1442
987fe342842bc4545e33dddba53fc214b1b848407b78317538dcf573fa0dae82
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a4a675c58ebdb96761ce6492beb887ce9cc56ad902827c7dca796681647add7
9a561acf20c80d0e93d0b51057c061a12d94df43993a673fbbd117da8619e435
9b3e7f6528c49730d8109c98014ee95a319a7d1d8a08cb6d4a268dd0918553c0
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9ddde0248526a92ea0f2a0c018a25d8a240df268917c78f95a0e5e1073762d8c
9f415e7fe835a3f7a109c97a300be83e41b0c880fd57914376c0b076b0b9eac3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a069e809c48101aeda9a13893abe9c256e8d578f2f86c5ea12c8b6fd47921da4
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a28be169c111af8675a138c4e226099eba702555ae08fae6c142e03565518380
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a34e54da294cc475dddd9b121c4dd80a3b9f83e7155bdd4940db4ca22d84296f
a37c8978b4c00a9e3f25003bee83309f9326266e56c66cebc59e9d35f5a36c4c
a51c8a7344ede4ea746cb64a64c59b6a81a898a408ad59a155f30054f02063a7
a5bbae3dc4e1dc5824980fa5b0e8ce31dab47be5dc372223ede505356e49c551
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af
a9cef0e53263ed2712ba268f8b6c9a38c5035a864f4d135eb9d0670f323facde
aa31830b2dc36140ffe78a4f5697e93bf8cb7b319804a0f355ad12e1039cbc00
aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0
aa5d358f6f6f121919bb293c3c01de8dccaa421eb7aa0ef0c28756fcad4865ac
ab31d60b13cb3e0a18ced391debe50c438dcaa463eca55182bd61c824ce30477
ab6de8eec44f4e06e08799f338541cc03952d7e2522ffd3f3b113a2c1a01cd14
ac53a487a5a797ab1fa012487604379c9efdca01255ec27e472d25b86fe91bf2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aeefd353988d08f93c9dd1bc556d25b6fd24ae82fcb01eb6ac0bd4710d3d63a1
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b434478154680177f290f57d45c6cd971cfd79eb8d4f02f8790be01a65aedf30
b58135e4d0d328264b9783a8dc11b875c3f2204279c44c9b6d2bf3d7b967e198
b9fc990d244876c09678eb4be0e873af04226c91b4db2f36abe17b0959d88896
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbdb3586b83110326038c2ce4b9b79f3a29f4367c78619ea9119731a9bf43339
bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9
bcd2ecc52ad0323b73c0a91a2bcbf3eb4fe807ead91cfa5304ee9321746c0ad6
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b98d95af25f18c7fe2c980e823c821e161c40b96a2eaeed91f7579079edec9
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c47e677440f4efdd47797b9bde0400163100ea387b2b8dbcb0e9d2c5e2f62a5a
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d
c5194891d3a8501374db8afe22463ed2a49fa28f22eaa4a1991d2e6e8a15191e
c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948
c7b739323f788f43777d94f5a11b01dfde61f9ff8233fd0ce5d9d50b36875c75
c847622dcd394c52fb223db6d11fa9a27587295977083c7062fec6546d2dfd57
ca0c978c9d8361a0509dad2dfac066d4a8968fc6a870bc893c4b5f40cff42419
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caf4b166e94b9c939010f51318063e5c7103009e583a1fc87179ffcd824acbe5
cc2c525e50d83e792fbe146f73c0079dae1f2b7d682c0af9377e02f7dc8cffa7
cc506729f014f30687aae69291ad69d82c3e0c1a0cfbf5cf373021915464babf
ccd931efe34c55c8b9fbf7856a3444dc97eee814eab4c70ac03ec717f5b9eba9
ccedd771010e2ec3efa4628ba8662f67cb82cbedd83280325d89efd345be9bef
cd1ec5146dd8f3ab0ac4dff49a93b4fcac01e754731583813f1bfbb0560fd36d
ce81f57503c905f9a9447a54c86bcc4db53bbef21aa33167a12fb2a9cff641c5
cf192a93a0826875d80ff216dfea7b9b3490d74f2086d78a1da6c18d49ea2902
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0ab01d6625b0bfeefdb912790a26aa0fb117deb0b70add3fc4b616a23981242
d3e6ff2649ac9a0611e35d957b3a5b693d0efb3a53c2ebe79e990f178a7e5768
d444c6857c7f163cc89eb91f9de7ccd7d038e8c2619d4d92d6d508ec285a1fe8
d523aae1d54605fc3dabf35448e4e4892eaefacaa33f086943d8b9aedd9c9f36
d701190a502bc9725aab905fe64e7a49570dbb131b4f6d731ab295e7d427240d
d7aeb680d9acf5df26c086e9378cd53d738b9c4a8ed89e377121aaf505450daa
d7e4cf3dd30fac57a705ee8df812906fb953e1108ee1d3340c0bf724417ab7df
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9de0fd013e4116ba8319df093bd09ec00badec0c95a758034e7faab0f1bbf21
da2086b575813b2305cccda2cd13e026bb10db9b0b8ad9a8052c154c2909c7b9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dfee1bd52507e6079bb03907bc1e69549698bbbcd4b48ee20abffee59c3130fc
e15e5e1952863ef4da5019b170e2ef4a9d4278ff616864406716a736a07fb1ae
e1f0728328ae09106675fbd2fa05550c000a40224c84fd28852bbb0cc8ff4476
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e600bcf2ed8f86a2a1ed40e71039df73a9bbd9800fcac01d960f0a133521f660
e996a0721e504efb3a2614ffebf96811dc56a2cb84a585ae495d146f8e43035c
ebecabde36c90a8dd9a2f347e1e633087b143ba28dcacdf58528da0b26cb5791
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef673ac1a0f4fedbcd42ebefaa3b9100bb9b543212b57137d2864286fe65db60
f1e50535cd96094998245d0149c8eaf14e51fcd01a9b1286936ef2754b282823
f2282de7dd39d50d8442171f6a65c3baf5ac1cb7ced8986e90969401220833cc
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7ad86eb2db9f006202c8689b6d2f22bdeb8a1291d1b86a808f3b1b0769b58b4
f9707f772e8ea465acee8bfd60b35241df73313ab22bd6b10f8370af296a3789
f9b3f4197084bab71820a0b8a569778cac6ce5dd6075726af7de203b50d9b39f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc608606b53623af920655dd801792521e635e868116cf97cfefc10d26fbec3f
fe00702e6401e80739fb894ce02be75ebbcee8712342cbc37a7571affbfca3e7
fe4221ba4181eca679b6187e1213974a368bcfb7be758a835927180ee864fd02
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1