URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Submission: On October 18 via manual from GB — Scanned from GB

Summary

This website contacted 105 IPs in 12 countries across 90 domains to perform 330 HTTP transactions. The main IP is 162.159.136.54, located in and belongs to CLOUDFLARENET, US. The main domain is tribuneonlineng.com. The Cisco Umbrella rank of the primary domain is 587598.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 6th 2023. Valid for: a year.
This is the only time tribuneonlineng.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
60 162.159.136.54 13335 (CLOUDFLAR...)
12 192.0.77.37 2635 (AUTOMATTIC)
5 2a00:1450:400... 15169 (GOOGLE)
4 3.216.243.137 14618 (AMAZON-AES)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
4 2a02:6ea0:c70... 60068 (CDN77 ^_^)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 212.8.250.228 49981 (WORLDSTREAM)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
13 2606:4700:1::... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:211... 16509 (AMAZON-02)
1 54.38.64.100 16276 (OVH)
1 2.16.238.155 20940 (AKAMAI-ASN1)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 145.239.192.166 16276 (OVH)
2 51.89.9.251 16276 (OVH)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 99.80.145.6 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 65.9.7.141 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
10 192.0.77.2 2635 (AUTOMATTIC)
2 161.35.253.218 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
12 2001:4860:480... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 52.222.208.154 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 23.60.204.187 16625 (AKAMAI-AS)
6 88.221.169.246 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
9 10 172.217.18.2 15169 (GOOGLE)
2 54.234.151.247 14618 (AMAZON-AES)
5 2.19.105.180 16625 (AKAMAI-AS)
2 23.20.158.212 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 44.195.196.139 14618 (AMAZON-AES)
1 162.19.138.119 16276 (OVH)
1 3.64.168.81 16509 (AMAZON-02)
1 54.246.145.100 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.213.152.153 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 99.86.4.30 16509 (AMAZON-02)
1 52.222.253.136 16509 (AMAZON-02)
4 23.57.19.78 16625 (AKAMAI-AS)
1 65.9.66.122 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 69.173.144.165 26667 (RUBICONPR...)
2 99.81.194.117 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 13 67.220.228.200 16509 (AMAZON-02)
7 8 3.126.125.13 16509 (AMAZON-02)
2 2 35.214.232.33 15169 (GOOGLE)
4 4 46.228.174.117 56396 (AMOBEE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
6 6 52.211.174.80 16509 (AMAZON-02)
2 209.54.182.161 16509 (AMAZON-02)
5 5 64.202.112.223 23352 (SERVERCEN...)
3 3 64.202.112.159 22075 (AS-OUTBRAIN)
2 5 34.98.64.218 396982 (GOOGLE-CL...)
5 5 185.89.211.116 29990 (ASN-APPNEX)
2 54.72.115.16 16509 (AMAZON-02)
2 9 104.18.26.193 13335 (CLOUDFLAR...)
2 185.86.138.151 201081 (SMARTADSE...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 76.223.111.18 16509 (AMAZON-02)
1 4 198.47.127.19 62713 (AS-PUBMATIC)
9 52.210.15.1 16509 (AMAZON-02)
1 1 35.210.239.72 15169 (GOOGLE)
2 2 52.71.211.164 14618 (AMAZON-AES)
2 2a05:d018:d29... 16509 (AMAZON-02)
1 1 52.72.239.170 14618 (AMAZON-AES)
1 8.18.47.7 398989 (DEEPINTENT)
1 54.77.169.39 16509 (AMAZON-02)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
5 6 37.157.6.233 198622 (ADFORM)
3 4 151.101.66.49 54113 (FASTLY)
4 3.33.220.150 16509 (AMAZON-02)
1 1 124.146.153.167 2514 (INFOSPHER...)
2 3 185.184.8.90 204995 (RTB-HOUSE...)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 52.211.152.111 16509 (AMAZON-02)
13 185.64.191.210 62713 (AS-PUBMATIC)
1 34.91.62.186 396982 (GOOGLE-CL...)
1 2 54.194.110.112 16509 (AMAZON-02)
1 1 3.126.233.203 16509 (AMAZON-02)
1 198.47.127.20 62713 (AS-PUBMATIC)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 77.243.51.121 42697 (NETIC-AS)
1 2 50.57.31.206 ()
2 2 141.94.171.215 16276 (OVH)
2 2 18.198.69.109 16509 (AMAZON-02)
1 3.75.62.37 16509 (AMAZON-02)
2 2 31.172.81.160 44066 (DE-FIRSTC...)
1 1 185.86.138.150 201081 (SMARTADSE...)
1 1 82.145.213.8 39832 (NO-OPERA)
1 98.98.134.243 21859 (ZEN-ECN)
2 37.157.3.20 198622 (ADFORM)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 104.26.9.178 13335 (CLOUDFLAR...)
1 185.89.210.101 29990 (ASN-APPNEX)
1 5.196.111.64 16276 (OVH)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2602:803:c003... 26667 (RUBICONPR...)
1 145.40.97.66 54825 (PACKET)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.95.69.49 ()
330 105
Apex Domain
Subdomains
Transfer
60 tribuneonlineng.com
tribuneonlineng.com — Cisco Umbrella Rank: 587598
2 MB
24 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 588
image6.pubmatic.com — Cisco Umbrella Rank: 967
image2.pubmatic.com — Cisco Umbrella Rank: 1116
simage2.pubmatic.com — Cisco Umbrella Rank: 959
simage4.pubmatic.com — Cisco Umbrella Rank: 1354
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
176 KB
24 wp.com
c0.wp.com — Cisco Umbrella Rank: 8787
stats.wp.com — Cisco Umbrella Rank: 3047
i0.wp.com — Cisco Umbrella Rank: 4163
pixel.wp.com — Cisco Umbrella Rank: 2968
100 KB
20 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
85 KB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
pubads.g.doubleclick.net — Cisco Umbrella Rank: 412
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
313 KB
13 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
22 KB
13 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8274
c.mgid.com — Cisco Umbrella Rank: 6300
cdn.mgid.com — Cisco Umbrella Rank: 11030
servicer.mgid.com — Cisco Umbrella Rank: 8270
s-img.mgid.com — Cisco Umbrella Rank: 7951
cm.mgid.com — Cisco Umbrella Rank: 1418
175 KB
12 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1191
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
38 KB
12 pixfuture.com
cdn.pixfuture.com — Cisco Umbrella Rank: 51454
served-by.pixfuture.com — Cisco Umbrella Rank: 48229
922 KB
11 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1656
usersync.gumgum.com — Cisco Umbrella Rank: 2253
4 KB
9 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
dsum.casalemedia.com — Cisco Umbrella Rank: 1698
htlb.casalemedia.com
5 KB
8 adform.net
c1.adform.net — Cisco Umbrella Rank: 643
dmp.adform.net — Cisco Umbrella Rank: 3616
adx.adform.net — Cisco Umbrella Rank: 4617
4 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
2 KB
7 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3294
test.cmp.quantcast.com — Cisco Umbrella Rank: 11071
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12881
197 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 624
3 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3981
onesignal.com — Cisco Umbrella Rank: 1303
img.onesignal.com — Cisco Umbrella Rank: 7889
92 KB
6 powerad.ai
powerad.ai — Cisco Umbrella Rank: 21673
reporting.powerad.ai — Cisco Umbrella Rank: 23478
50 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
secure.adnxs.com — Cisco Umbrella Rank: 542
4 KB
5 openx.net
u.openx.net — Cisco Umbrella Rank: 739
us-u.openx.net — Cisco Umbrella Rank: 547
setupad-d.openx.net — Cisco Umbrella Rank: 55157
1 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 637
2 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
412 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2979
3 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
593 B
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
1 KB
4 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898
prg.smartadserver.com — Cisco Umbrella Rank: 1721
1 KB
4 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3029
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 6391
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4048
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3968
784 B
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1235
104 KB
4 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3127
mwzeom.zeotap.com — Cisco Umbrella Rank: 3540
21 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
dis.criteo.com — Cisco Umbrella Rank: 648
widget.us.criteo.com — Cisco Umbrella Rank: 25599
bidder.criteo.com — Cisco Umbrella Rank: 895
1 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
ajax.googleapis.com — Cisco Umbrella Rank: 405
imasdk.googleapis.com — Cisco Umbrella Rank: 498
156 KB
4 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 39785
212 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1696
mp.4dex.io — Cisco Umbrella Rank: 2423
26 KB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1270
uipus.semasio.net
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27465
898 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 646
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7541
882 B
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
976 B
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 900
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
2 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2033
a.ad.gt — Cisco Umbrella Rank: 2191
4 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
13 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 470
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
60 KB
2 clean.gg
i.clean.gg
104 B
2 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 42223
1 KB
2 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3932
1 KB
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 31389
2 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3315
925 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 242
2 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 602
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 434
749 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
952 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
461 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 587
917 B
2 brainlyads.com
hb.brainlyads.com — Cisco Umbrella Rank: 4827
209 KB
2 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3286
515 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
664 B
2 pbstck.com
boot.pbstck.com — Cisco Umbrella Rank: 8069
cdn.pbstck.com — Cisco Umbrella Rank: 8976
18 KB
2 cpx.to
p.cpx.to — Cisco Umbrella Rank: 10542
5 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1348
cms.quantserve.com — Cisco Umbrella Rank: 929
10 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
963 B
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
184 KB
2 ebxcdn.com
applets.ebxcdn.com — Cisco Umbrella Rank: 12233
3 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2049
46 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
278 B
1 adnxs-simple.com
ib.adnxs-simple.com — Cisco Umbrella Rank: 9719
615 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 847
187 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2092
553 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
524 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6982
344 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
612 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1247
695 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 761
199 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1171
339 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1089
465 B
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5251
238 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
483 B
1 imghosts.com
cl.imghosts.com — Cisco Umbrella Rank: 10872
295 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2088
10 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1113
7 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 42072
925 B
1 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 19437
3 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1263
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
29 KB
1 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 44213
138 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 41739
6 KB
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 10126
37 KB
1 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 36188
281 B
1 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 32194
8 KB
330 90
Domain Requested by
60 tribuneonlineng.com tribuneonlineng.com
13 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
ssum-sec.casalemedia.com
12 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
12 c0.wp.com tribuneonlineng.com
10 cm.g.doubleclick.net 9 redirects rtb.gumgum.com
10 i0.wp.com tribuneonlineng.com
10 cdn.pixfuture.com tribuneonlineng.com
cdn.pixfuture.com
static.cloudflareinsights.com
9 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
8 simage2.pubmatic.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
8 x.bidswitch.net 7 redirects rtb.gumgum.com
6 match.prod.bidr.io 6 redirects
6 eus.rubiconproject.com tribuneonlineng.com
eus.rubiconproject.com
aax-eu.amazon-adsystem.com
rtb.gumgum.com
5 image2.pubmatic.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 b1sync.zemanta.com 5 redirects
5 s-img.mgid.com tribuneonlineng.com
5 ads.pubmatic.com tribuneonlineng.com
jsc.mgid.com
aax-eu.amazon-adsystem.com
rtb.gumgum.com
5 cmp.quantcast.com tribuneonlineng.com
cmp.quantcast.com
5 www.googletagmanager.com tribuneonlineng.com
www.googletagmanager.com
powerad.ai
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 a.audrte.com 3 redirects aax-eu.amazon-adsystem.com
4 match.adsrvr.org rtb.gumgum.com
aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 secure.cdn.fastclick.net tribuneonlineng.com
secure.cdn.fastclick.net
4 ads.themoneytizer.com tribuneonlineng.com
ads.themoneytizer.com
4 powerad.ai tribuneonlineng.com
powerad.ai
3 secure.adnxs.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
3 u.openx.net 2 redirects aax-eu.amazon-adsystem.com
3 sync.outbrain.com 3 redirects
3 sync.1rx.io 3 redirects
3 token.rubiconproject.com eus.rubiconproject.com
3 c.amazon-adsystem.com tribuneonlineng.com
c.amazon-adsystem.com
3 onesignal.com cdn.onesignal.com
3 securepubads.g.doubleclick.net tribuneonlineng.com
securepubads.g.doubleclick.net
www.googletagservices.com
2 i.clean.gg cadmus.script.ac
2 prebid-stag.setupad.net stpd.cloud
2 script.4dex.io stpd.cloud
script.4dex.io
2 adx.adform.net stpd.cloud
2 sync.bumlam.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 uipus.semasio.net 1 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 cr.frontend.weborama.fr 2 redirects
2 creativecdn.com 2 redirects
2 bh.contextweb.com 2 redirects
2 pr-bh.ybp.yahoo.com rtb.gumgum.com
2 sync.srv.stackadapt.com 2 redirects
2 eb2.3lift.com 2 redirects
2 ssbsync.smartadserver.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
2 rtb.gumgum.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
2 ib.adnxs.com 2 redirects
2 s.amazon-adsystem.com aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
2 ad.turn.com 2 redirects
2 csync.loopme.me 2 redirects
2 id.hadron.ad.gt cdn.hadronid.net
2 cm.mgid.com jsc.mgid.com
2 cdn.id5-sync.com tribuneonlineng.com
jsc.mgid.com
2 cdn.mgid.com tribuneonlineng.com
2 aa.agkn.com cdn.pixfuture.com
2 hb.brainlyads.com powerad.ai
tribuneonlineng.com
2 reporting.powerad.ai powerad.ai
2 mwzeom.zeotap.com tribuneonlineng.com
2 secure-assets.rubiconproject.com 2 redirects
2 www.google.co.uk tribuneonlineng.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 served-by.pixfuture.com cdn.pixfuture.com
2 p.cpx.to ads.themoneytizer.com
powerad.ai
2 onetag-sys.com ads.themoneytizer.com
aax-eu.amazon-adsystem.com
2 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
2 fonts.googleapis.com tribuneonlineng.com
cdn.pixfuture.com
2 cdn.onesignal.com tribuneonlineng.com
cdn.onesignal.com
2 jsc.mgid.com tribuneonlineng.com
jsc.mgid.com
2 pagead2.googlesyndication.com tribuneonlineng.com
pagead2.googlesyndication.com
2 applets.ebxcdn.com tribuneonlineng.com
applets.ebxcdn.com
1 cadmus.script.ac script.4dex.io
1 bidder.criteo.com stpd.cloud
1 mp.4dex.io stpd.cloud
1 prebid-eu.creativecdn.com stpd.cloud
1 prebid.a-mo.net stpd.cloud
1 htlb.casalemedia.com stpd.cloud
1 fastlane.rubiconproject.com stpd.cloud
1 setupad-d.openx.net stpd.cloud
1 web.hb.ad.cpe.dotomi.com stpd.cloud
1 hbopenbid.pubmatic.com stpd.cloud
1 prg.smartadserver.com stpd.cloud
1 ib.adnxs-simple.com stpd.cloud
1 pubmatic-match.dotomi.com
1 pixel-sync.sitescout.com
1 t.adx.opera.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 ups.analytics.yahoo.com
1 uipglob.semasio.net 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 um.simpli.fi aax-eu.amazon-adsystem.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr aax-eu.amazon-adsystem.com
1 sync.crwdcntrl.net aax-eu.amazon-adsystem.com
1 widget.us.criteo.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 tg.socdm.com 1 redirects
1 ad.360yield.com rtb.gumgum.com
1 match.deepintent.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 us-u.openx.net rtb.gumgum.com
1 u.ipw.metadsp.co.uk 1 redirects
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 sync.targeting.unrulymedia.com 1 redirects
1 a.ad.gt cdn.hadronid.net
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cl.imghosts.com tribuneonlineng.com
1 cdn.hadronid.net tribuneonlineng.com
1 tags.crwdcntrl.net tribuneonlineng.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 servicer.mgid.com jsc.mgid.com
1 static.cloudflareinsights.com cdn.pixfuture.com
1 imasdk.googleapis.com cdn.pixfuture.com
1 img.onesignal.com tribuneonlineng.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 id5-sync.com tribuneonlineng.com
1 pixel.zprk.io powerad.ai
1 www.google.com tribuneonlineng.com
1 c.mgid.com tribuneonlineng.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 test.cmp.quantcast.com cmp.quantcast.com
1 rules.quantcount.com secure.quantserve.com
1 www.googletagservices.com tribuneonlineng.com
1 cdn.pbstck.com boot.pbstck.com
1 region1.analytics.google.com www.googletagmanager.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 stpd.cloud tribuneonlineng.com
1 pixel.wp.com tribuneonlineng.com
1 pubads.g.doubleclick.net tribuneonlineng.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 boot.pbstck.com ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 c.tmyzer.com ads.themoneytizer.com
1 stats.wp.com tribuneonlineng.com
1 ad.vidverto.io tribuneonlineng.com
330 153
Subject Issuer Validity Valid
tribuneonlineng.com
Cloudflare Inc ECC CA-3
2023-09-06 -
2024-09-04
a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
powerad.ai
Amazon RSA 2048 M01
2023-05-29 -
2024-06-26
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-23 -
2024-03-21
a year crt.sh
1266287590.rsc.cdn77.org
R3
2023-09-27 -
2023-12-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
ad.vidverto.io
R3
2023-09-24 -
2023-12-23
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
cmp.quantcast.com
R3
2023-08-29 -
2023-11-27
3 months crt.sh
c.tmyzer.com
R3
2023-09-22 -
2023-12-21
3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1
2023-07-14 -
2024-07-17
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2
2023-08-30 -
2024-09-11
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
quantserve.com
R3
2023-08-29 -
2023-11-27
3 months crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2023-01-12 -
2024-01-13
a year crt.sh
pbstck.com
Cloudflare Inc ECC CA-3
2023-06-04 -
2024-06-03
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-01 -
2023-12-03
a year crt.sh
stpd.cloud
E1
2023-08-20 -
2023-11-18
3 months crt.sh
www.google.co.uk
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
*.powerad.ai
Go Daddy Secure Certificate Authority - G2
2023-08-13 -
2024-09-13
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
hb.brainlyads.com
Go Daddy Secure Certificate Authority - G2
2022-11-23 -
2023-12-25
a year crt.sh
www.google.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
*.zprk.io
Amazon RSA 2048 M03
2023-09-19 -
2024-10-17
a year crt.sh
*.id5-sync.com
R3
2023-09-01 -
2023-11-30
3 months crt.sh
*.adleadevent.com
Amazon RSA 2048 M01
2023-06-27 -
2024-07-25
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-07 -
2024-09-29
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2023-10-03 -
2024-10-03
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
hadronid.net
GTS CA 1P5
2023-10-05 -
2024-01-03
3 months crt.sh
cl.imghosts.com
Cloudflare Inc ECC CA-3
2023-10-03 -
2024-10-02
a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-06-09 -
2024-07-10
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-06-21 -
2024-03-02
8 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01
2023-07-17 -
2024-08-14
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-08-15 -
2024-09-15
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-29 -
2024-02-21
6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-11-30 -
2024-01-01
a year crt.sh
*.360yield.com
Amazon RSA 2048 M01
2023-05-29 -
2024-06-26
a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02
2023-02-08 -
2024-02-15
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-01 -
2023-12-02
3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-03 -
2024-02-19
a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-11 -
2024-09-11
a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-01-09 -
2024-02-02
a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2022-11-23 -
2023-11-22
a year crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018
2023-02-27 -
2024-03-29
a year crt.sh
*.a-mo.net
R3
2023-10-06 -
2024-01-04
3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2023-03-29 -
2024-04-28
a year crt.sh
cadmus.script.ac
E1
2023-09-02 -
2023-12-01
3 months crt.sh
i.clean.gg
GTS CA 1D4
2023-09-17 -
2023-12-16
3 months crt.sh

This page contains 43 frames:

Primary Page: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Frame ID: FF63B16E24A98F86DBC9CDB19C522617
Requests: 194 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1697637038327
Frame ID: AF1BEEC3BACE013791850D5C6B2EF683
Requests: 1 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 57738287F1D1943EB64F7370E843A6AB
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: BECDA7A9BBA71AF63F94936AEE25954A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 601B9A691C55C53D3C27DDF5357F78AD
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: BEFBC007C9A338A3BBAD830417773BDE
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: B26D5475A4D6D2CD073DB520E527E571
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/pixf_sync.html
Frame ID: ECC55933DF572F597F0959988B2BE16C
Requests: 3 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1697637039961190273309&uspString=1---
Frame ID: F6FB7BE64A85C97E3518ECB0D1F3454A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&dcc=t
Frame ID: DEFB3DD72CDD76A7F6358A77D2343681
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: F363C0D60513DEBC46057DC3D1C3A1F7
Requests: 7 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 16D5AE53D50E5EB6DEAA58577B2088AB
Requests: 13 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 46DCEBFAA6290023DBA08D7E322064CC
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 335157FEF00785E3090B853E1DF38C1A
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=2
Frame ID: AFFEF44B7F12A34A44CA967DE2972761
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: E6FE773B92FE0D0AB98B1C20EEF9A35C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 5D85E1572056DB40770EC3B8427FB183
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: 5AA4CCF897CA51EEFAA66623A665D9AE
Requests: 3 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=3962086127277227103266
Frame ID: F435D78EBDF0A1F7A4ABBD14F439DBA9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=7023358037088889874&gdpr=&gdpr_consent=
Frame ID: 6922FE93AC80897823C58178ACC88365
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZS-isAAAWmpqhAA5&gdpr=&gdpr_consent=&_test=ZS-isAAAWmpqhAA5
Frame ID: 05E8DE8EB2ADA9BFE33E64B68F8F9EFE
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85YmMxNzg5Zi04ZjZjLTQ0YjUtYTNhNi05Y2E5YzRmODRiMmI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 5B89003FC2D9FDAF1571C6C71BCE84DC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 438A74B4F0972F73FE116F22970EFA05
Requests: 5 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 6DBE6AEBF8ED9C6F2546E7EB71D076D5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZS-iscCo8X4AAK6nrEAAAAAA
Frame ID: A72E338882D7F96B8904D8852973D415
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=eMia2WblL48GIZoEfPdd&pi=gumgum&tc=1
Frame ID: 973544FF3D4FF7227CA5E4A68D23FDDB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: C4786DBFCD4E3475CB2CFE5011C8DB76
Requests: 3 HTTP requests in this frame

Frame: https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 827116F4E057F570A7F4D6588517D3E6
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID148EC3A0-1308-44CB-8FA8-407D97186EFB
Frame ID: A1E27CF80004C303CE40249769AB6780
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=148EC3A0-1308-44CB-8FA8-407D97186EFB&gdpr=0&gdpr_consent=
Frame ID: 4F58286CD01D0BCA9DA91D7ED43E8994
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=148EC3A0-1308-44CB-8FA8-407D97186EFB&redir=true&gdpr=0&gdpr_consent=
Frame ID: 0FDA711F6B934AC410A2109659A23F2E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YH9mfjN4Nit7KTAgYit5ezd4bSl7eTZ-NyivFRzL
Frame ID: 0FF94FE7F251435D20C7BA5607626EBC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8807342979975854936&gdpr=0&gdpr_consent=
Frame ID: 1AD780BBE4FB1B70274E6910B3ACFB9F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7291295580186998923&gdpr=0&gdpr_consent=
Frame ID: EBD4FEF737585D75D3727210E6BFA81D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID148EC3A0-1308-44CB-8FA8-407D97186EFB
Frame ID: F1D576ABEDE17F70C723B72DE0CFF68B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: CF9D2E9F29CF3D0A739A4B86807AA51D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FGHNDo15WyJ0HjlPtoKovAW7FWk&gdpr=0&gdpr_consent=
Frame ID: 05FA48E15D2D69CABB657EE494B5F7A1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 8C7304221D516F00562F124C86C1C5DE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: D6B418E22EA91C0A7E18AC77E93E1F8C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: ECFB11884E7403915872D50F4B281A55
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADhg07KX8UAABisnIkiMA&gdpr=0&gdpr_consent=
Frame ID: BDF56031F99D21EF30B80F5E62BEBCCF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU874e9e9b6b7c47ef990079a23d13e11d
Frame ID: 7AE821D9A138F2C828494EE11FB8FC26
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=148EC3A0-1308-44CB-8FA8-407D97186EFB
Frame ID: 9DC1006754846AC70FB7B84CA998BC91
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Leaked s3x video: Why I agreed to film  intimate moment with ex-partner — Moyo Lawal 

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

330
Requests

91 %
HTTPS

34 %
IPv6

90
Domains

153
Subdomains

105
IPs

12
Countries

5920 kB
Transfer

13544 kB
Size

101
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 133
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e6013824-dc8b-4125-4efd-92bb4888f0b2&reqId=d0cd0c83-2a2c-46ac-5a1c-60d9c29a7ecb&zdid=1258 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e6013824-dc8b-4125-4efd-92bb4888f0b2&reqId=d0cd0c83-2a2c-46ac-5a1c-60d9c29a7ecb&zdid=1258&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHLTGm23u7BLbJieDVp-R8U&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e6013824-dc8b-4125-4efd-92bb4888f0b2&reqId=d0cd0c83-2a2c-46ac-5a1c-60d9c29a7ecb&zdid=1258
Request Chain 210
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&dcc=t
Request Chain 215
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=c54be2b9-40c9-4434-abd4-909b9f5bd618
Request Chain 216
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D HTTP 307
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=6008a5bd-a699-45ac-abcc-7994dcf3b75c
Request Chain 217
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1697637040676 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5036711212 HTTP 302
  • https://sync.1rx.io/usersync/turn/7265569487072127626?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-85d63b52-dbb3-44b1-b388-d84c7c4dbc52-003?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-85d63b52-dbb3-44b1-b388-d84c7c4dbc52-003 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-85d63b52-dbb3-44b1-b388-d84c7c4dbc52-003
Request Chain 218
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AADhg07KX8UAABisnIkiMA&ex=beeswax.com
Request Chain 220
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
  • https://sync.outbrain.com/sync-external?uid=ZO5tUoutOsDgfTqczmuQ&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6YLBPAWWK5JOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPOMXWKY3NGM7WK6B5N52XIYTSMFUW4LTDN5WSM2LEHVNE6NLUKVXXK5CPONCGOZSUOFRXU3LVKE HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS6YLBPAWWK5JOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPOMXWKY3NGM7WK6B5N52XIYTSMFUW4LTDN5WSM2LEHVNE6NLUKVXXK5CPONCGOZSUOFRXU3LVKE%26p%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Ds2s%26obUid%3DgM4jtMKScUM3S6cXRf74vImqIouNKkT8tSozbvZVGZaeQL2_T_QWUwJ6XhT4T5OU%26uid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS6YLBPAWWK5JOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPOMXWKY3NGM7WK6B5N52XIYTSMFUW4LTDN5WSM2LEHVNE6NLUKVXXK5CPONCGOZSUOFRXU3LVKE%26p%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Ds2s%26obUid%3DgM4jtMKScUM3S6cXRf74vImqIouNKkT8tSozbvZVGZaeQL2_T_QWUwJ6XhT4T5OU%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6YLBPAWWK5JOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPOMXWKY3NGM7WK6B5N52XIYTSMFUW4LTDN5WSM2LEHVNE6NLUKVXXK5CPONCGOZSUOFRXU3LVKE&p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s&obUid=gM4jtMKScUM3S6cXRf74vImqIouNKkT8tSozbvZVGZaeQL2_T_QWUwJ6XhT4T5OU&uid=829551bf-cb77-42c1-9801-69088afcd853 HTTP 302
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6YLBPAWWK5JOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPOMXWKY3NGM7WK6B5N52XIYTSMFUW4LTDN5WSM2LEHVNE6NLUKVXXK5CPONCGOZSUOFRXU3LVKE&p=appnexus&uid=$UID&obUid=gM4jtMKScUM3S6cXRf74vImqIouNKkT8tSozbvZVGZaeQL2_T_QWUwJ6XhT4T5OU&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https://b1sync.zemanta.com/usersync/amazon_tam/callback/?d=NB2HI4DTHIXS6YLBPAWWK5JOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPOMXWKY3NGM7WK6B5N52XIYTSMFUW4LTDN5WSM2LEHVNE6NLUKVXXK5CPONCGOZSUOFRXU3LVKE&p=appnexus&uid=8807342979975854936&obUid=gM4jtMKScUM3S6cXRf74vImqIouNKkT8tSozbvZVGZaeQL2_T_QWUwJ6XhT4T5OU&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/callback/?d=NB2HI4DTHIXS6YLBPAWWK5JOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPOMXWKY3NGM7WK6B5N52XIYTSMFUW4LTDN5WSM2LEHVNE6NLUKVXXK5CPONCGOZSUOFRXU3LVKE HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=ZO5tUoutOsDgfTqczmuQ
Request Chain 222
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 228
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=3962086127277227103266
Request Chain 231
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=8807342979975854936
Request Chain 232
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9bc1789f-8f6c-44b5-a3a6-9ca9c4f84b2b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=c54be2b9-40c9-4434-abd4-909b9f5bd618
Request Chain 234
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1461cd0e-8d79-5b22-741e-394fb682a8bc$ip$5.187.21.105
Request Chain 236
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=190fb1c3-dc6e-47b8-b240-afafbdfa72f3
Request Chain 238
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9bc1789f-8f6c-44b5-a3a6-9ca9c4f84b2b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 240
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=3oaDtuWQGQUr&ev=1&pid=558355
Request Chain 243
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=7023358037088889874&gdpr=&gdpr_consent=
Request Chain 244
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZS-isAAAWmpqhAA5 HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZS-isAAAWmpqhAA5&gdpr=&gdpr_consent=&_test=ZS-isAAAWmpqhAA5
Request Chain 248
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZS-iscCo8X4AAK6nrEAAAAAA
Request Chain 249
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=eMia2WblL48GIZoEfPdd&pi=gumgum&tc=1
Request Chain 250
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 252
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FI7DoBMIRMuPqEB9lxhu-w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 256
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1222064435 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=148EC3A0-1308-44CB-8FA8-407D97186EFB
Request Chain 257
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=148EC3A0-1308-44CB-8FA8-407D97186EFB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YjY3cjI5TGtTTi1SMWltdTZPOHZXWWxadw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7023358037088889874&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTQ4RUMzQTAtMTMwOC00NENCLThGQTgtNDA3RDk3MTg2RUZC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEl-YjZSmfsKcJxXev-iKqM&google_cver=1
Request Chain 261
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5873520761298104872
Request Chain 264
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZS-isJO-pZVJBnzGmtmEYAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO9TGOUB1miCoRZ5P8vODS8&google_cver=1
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZS_isJO_pZVJBnzGmtmEYAAABCUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGzbsQ7K5Q_qGxvOShg46EQ&google_cver=1
Request Chain 268
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8807342979975854936
Request Chain 269
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZS-isJO-pZVJBnzGmtmEYAAA%261061?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZS-isJO-pZVJBnzGmtmEYAAA%261061
Request Chain 270
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZS-isAAAWmpqhAA5
Request Chain 271
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_dae5f583-e48a-4745-88fe-dd60be7e9181&bsw_param=c54be2b9-40c9-4434-abd4-909b9f5bd618&expires=10&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=&gdpr_consent=&us_privacy=
Request Chain 290
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YH9mfjN4Nit7KTAgYit5ezd4bSl7eTZ-NyivFRzL
Request Chain 291
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8807342979975854936&gdpr=0&gdpr_consent=
Request Chain 292
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7291295580186998923&gdpr=0&gdpr_consent=
Request Chain 295
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=148EC3A0-1308-44CB-8FA8-407D97186EFB&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipus.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=148EC3A0-1308-44CB-8FA8-407D97186EFB&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipus.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=148EC3A0-1308-44CB-8FA8-407D97186EFB&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 296
  • https://pixel.onaudience.com/?partner=214&mapped=148EC3A0-1308-44CB-8FA8-407D97186EFB&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=d4654c2a9ba2b4e7022e31e014fd7f1a&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 300
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARi0xb-pBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEFUyV2ptvRHuhuAAJZDAZHyqAQhwdWJtYXRpY7IBJGM1NGJlMmI5LTQwYzktNDQzNC1hYmQ0LTkwOWI5ZjViZDYxOA** HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=5532576a-6dbd-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=c54be2b9-40c9-4434-abd4-909b9f5bd618 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 301
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FGHNDo15WyJ0HjlPtoKovAW7FWk&gdpr=0&gdpr_consent=
Request Chain 302
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 304
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 305
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEaGcwN0tYOFVBQUJpc25Ja2lNQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AADhg07KX8UAABisnIkiMA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADhg07KX8UAABisnIkiMA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADhg07KX8UAABisnIkiMA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6296753743886515757&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADhg07KX8UAABisnIkiMA&gdpr=0&gdpr_consent=
Request Chain 306
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU874e9e9b6b7c47ef990079a23d13e11d
Request Chain 309
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7265569487072127626&gdpr=0&gdpr_consent=&us_privacy=

330 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
239 KB
65 KB
Document
General
Full URL
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f8853a1e59a595b8f20aeaa96e486803cbd5748f6c02a06901127e7dd29ab37

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8181405ddac44133-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 18 Oct 2023 13:50:38 GMT
link
<https://tribuneonlineng.com/wp-json/>; rel="https://api.w.org/", <https://tribuneonlineng.com/wp-json/wp/v2/posts/758804>; rel="alternate"; type="application/json", <https://wp.me/p7ZDOE-3boM>; rel=shortlink
server
cloudflare
vary
Accept-Encoding
x-cache
MISS
style.min.css
c0.wp.com/c/6.3.1/wp-includes/css/dist/block-library/
102 KB
13 KB
Stylesheet
General
Full URL
https://c0.wp.com/c/6.3.1/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Wed, 19 Jul 2023 11:13:55 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 13:50:38 GMT
d440670e-a7fb-4b57-b53f-e1864940700b
https://tribuneonlineng.com/
1 KB
0
Other
General
Full URL
blob:https://tribuneonlineng.com/d440670e-a7fb-4b57-b53f-e1864940700b
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
mediaelementplayer-legacy.min.css
c0.wp.com/c/6.3.1/wp-includes/js/mediaelement/
11 KB
3 KB
Stylesheet
General
Full URL
https://c0.wp.com/c/6.3.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 13:50:38 GMT
wp-mediaelement.min.css
c0.wp.com/c/6.3.1/wp-includes/js/mediaelement/
4 KB
1 KB
Stylesheet
General
Full URL
https://c0.wp.com/c/6.3.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 13:50:38 GMT
plugin.css
tribuneonlineng.com/wp-content/plugins/jnews-video/assets/css/
29 KB
5 KB
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/plugins/jnews-video/assets/css/plugin.css?ver=11.0.3
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d95c3d5ae0d82be172167529f472e51b86ef0b3020c1c4c60a898314e5e054

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 12:12:39 GMT
cf-bgj
minify
server
cloudflare
age
697824
etag
W/"6512cab7-72c6"
cf-polished
origSize=29382
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140603ea84133-LHR
alt-svc
h3=":443"; ma=86400
pff-paystack-style.css
tribuneonlineng.com/wp-content/plugins/payment-forms-for-paystack/public/css/
47 KB
8 KB
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/plugins/payment-forms-for-paystack/public/css/pff-paystack-style.css?ver=2.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eea82e21af4a0070d6899aacf4c12574b98d7b49034fc80fdcc9d1dd76dfef4d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jun 2023 23:18:53 GMT
cf-bgj
minify
server
cloudflare
age
697826
etag
W/"6488f95d-e5dd"
cf-polished
origSize=58845
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140603eaa4133-LHR
alt-svc
h3=":443"; ma=86400
font-awesome.min.css
tribuneonlineng.com/wp-content/plugins/payment-forms-for-paystack/public/css/
21 KB
5 KB
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/plugins/payment-forms-for-paystack/public/css/font-awesome.min.css?ver=2.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7a0fcb6dc2faf553d3093b228519114b09d538dde82fcea861a90635aae4363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jun 2023 23:18:53 GMT
server
cloudflare
age
697824
etag
W/"6488f95d-55e0"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140603eab4133-LHR
alt-svc
h3=":443"; ma=86400
style.css
tribuneonlineng.com/wp-content/themes/jnews/
0
108 B
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/style.css?ver=6.3.1
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697824
etag
W/"6512104c-1ab"
cf-polished
origSize=427
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140603ead4133-LHR
alt-svc
h3=":443"; ma=86400
frontend-lite.min.css
tribuneonlineng.com/wp-content/plugins/elementor/assets/css/
115 KB
14 KB
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.16.5
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c483c83318c93d883f638129fe28dbd41f8b7d6881d94b0d99c93f5d87bb934

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 05:23:24 GMT
server
cloudflare
age
697927
etag
W/"6524dfcc-1ca4c"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140603eae4133-LHR
alt-svc
h3=":443"; ma=86400
fontawesome-webfont.woff2
tribuneonlineng.com/wp-content/themes/jnews/assets/fonts/font-awesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Origin
https://tribuneonlineng.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
server
cloudflare
age
697944
etag
"6512104c-12d68"
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
818140606f274133-LHR
alt-svc
h3=":443"; ma=86400
content-length
77160
jegicon.woff
tribuneonlineng.com/wp-content/themes/jnews/assets/fonts/jegicon/fonts/
7 KB
7 KB
Font
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/fonts/jegicon/fonts/jegicon.woff
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Origin
https://tribuneonlineng.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
server
cloudflare
age
697824
etag
W/"6512104c-1be8"
vary
Accept-Encoding
content-type
application/font-woff
cache-control
public, max-age=31536000
cf-ray
818140606f284133-LHR
alt-svc
h3=":443"; ma=86400
fontawesome-webfont.woff2
tribuneonlineng.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://tribuneonlineng.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Origin
https://tribuneonlineng.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 05:23:24 GMT
server
cloudflare
age
697944
etag
"6524dfcc-12d68"
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
818140606f2a4133-LHR
alt-svc
h3=":443"; ma=86400
content-length
77160
font-awesome.min.css
tribuneonlineng.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 05:23:24 GMT
server
cloudflare
age
697826
etag
W/"6524dfcc-7917"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140603eb04133-LHR
alt-svc
h3=":443"; ma=86400
jegicon.css
tribuneonlineng.com/wp-content/themes/jnews/assets/fonts/jegicon/
3 KB
693 B
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/fonts/jegicon/jegicon.css?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec9d8c907138c1545c1e92a42a86e0fc451ecedf5259d0562ec2192429092451

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697824
etag
W/"6512104c-aff"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140603eb24133-LHR
alt-svc
h3=":443"; ma=86400
jquery.jscrollpane.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/
1 KB
489 B
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/jquery.jscrollpane.css?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eaa9a43c63295f2060dc352c8bd1c608ab952260b2446d18c306cc240d03b86

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697824
etag
W/"6512104c-431"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140603eb34133-LHR
alt-svc
h3=":443"; ma=86400
okayNav.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/
3 KB
848 B
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/okayNav.css?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda1eb96ea5e8e373d685074e1d65630c4fd4169ac0f9bbce41b2242d9095936

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697826
etag
W/"6512104c-ab9"
cf-polished
origSize=2745
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140603eb54133-LHR
alt-svc
h3=":443"; ma=86400
magnific-popup.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/magnific-popup.css?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df90a40819ef897eb30c32bb12d65469d0c0ba77bf96fe472c697c2dd252cc14

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697824
etag
W/"6512104c-1609"
cf-polished
origSize=5641
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140603eb74133-LHR
alt-svc
h3=":443"; ma=86400
chosen.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/chosen/
11 KB
3 KB
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/chosen/chosen.css?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ae09a5576b810460bf954ff176cc8a3d58844d7b07ebcebbb41df6249ce4ab2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697824
etag
W/"6512104c-2ac8"
cf-polished
origSize=10952
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140606f094133-LHR
alt-svc
h3=":443"; ma=86400
main.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/
241 KB
44 KB
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/main.css?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1067fd8473f88955d6b702043be6c77ea08617238b6c0b4d262303e77af8985c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697826
etag
W/"6512104c-3c2a5"
cf-polished
origSize=246437
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140606f0e4133-LHR
alt-svc
h3=":443"; ma=86400
pages.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/
3 KB
947 B
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/pages.css?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb8256c8d497b551ea5aeb94efd0e7fe90ae9437bc3a42b3f7b568c6546a7e77

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697824
etag
W/"6512104c-c44"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140606f124133-LHR
alt-svc
h3=":443"; ma=86400
single.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/single.css?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96644c250619a3947bc06342fbe5e310cd16f2069b779409a160da84d6879914

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697824
etag
W/"6512104c-7936"
cf-polished
origSize=31030
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140606f154133-LHR
alt-svc
h3=":443"; ma=86400
responsive.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/responsive.css?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc36e8571049f10aa682debe3ffc61bcb792d8a7d6def4dccbcb79547cb2d9dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697824
etag
W/"6512104c-2f1a"
cf-polished
origSize=12058
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140606f184133-LHR
alt-svc
h3=":443"; ma=86400
pb-temp.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/
29 KB
4 KB
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/pb-temp.css?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82e7b90af6b29c128d545993e102e879715d7ee09d43e216449f86e49d8a5b3a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697826
etag
W/"6512104c-735b"
cf-polished
origSize=29531
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140606f194133-LHR
alt-svc
h3=":443"; ma=86400
elementor-frontend.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/
681 B
280 B
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/elementor-frontend.css?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6400dc8b0e288909fa6cc5abdb32a8c2f1a8f8efeb93369ab9bf9378f5f50bd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697824
etag
W/"6512104c-2a9"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140606f1c4133-LHR
alt-svc
h3=":443"; ma=86400
style.css
tribuneonlineng.com/wp-content/themes/jnews-child/
0
146 B
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews-child/style.css?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jun 2023 23:18:55 GMT
cf-bgj
minify
server
cloudflare
age
697824
etag
W/"6488f95f-236"
cf-polished
origSize=566
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140606f1d4133-LHR
alt-svc
h3=":443"; ma=86400
darkmode.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/
46 KB
8 KB
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/darkmode.css?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8779150e41758c8077ed4876f73aa8aa9e3a0bc46c9c7eda1b0ae2bc8dc6841d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697824
etag
W/"6512104c-b786"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140606f1e4133-LHR
alt-svc
h3=":443"; ma=86400
darkmode.css
tribuneonlineng.com/wp-content/plugins/jnews-video/assets/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/plugins/jnews-video/assets/css/darkmode.css?ver=11.0.3
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b15b4c5b04a6eb4f7809b76aa670c86dbcb633b91ead770fd64816d458fa481

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 12:12:39 GMT
cf-bgj
minify
server
cloudflare
age
697826
etag
W/"6512cab7-115d"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140606f204133-LHR
alt-svc
h3=":443"; ma=86400
jetpack.css
c0.wp.com/p/jetpack/12.7/css/
98 KB
17 KB
Stylesheet
General
Full URL
https://c0.wp.com/p/jetpack/12.7/css/jetpack.css
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e3e284f113e4bcac5dff1505966a91a128687b12fae8d9c14e83d334a1f4afe6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Tue, 10 Oct 2023 19:16:20 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 13:50:38 GMT
plugin.css
tribuneonlineng.com/wp-content/plugins/jnews-social-share/assets/css/
1 KB
623 B
Stylesheet
General
Full URL
https://tribuneonlineng.com/wp-content/plugins/jnews-social-share/assets/css/plugin.css
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1c8d56406938096d49c1cefa52b3141494941f3fe98079bd8497114aebe05e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 12:12:37 GMT
cf-bgj
minify
server
cloudflare
age
697966
etag
W/"6512cab5-5b5"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
818140606f234133-LHR
alt-svc
h3=":443"; ma=86400
jquery.min.js
c0.wp.com/c/6.3.1/wp-includes/js/jquery/
85 KB
29 KB
Script
General
Full URL
https://c0.wp.com/c/6.3.1/wp-includes/js/jquery/jquery.min.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Fri, 26 May 2023 11:33:35 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 13:50:38 GMT
jquery-migrate.min.js
c0.wp.com/c/6.3.1/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://c0.wp.com/c/6.3.1/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 13:50:38 GMT
js
www.googletagmanager.com/gtag/
185 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-33246503-1
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
95e82669cfbd4c014668b7b29195a78e82e994a812d99fa7eef89d38e2ae7f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68421
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 18 Oct 2023 13:50:38 GMT
js
www.googletagmanager.com/gtag/
265 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8SFJTPHHCP
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d96f84ad4dbb965b45f5095c9291dfe728ea85b1305ce229f722ba6b3362d935
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91444
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Oct 2023 13:50:38 GMT
script.js
powerad.ai/204857924095125/
210 KB
47 KB
Script
General
Full URL
https://powerad.ai/204857924095125/script.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.243.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-243-137.compute-1.amazonaws.com
Software
/ Express
Resource Hash
600d2982c523190fd1fcb960f0f1f08e25a2975949a1c44ab951fd20936ec0a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 13:28:14 GMT
x-powered-by
Express
etag
W/"3474e-18b42f8f785"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
ebx.js
applets.ebxcdn.com/
464 B
989 B
Script
General
Full URL
https://applets.ebxcdn.com/ebx.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
x-amzn-remapped-content-length
464
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
502
x-amzn-requestid
1a667972-15ee-466e-8b25-b79975800a30
x-amz-apigw-id
NAAM0EK7DoEFnuA=
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed Aug 30 13:25:09 GMT 2023
server
cloudflare
x-amzn-trace-id
Root=1-652fe0b8-027d193a6d9c06c268f04a63;Sampled=0;lineage=7936cbcf:0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfhP%2BZ0LVgku6%2FVH3GHrG0GpvdQcqspdJTKqW4l3SbsppeKCikz5IOIbEdP2czMBs2a2k%2BtZnWi9MVKXQncbPQowihUR0BR43Nc3y11HBQGFTctj8eRvhygwANvhwziFF98nucJ13FthntZjgdcRyts%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
81814061ed7e71ed-LHR
gen.js
ads.themoneytizer.com/s/
4 KB
3 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-nzt
AcO1rw43Nzf/TDsAAA
x-accel-expires
@1698226658
date
Wed, 18 Oct 2023 13:50:38 GMT
x-77-pop
frankfurtDE
x-77-age
15180
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
90833930850e222eaee22f651aadf70e
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
15180
x-accel-date
1697621858
requestform.js
ads.themoneytizer.com/s/
132 KB
20 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b5664101ad7c79e42e9c3454042eefe491f007e48fd91793b282a019563b17a5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-nzt
AcO1rw43Nzf/8jgAAA
x-accel-expires
@1698227260
date
Wed, 18 Oct 2023 13:50:38 GMT
x-77-pop
frankfurtDE
x-77-age
14578
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
90833930850e222eaee22f65f798ff0e
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
14578
x-accel-date
1697622460
gpt.js
securepubads.g.doubleclick.net/tag/js/
91 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
812dd62c974124cfee5b571776cc1c847f0cd0ed363e0cbdfc023e40e5f192ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29654
x-xss-protection
0
server
cafe
etag
25 / 19648 / m202310120101 / config-hash: 18424697480299559098
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:50:38 GMT
Tribune-Online-Website-Cropped-Logo.png
tribuneonlineng.com/wp-content/uploads/2023/05/
16 KB
16 KB
Image
General
Full URL
https://tribuneonlineng.com/wp-content/uploads/2023/05/Tribune-Online-Website-Cropped-Logo.png
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae5ca5f83697df545671effeaf1567404e779d58c06979af9e9099e115e9974

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
cf-cache-status
HIT
age
697936
cf-polished
origFmt=png, origSize=25814
content-disposition
inline; filename="Tribune-Online-Website-Cropped-Logo.webp"
alt-svc
h3=":443"; ma=86400
content-length
16088
last-modified
Tue, 13 Jun 2023 23:15:47 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"6488f8a3-64d6"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
818140606f2e4133-LHR
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
149 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1896573800096815
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d87dd540ed8b01e6bfe2d1f93cb8a82dc0840444b6c95d7b9c25834cac87456a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tribuneonlineng.com/
Origin
https://tribuneonlineng.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51359
x-xss-protection
0
server
cafe
etag
6209704210268370734
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:50:38 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/
26 KB
8 KB
Script
General
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 13:45:26 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651ebdf6-66b6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 18 Oct 2023 14:50:38 GMT
load-widget.js
cdn.pixfuture.com/cw/
53 KB
53 KB
Script
General
Full URL
https://cdn.pixfuture.com/cw/load-widget.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f13a8a652585934679b92ef7b5bceaeda7672269c9e8d6155e00d803dc359d2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39074
cf-bgj
minify
last-modified
Thu, 23 Feb 2023 17:10:52 GMT
server
cloudflare
etag
W/"63f79e1c-d202"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hK%2Bectz3Pa9B9y2Aq8ZHLV80rgulY3QcCoKS4dXy8LKqD%2FBHDPYxiiB0tpKlQmpNKrURjOurBpRFYA3NanZUdAEZr0JtXaZ4P3uxyIU97jCfAtN0AxAskPhQwrXNRYwuCzMnhowx2VmdnKZEMNC"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
81814061efa3640d-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 19 Oct 2023 22:37:15 GMT
tribuneonlineng.com.1305397.js
jsc.mgid.com/t/r/
4 KB
2 KB
Script
General
Full URL
https://jsc.mgid.com/t/r/tribuneonlineng.com.1305397.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
679e1de8c8422d99e5d79e1ca78bc0e26eb2198ab663d9199593606298a8a079
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
x-amz-version-id
5YIZoT.ftDQ8oNF8fpSifZFzhhpneWbO
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
HS5WC07WYMM2EW3X
age
5402
cf-polished
origSize=3879
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
q53818qlvD8xJEhTNHqBLJu/ysKiEyx8dLlBf4sxBbDhcGl1hnzvq2pu7+Y/IYaFhXhTO/nvz8w=
cf-bgj
minify
last-modified
Wed, 11 Oct 2023 08:34:37 GMT
server
cloudflare
etag
W/"ee6dccff345d9e8fe7e29846c35165e9"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
81814061ec006546-LHR
expires
Wed, 18 Oct 2023 16:50:38 GMT
jquery.blockUI.min.js
tribuneonlineng.com/wp-content/plugins/payment-forms-for-paystack/public/js/
9 KB
4 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/plugins/payment-forms-for-paystack/public/js/jquery.blockUI.min.js?ver=2.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e2bb08faeeea0cc98981210e9dfb040a8c17c2f046e1af76ab8a788bfa3d93

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Jun 2023 23:18:53 GMT
server
cloudflare
age
697824
etag
W/"6488f95d-255f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
818140606f334133-LHR
alt-svc
h3=":443"; ma=86400
core.min.js
c0.wp.com/c/6.3.1/wp-includes/js/jquery/ui/
21 KB
7 KB
Script
General
Full URL
https://c0.wp.com/c/6.3.1/wp-includes/js/jquery/ui/core.min.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Thu, 02 Feb 2023 16:36:32 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 13:50:38 GMT
byline.334a.min.js
tribuneonlineng.com/wp-content/plugins/molongui-authorship/assets/js/
4 KB
2 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/plugins/molongui-authorship/assets/js/byline.334a.min.js?ver=4.7.2
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9df6c4c7c9ded0611ccf30c49f5a271fe7ab2405cdecbfbf38413a1430d5f75e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Sep 2023 00:33:46 GMT
server
cloudflare
age
697970
etag
W/"6503a66a-1095"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81814060df5d6582-LHR
alt-svc
h3=":443"; ma=86400
comment-reply.min.js
c0.wp.com/c/6.3.1/wp-includes/js/
3 KB
1 KB
Script
General
Full URL
https://c0.wp.com/c/6.3.1/wp-includes/js/comment-reply.min.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 13:50:38 GMT
hoverIntent.min.js
c0.wp.com/c/6.3.1/wp-includes/js/
1 KB
975 B
Script
General
Full URL
https://c0.wp.com/c/6.3.1/wp-includes/js/hoverIntent.min.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 13:50:38 GMT
imagesloaded.min.js
c0.wp.com/c/6.3.1/wp-includes/js/
5 KB
2 KB
Script
General
Full URL
https://c0.wp.com/c/6.3.1/wp-includes/js/imagesloaded.min.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Sat, 13 Jun 2020 18:53:27 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 13:50:38 GMT
isotope.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
34 KB
11 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/isotope.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcda49194b1d46917617552b08d65be9bc2770a3d0e9300d72dc8955a5e573bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-8936"
cf-polished
origSize=35126
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406148036582-LHR
alt-svc
h3=":443"; ma=86400
lazysizes.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
7 KB
3 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/lazysizes.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ab6fe2bf97ae3218625c1b808abaad9f40936b9780a22428d8daf42144cdd09

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-1b0e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81814061581e6582-LHR
alt-svc
h3=":443"; ma=86400
ls.bgset.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
3 KB
1 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/ls.bgset.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cecf6aff3799676afbba5d917af1ed2ba13d4cb15431ba6ac1a32a27cb7aa58

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-aef"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188616582-LHR
alt-svc
h3=":443"; ma=86400
superfish.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
5 KB
2 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/superfish.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abbcd73db004e56766842ef27dd73a1f8d8bc75bd3e22ac886837a6ba2788a5e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-14b6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188636582-LHR
alt-svc
h3=":443"; ma=86400
theia-sticky-sidebar.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
5 KB
2 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/theia-sticky-sidebar.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83fc5047fb0d3941449d2feeceb5e82ad981f296f33b34e7b5c627c01b73064f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-14c3"
cf-polished
origSize=5315
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188656582-LHR
alt-svc
h3=":443"; ma=86400
jquery.waypoints.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
9 KB
3 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.waypoints.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3857d64c3c3a56eaa34880c5fba143ad30e5a65fb10afe7b83e7b665a98c899c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-2308"
cf-polished
origSize=8968
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188686582-LHR
alt-svc
h3=":443"; ma=86400
jquery.scrollTo.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
2 KB
1 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.scrollTo.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ffa5bdd954bd97dbb682d87e79e9bf03a0a0f943b1dec274684714cc3b4b400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-9dc"
cf-polished
origSize=2524
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188696582-LHR
alt-svc
h3=":443"; ma=86400
jquery.parallax.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
564 B
476 B
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.parallax.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1285fa0d3efa9b784623a0ee0575627ae18e2dba5545321767925eb3445b3d15

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-234"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81814061886b6582-LHR
alt-svc
h3=":443"; ma=86400
jquery.okayNav.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
8 KB
3 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.okayNav.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ef83a93ed4b5c944831c0e80d525bbb042d938c573886aa3bf90cbad47afc4e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-1e1a"
cf-polished
origSize=7706
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81814061886c6582-LHR
alt-svc
h3=":443"; ma=86400
jquery.mousewheel.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
3 KB
1 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.mousewheel.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d42c6d2547a751bec562c530be04ef4c914196f029d73334263dcc1f95f3c1a6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-ad0"
cf-polished
origSize=2768
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81814061886d6582-LHR
alt-svc
h3=":443"; ma=86400
modernizr-custom.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
17 KB
7 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/modernizr-custom.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44d5ee568ddf565939179a4295008a26606cc96c7cbec097f48a55d2dd59d796

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-427e"
cf-polished
origSize=17022
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81814061886e6582-LHR
alt-svc
h3=":443"; ma=86400
jquery.smartresize.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
266 B
358 B
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.smartresize.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f368bad709ba2631e19261f4aceed4b15c9ec0c0bf17fe6346db2bbb2249e4e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-10a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81814061886f6582-LHR
alt-svc
h3=":443"; ma=86400
chosen.jquery.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
28 KB
8 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/chosen.jquery.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acb4ff754b6afb2d69d752b114f863d6399ca18fc255bba7a4863629170df2ba

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-70f6"
cf-polished
origSize=28918
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188716582-LHR
alt-svc
h3=":443"; ma=86400
jquery.magnific-popup.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
20 KB
8 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.magnific-popup.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5957c4e11afc3c18b780c5c771dd2097da53c7ee0bb306d2a00f65f892805d8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-4e4b"
cf-polished
origSize=20043
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188746582-LHR
alt-svc
h3=":443"; ma=86400
jquery.jnewsgif.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
1 KB
693 B
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.jnewsgif.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b782cac9a76a4137f6a94ed25c97d1df386ad8866192f86c2bc1136c10627d5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-477"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188776582-LHR
alt-svc
h3=":443"; ma=86400
jquery.jsticky.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
2 KB
910 B
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.jsticky.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffbc586e48acd966a592f44ac7533f0e86f4c3a7f814e255d002956080024b2e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-6aa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188786582-LHR
alt-svc
h3=":443"; ma=86400
jquery.transit.min.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
8 KB
3 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.transit.min.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44fda2ae98e3f1e0e24e75a854b38b700cf1d76f3a1412790db2d22160801fc3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
server
cloudflare
age
697970
etag
W/"6512104c-1e96"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81814061887b6582-LHR
alt-svc
h3=":443"; ma=86400
main.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
44 KB
12 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/main.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6c5c42ba9ce5fa8599bec02406a22093c46d2d2fafe12e0d217290393040273

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-aec4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81814061887e6582-LHR
alt-svc
h3=":443"; ma=86400
zoom-button.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
6 KB
2 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/zoom-button.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1516157c149cb4a8861f89bdf815d6ecb3008347eda0bb173361d70191d1560b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-1865"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188816582-LHR
alt-svc
h3=":443"; ma=86400
popup-post.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
1 KB
671 B
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/popup-post.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
413a420c0b7f9130b7f0e93ea830e8ae7e1c5bc80ae0691e37e03e130522cf0f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-449"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188836582-LHR
alt-svc
h3=":443"; ma=86400
darkmode.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
6 KB
2 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/darkmode.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270408a8aaa2bb3d3c892c519e0465a39b3386faa3bec22d77edbcabe919c762

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-1924"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188856582-LHR
alt-svc
h3=":443"; ma=86400
supposition.js
tribuneonlineng.com/wp-content/plugins/jnews-video/assets/js/
1 KB
758 B
Script
General
Full URL
https://tribuneonlineng.com/wp-content/plugins/jnews-video/assets/js/supposition.js?ver=11.0.3
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28d894b4664f51376d31de576644dad93b7c928551e66efc58bdba0ad51f3a9d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 12:12:39 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512cab7-523"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188866582-LHR
alt-svc
h3=":443"; ma=86400
mouse.min.js
c0.wp.com/c/6.3.1/wp-includes/js/jquery/ui/
3 KB
1 KB
Script
General
Full URL
https://c0.wp.com/c/6.3.1/wp-includes/js/jquery/ui/mouse.min.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Fri, 23 Sep 2022 19:55:30 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 13:50:38 GMT
sortable.min.js
c0.wp.com/c/6.3.1/wp-includes/js/jquery/ui/
25 KB
6 KB
Script
General
Full URL
https://c0.wp.com/c/6.3.1/wp-includes/js/jquery/ui/sortable.min.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
275bace21e01961de13dd85b2454bf719249ee3b33559f7b468c92e3cf01a93a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Thu, 02 Feb 2023 16:36:32 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 13:50:38 GMT
plugin.js
tribuneonlineng.com/wp-content/plugins/jnews-video/assets/js/
17 KB
5 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/plugins/jnews-video/assets/js/plugin.js?ver=11.0.3
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0514580c53e8c81ce58ff2a3f86d65f5c8b671896f9c4f0489973670c1912f94

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 12:12:39 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512cab7-437f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188876582-LHR
alt-svc
h3=":443"; ma=86400
jquery.module.js
tribuneonlineng.com/wp-content/themes/jnews/assets/js/
8 KB
2 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.module.js?ver=1.0.0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270a3b45760fc517bf0587933ee4fd7293ef5a1dbf77fdb3fd70b28a1c8e7f5b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512104c-1f57"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8181406188896582-LHR
alt-svc
h3=":443"; ma=86400
e-202342.js
stats.wp.com/
7 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202342.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT lhr
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684464982353.1523
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 14 Oct 2024 07:10:40 GMT
plugin.js
tribuneonlineng.com/wp-content/plugins/jnews-social-share/assets/js/
3 KB
1 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-content/plugins/jnews-social-share/assets/js/plugin.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae63276d13de5376dd9d5d0dd2d330cb131ace6ab96008ddcad724acff553cea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 12:12:37 GMT
cf-bgj
minify
server
cloudflare
age
697970
etag
W/"6512cab5-d98"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81814061888a6582-LHR
alt-svc
h3=":443"; ma=86400
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.3.1
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
305
etag
W/"2a3bbde818bef34d53a0df862ead5d5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
818140628d2f6371-LHR
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 21 Oct 2023 13:50:38 GMT
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/wp-content/plugins/payment-forms-for-paystack/public/css/pff-paystack-style.css?ver=2.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d816458b15e8caa008d5a4d7e5936cd054342983cc03230cb2419f8fe386da78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 12:28:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Oct 2023 13:50:38 GMT
choice.js
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/
3 KB
2 KB
Script
General
Full URL
https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c827d398c2331de5b6160a7e29fcd2596643cadd239dd2f2cdcc79f40c4be408

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:19 GMT
content-encoding
gzip
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Thu, 14 Sep 2023 21:46:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
52
x-amz-server-side-encryption
AES256
etag
W/"408e9e32ff11d19e90e67eb67eb171dc"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
YXoS_3BDQ1RsjYb4XrbvNtjSF8RZeXcC1i2WZXWO3TI0QUlGl8xOBg==
/
c.tmyzer.com/c/
0
281 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=97152&f=6&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
server
nginx
x-iplb-request-id
05BB1569:8EB0_36264064:01BB_652FE2AE_65C74BB:1858A
x-iplb-instance
38437
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
geo
rbx
lib_fs_close.js
ads.themoneytizer.com/
667 B
809 B
Script
General
Full URL
https://ads.themoneytizer.com/lib_fs_close.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
15179
x-accel-date
1697621859
x-77-nzt
AcO1rw43Nzf/SzsAAA
pragma
public
x-accel-expires
@1697708259
x-77-age
15179
last-modified
Thu, 19 Jan 2023 15:05:03 GMT
server
CDN77-Turbo
x-77-nzt-ray
90833930850e222eaee22f65e94dc314
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Thu, 19 Oct 2023 09:37:39 GMT
smart.js
ced.sascdn.com/tag/1097/
110 KB
37 KB
Script
General
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.238.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f28fdae33f8ef4ea1c515edc121c58a5d8117f6b69b7069b2029578313fcfb8d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 13:50:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
37248
Expires
Wed, 18 Oct 2023 15:50:38 GMT
sync
gum.criteo.com/
49 B
306 B
Script
General
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
293646
expires
60
mapper.js
spl.zeotap.com/
61 KB
20 KB
Script
General
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df2e870b373f1bf5c660a65e0afc2c47226992fdec0b26db18aff14e9d3299b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains; preload
age
19306
cf-polished
origSize=62059
cf-bgj
minify
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.turf-pronostics.com
cache-control
public, max-age=21600
access-control-allow-credentials
true
cf-ray
81814063ae2163e4-LHR
access-control-allow-headers
*
expires
Wed, 18 Oct 2023 14:28:52 GMT
libJsLP.js
tag.leadplace.fr/
5 KB
6 KB
Script
General
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
last-modified
Thu, 14 Oct 2021 07:27:52 GMT
server
nginx/1.20.1
x-iplb-request-id
05BB1569:9482_91EFC0A6:01BB_652FE2AE_6924F4D:1CE16
etag
"6167dbf8-15ab"
x-iplb-instance
30196
content-type
application/javascript
accept-ranges
bytes
content-length
5547
/
onetag-sys.com/usync/ Frame AF1B
2 KB
815 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1697637038327
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://tribuneonlineng.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 25 Oct 2023 13:50:38 GMT
px.js
p.cpx.to/p/12761/
6 KB
3 KB
Script
General
Full URL
https://p.cpx.to/p/12761/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.145.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-145-6.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6b45d49a5d298624228fe85e340515226e82ae5abd1f158e53b0874a1b2e6c41

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
gzip
cache-control
max-age=7200, public
content-type
application/javascript; charset=UTF-8
638269b6-79c1-4df4-8b89-dc818afe544b
boot.pbstck.com/v1/tag/
1 KB
872 B
Script
General
Full URL
https://boot.pbstck.com/v1/tag/638269b6-79c1-4df4-8b89-dc818afe544b
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15210dfa3b3694e62f2c7d66cc729a9da61823043fa3ce28378c82b71c53abbf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=120
timing-allow-origin
*
cf-ray
81814063d9f2657a-LHR
alt-svc
h3=":443"; ma=86400
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/
25 KB
26 KB
Script
General
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.141 Hollywood, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-141.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 07:14:15 GMT
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
X-Amz-Cf-Pop
FRA56-C1
Age
23784
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
qggWDEFMob_Y92FfLDwi3mJgolr1XQg7BS4KwaVDm0o2It3GRMlJQQ==
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
preloader.gif
tribuneonlineng.com/wp-content/themes/jnews/assets/img/
2 KB
2 KB
Image
General
Full URL
https://tribuneonlineng.com/wp-content/themes/jnews/assets/img/preloader.gif
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/main.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ab781bf27583bdff4e614a22c4cfad9b122df26146560761b886f15a87038e4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/main.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
cf-cache-status
HIT
age
697970
cf-polished
origFmt=gif, origSize=4399
content-disposition
inline; filename="preloader.webp"
alt-svc
h3=":443"; ma=86400
content-length
1620
last-modified
Mon, 25 Sep 2023 22:57:16 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"6512104c-112f"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
81814061b8b76582-LHR
adx
pubads.g.doubleclick.net/gampad/
56 KB
13 KB
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,33885318/tribuneonlineng.com_750x360_inside_article_DFP&sz=728x90%7C300x250&t=Placement_type%3Dserving&1697637038353
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cca0ef808e8d5ee5dda189b9353b6019ffc6c54cde0c871130090b8061adea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13120
x-xss-protection
0
google-lineitem-id
5979139424
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138445115301
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
eme.jpg
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/
784 B
1 KB
Image
General
Full URL
https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/eme.jpg?resize=40%2C40&ssl=1
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
39c03d779cc83e8b56c74e3aa57625e7a26996c45086174be034ad25f6bff078
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 3
date
Wed, 18 Oct 2023 13:50:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Oct 2023 11:18:24 GMT
server
nginx
etag
"5fc8754297330f2c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://tribuneonlineng.com/wp-content/uploads/2023/10/eme.jpg>; rel="canonical"
content-length
784
expires
Thu, 16 Oct 2025 23:18:24 GMT
IMG-20231016-WA0008.jpg
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/
540 B
918 B
Image
General
Full URL
https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/IMG-20231016-WA0008.jpg?resize=40%2C40&ssl=1
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
6a01813651c579780ec351da47e8c3dcae72a6b9d498d6238add858c73afd409
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 8
date
Wed, 18 Oct 2023 13:50:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2023 11:27:23 GMT
server
nginx
etag
"d0307b6b803ac900"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://tribuneonlineng.com/wp-content/uploads/2023/10/IMG-20231016-WA0008.jpg>; rel="canonical"
content-length
540
expires
Wed, 15 Oct 2025 23:27:23 GMT
tinubuuu.jpeg
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/06/
604 B
974 B
Image
General
Full URL
https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/06/tinubuuu.jpeg?resize=40%2C40&ssl=1
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
44d05a36c4fecbb76a902b5b76f9ed3712bb30b0248cbe27c5a4930fab14ae2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 6
date
Wed, 18 Oct 2023 13:50:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Oct 2023 23:05:03 GMT
server
nginx
etag
"b11050e79d1ac9a9"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://tribuneonlineng.com/wp-content/uploads/2023/06/tinubuuu.jpeg>; rel="canonical"
content-length
604
expires
Fri, 17 Oct 2025 11:05:03 GMT
20231016_093801.jpg
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/
484 B
857 B
Image
General
Full URL
https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/20231016_093801.jpg?resize=40%2C40&ssl=1
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
d9a43412311a6ea06c8b670be224dd3774ef65ffc8cd0daa98d5da44632caca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Wed, 18 Oct 2023 13:50:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2023 12:36:34 GMT
server
nginx
etag
"ac27c335d6af11c3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://tribuneonlineng.com/wp-content/uploads/2023/10/20231016_093801.jpg>; rel="canonical"
content-length
484
expires
Thu, 16 Oct 2025 00:36:34 GMT
Ali-Ndume.jpg
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/
844 B
1 KB
Image
General
Full URL
https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/Ali-Ndume.jpg?resize=40%2C40&ssl=1
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
7163f5572d22f8b046b23941ea1996345706b2417c4e42f4b76debc3ba7ea8ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 7
date
Wed, 18 Oct 2023 13:50:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Oct 2023 20:03:44 GMT
server
nginx
etag
"c7d6cca49b275b45"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://tribuneonlineng.com/wp-content/uploads/2023/10/Ali-Ndume.jpg>; rel="canonical"
content-length
844
expires
Fri, 17 Oct 2025 08:03:44 GMT
images-2023-10-04T171900.657.jpeg
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/
626 B
1010 B
Image
General
Full URL
https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/images-2023-10-04T171900.657.jpeg?resize=40%2C40&ssl=1
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
665df8faf93cfeb4317132716a98d57aae38894992502c3db080be341c603785
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 6
date
Wed, 18 Oct 2023 13:50:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Oct 2023 23:05:03 GMT
server
nginx
etag
"65ac608b1290a9a5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://tribuneonlineng.com/wp-content/uploads/2023/10/images-2023-10-04T171900.657.jpeg>; rel="canonical"
content-length
626
expires
Fri, 17 Oct 2025 11:05:03 GMT
16974930085917719324154364485348.jpg
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/
882 B
1 KB
Image
General
Full URL
https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/16974930085917719324154364485348.jpg?resize=40%2C40&ssl=1
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
f9347d0cb957d8ede80a0ecba588550f864aaf468a0bd776be2621385ac331b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 8
date
Wed, 18 Oct 2023 13:50:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Oct 2023 23:05:03 GMT
server
nginx
etag
"759c1093e1516823"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://tribuneonlineng.com/wp-content/uploads/2023/10/16974930085917719324154364485348.jpg>; rel="canonical"
content-length
882
expires
Fri, 17 Oct 2025 11:05:03 GMT
Urji-Kalu.jpeg
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/02/
646 B
1017 B
Image
General
Full URL
https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/02/Urji-Kalu.jpeg?resize=40%2C40&ssl=1
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
3aadbcda8995e46511be69530fbbcc1ac78d830d3dd55dafb03670dcfaa45a3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 4
date
Wed, 18 Oct 2023 13:50:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Oct 2023 23:05:03 GMT
server
nginx
etag
"07b1eb585e8993c2"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://tribuneonlineng.com/wp-content/uploads/2023/02/Urji-Kalu.jpeg>; rel="canonical"
content-length
646
expires
Fri, 17 Oct 2025 11:05:03 GMT
ww11.webp
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/
682 B
1 KB
Image
General
Full URL
https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/ww11.webp?resize=40%2C40&ssl=1
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
9a349142858b1b1de98addf15f76366b1aa85b1c7074215dd2a68ee0604c8dac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 6
date
Wed, 18 Oct 2023 13:50:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Oct 2023 05:13:51 GMT
server
nginx
etag
"911ff5bace5771d8"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://tribuneonlineng.com/wp-content/uploads/2023/10/ww11.webp>; rel="canonical"
content-length
682
expires
Thu, 16 Oct 2025 17:13:51 GMT
Solomon-Tokunbo-Ishola.jpg
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/
598 B
977 B
Image
General
Full URL
https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/10/Solomon-Tokunbo-Ishola.jpg?resize=40%2C40&ssl=1
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ba215ba8311f7063ebcdc4d1c4591837e30efd2cd6b353d06e323cde052695e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 18 Oct 2023 13:50:38 GMT
x-content-type-options
nosniff
last-modified
Sat, 14 Oct 2023 12:02:14 GMT
server
nginx
etag
"4e301f04bd329a68"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://tribuneonlineng.com/wp-content/uploads/2023/10/Solomon-Tokunbo-Ishola.jpg>; rel="canonical"
content-length
598
expires
Tue, 14 Oct 2025 00:02:14 GMT
Odua-Ad-scaled.jpg
tribuneonlineng.com/wp-content/uploads/2023/09/
903 KB
903 KB
Image
General
Full URL
https://tribuneonlineng.com/wp-content/uploads/2023/09/Odua-Ad-scaled.jpg
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b1d472fc194f2e3128c71bcb88c0a17eb7fb6e52cee7ffd9690f1feeace1840

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 04:01:19 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
697901
etag
"6507cb8f-f9076"
cf-polished
origSize=1020022
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
81814061f92c6582-LHR
alt-svc
h3=":443"; ma=86400
content-length
924186
evending-new_big-1024x690.jpg
tribuneonlineng.com/wp-content/uploads/2020/04/
128 KB
128 KB
Image
General
Full URL
https://tribuneonlineng.com/wp-content/uploads/2020/04/evending-new_big-1024x690.jpg
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7bc0f0de90e4e883e5f1670f95311c4c0d09c33eecfaaa60a99ba5c471d9d23

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
cf-cache-status
HIT
last-modified
Tue, 13 Jun 2023 23:03:47 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
697924
etag
"6488f5d3-21df9"
cf-polished
origSize=138745
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
81814061f92f6582-LHR
alt-svc
h3=":443"; ma=86400
content-length
131269
18102023.gif
tribuneonlineng.com/wp-content/uploads/2023/10/
122 KB
122 KB
Image
General
Full URL
https://tribuneonlineng.com/wp-content/uploads/2023/10/18102023.gif
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1feaf7aa318841a8158633ea1174980d282ee76d48844e2da331f3fd13cf1da8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
cf-cache-status
HIT
age
28617
cf-polished
origFmt=gif, origSize=180817
content-disposition
inline; filename="18102023.webp"
alt-svc
h3=":443"; ma=86400
content-length
124758
last-modified
Wed, 18 Oct 2023 05:53:38 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"652f72e2-2c251"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
81814061f9316582-LHR
IMG-20231016-WA0008.jpg
tribuneonlineng.com/wp-content/uploads/2023/10/
35 KB
36 KB
Image
General
Full URL
https://tribuneonlineng.com/wp-content/uploads/2023/10/IMG-20231016-WA0008.jpg
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2d56b12a7ed1d26a956582936096c3f52240e61efac0c590e082834718c57d9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2023 10:04:55 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
186251
etag
"652d0ac7-8f43"
cf-polished
origSize=36675
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
81814061f9346582-LHR
alt-svc
h3=":443"; ma=86400
content-length
36351
scripts.js
applets.ebxcdn.com/applets/tribuneonlineng.com/
2 KB
2 KB
XHR
General
Full URL
https://applets.ebxcdn.com/applets/tribuneonlineng.com/scripts.js
Requested by
Host: applets.ebxcdn.com
URL: https://applets.ebxcdn.com/ebx.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e318e8e4e76b59e04865574b0297d58fcf311b392f02eaf3c9ca3de9c7e7e735

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7033
x-amzn-requestid
838e9816-f7d8-47ee-9ad3-af78c2828b4a
x-amz-apigw-id
M_wQSGihDoEFkBA=
content-length
1581
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 17 Oct 2023 09:52:06 GMT
server
cloudflare
etag
5W3kMRH9AL+fmyASdqaA2w==
x-amzn-trace-id
Root=1-652fc734-7a89fec17988866e11d85de7;Sampled=0;lineage=388d0713:0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpjFE8JccKp1YGsRjoJIIelMHvIkZ9ChnNzMbv975uhg2rsfnFzqe%2Fq3zBAzY6fc6TIMby1rCGKS7oJJ8tHjYqQpRR0jplPDCvJ%2BOO0IEXE3cD3gAdBbl5XqtgCtnJgxIGFBqZiURLtcIKTEk%2BgruoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=300, no-transform
accept-ranges
bytes
cf-ray
81814062a9970676-LHR
tribuneonlineng.com.1305397.es6.js
jsc.mgid.com/t/r/
329 KB
99 KB
Script
General
Full URL
https://jsc.mgid.com/t/r/tribuneonlineng.com.1305397.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribuneonlineng.com.1305397.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec1ef72f3a308528aaa93e15bfe931a457ac7babcd443fadd9ad266d6fab9d94
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
x-amz-version-id
GJVKMVh4SwDA1ZMkg2zjPBcdFAbVAjqA
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
6D7RX883RJ2HTMZ0
age
5170
cf-polished
origSize=337122
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5EiECb/C4UVhuw28mGSnSz0B8jMjcUIbqxznKSZC+xoShJmpEZQ/GYtP6lF1MYYuF6ddNesifvw=
cf-bgj
minify
last-modified
Wed, 11 Oct 2023 08:34:37 GMT
server
cloudflare
etag
W/"b2e56e4d1b955d0a56cd6c21ef028ff1"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
818140626cdf6546-LHR
expires
Wed, 18 Oct 2023 16:50:38 GMT
gcws.php
served-by.pixfuture.com/www/delivery/
9 KB
9 KB
XHR
General
Full URL
https://served-by.pixfuture.com/www/delivery/gcws.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
f4b4a13fbf1e89d2117eda447667893a4ac2636ce3cba3903da7a0565e6933e2

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 18 Oct 2023 13:50:38 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
transfer-encoding
chunked
content-type
application/json
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/webp
g.gif
pixel.wp.com/
50 B
153 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=118125416&post=758804&tz=1&srv=tribuneonlineng.com&j=1%3A12.7&host=tribuneonlineng.com&ref=&fcp=722&rand=0.7266857889941254
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 18 Oct 2023 13:50:38 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
wp-emoji-release.min.js
tribuneonlineng.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://tribuneonlineng.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Jun 2023 13:56:51 GMT
server
cloudflare
age
697975
etag
W/"648c6a23-4904"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81814062fb0e6582-LHR
alt-svc
h3=":443"; ma=86400
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
284 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
307
etag
W/"7f9669464fe15e6a516c0eb693b26dbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
818140636e926371-LHR
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 21 Oct 2023 13:50:38 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/
421 KB
132 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 11:42:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
7677
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134870
x-xss-protection
0
server
cafe
etag
11169537383484699631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 11:42:41 GMT
stpd220112.js
stpd.cloud/assets/postbid/ Frame 5773
480 KB
138 KB
Script
General
Full URL
https://stpd.cloud/assets/postbid/stpd220112.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
HjfY42wqSWw306GoqTYOLw==
age
3926
x-ms-lease-status
unlocked
last-modified
Tue, 19 Sep 2023 10:43:42 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
50b91ff1-e01e-0049-41e6-eabd7c000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
81814064083cdc25-LHR
expires
Wed, 18 Oct 2023 17:50:38 GMT
f93c2fcc-614e-4d9b-8d4c-4c1c77036e7f
https://tribuneonlineng.com/
0
0
Other
General
Full URL
blob:https://tribuneonlineng.com/f93c2fcc-614e-4d9b-8d4c-4c1c77036e7f
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
a88592ed-687c-426b-9ed3-658aa5b0e04f
https://tribuneonlineng.com/
250 B
0
Other
General
Full URL
blob:https://tribuneonlineng.com/a88592ed-687c-426b-9ed3-658aa5b0e04f
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/
394 KB
134 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1896573800096815&plah=tribuneonlineng.com&bust=31078802
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1896573800096815
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6559d2c7967ad6208672b0575f56d8036aaccb8095eb72e0901ed34b72de634d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136743
x-xss-protection
0
server
cafe
etag
10249999225559711923
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:50:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame BECD
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1896573800096815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tribuneonlineng.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
15637
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 09:30:01 GMT
etag
2603938475786422795
expires
Wed, 01 Nov 2023 09:30:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
262 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8SFJTPHHCP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33246503-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b1c83a6b5079dd406543b42c4912ab20ea029d50fddb31d32d9cc679a8ce06c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90387
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Oct 2023 13:50:38 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33246503-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 18 Oct 2023 12:58:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3116
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 18 Oct 2023 14:58:42 GMT
cmp2.js
cmp.quantcast.com/tcfv2/
160 KB
42 KB
Script
General
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
056c8acee66105032f878177b7d8925e6abffd1fab079c0b8c69322d86413214

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:05:25 GMT
content-encoding
br
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
2714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Thu, 28 Sep 2023 19:02:48 GMT
server
AmazonS3
etag
W/"fc4e55a5d8f4ef863759040ad9a735b2"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
EwlX8GQ17ZATJ--QVoHfIAOSSIaxVYef5rDoJPxzRY_ocCI3LBnPBg==
collect
region1.analytics.google.com/g/
0
256 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8SFJTPHHCP&gtm=45je3ag0&_p=1514690579&_gaz=1&gdid=dZTNiMT&cid=253364812.1697637039&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1697637038&sct=1&seg=0&dl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&dt=Leaked%20s3x%20video%3A%20Why%20I%20agreed%20to%20film%C2%A0%20intimate%20moment%20with%20ex-partner%20%E2%80%94%20Moyo%20Lawal%C2%A0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.anonymize_ip=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SFJTPHHCP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
256 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8SFJTPHHCP&cid=253364812.1697637039&gtm=45je3ag0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SFJTPHHCP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/
42 B
408 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8SFJTPHHCP&cid=253364812.1697637039&gtm=45je3ag0&aip=1&z=2058802015
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
spl.zeotap.com/
239 B
579 B
XHR
General
Full URL
https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1ca3361799fca8fc79ff0e30ea846dc2da773abb8d6a32900db8c4c0139638
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
text/html
access-control-allow-origin
https://tribuneonlineng.com
access-control-allow-credentials
true
cf-ray
81814064eff663e4-LHR
access-control-allow-headers
*
collector-d8cb7f0.js
cdn.pbstck.com/
61 KB
17 KB
XHR
General
Full URL
https://cdn.pbstck.com/collector-d8cb7f0.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/638269b6-79c1-4df4-8b89-dc818afe544b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6eef34a0c9e985e995c924486d23ac237ae9e428763dd934b07ad65626526c3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
Y8HPD0F4KFST1Z0E
age
792500
alt-svc
h3=":443"; ma=86400
x-amz-id-2
UfwPAD+mPw2W4Ect+bJSjyCp9JcFaiTA6rBr9GKdr9+Bv3G//xDj5qNZVsZ8VlpvyFl/zgqMfZk=
last-modified
Mon, 09 Oct 2023 08:15:49 GMT
server
cloudflare
etag
W/"73f689884b644651fd0ea2ef750b8713"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=604800, immutable
cf-ray
818140657bf1771d-LHR
web
onesignal.com/api/v1/sync/e9d1f0e1-fda0-493c-bec4-7ed3996de5b8/
3 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/e9d1f0e1-fda0-493c-bec4-7ed3996de5b8/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b10daa29af1578c74f000c6bd02d37a4b4f9e6fb2b40161481a438bed53d978
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
235
cf-polished
origSize=3377
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a0068e32-6f4f-459a-8cd6-759b9b760f9a
x-runtime
0.036476
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"b34f6d924425237b41f7bf8b9bc78e6b"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
81814064f90d6371-LHR
access-control-allow-headers
SDK-Version
expires
Wed, 18 Oct 2023 14:50:38 GMT
prebid.js
ads.themoneytizer.com/moneybid8_17/build/dist/
582 KB
189 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybid8_17/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
af86ad9a418e18f3cc4e4fe922cd9916b667d1b9c21f110c4c9c37c1b01d52d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
15181
x-accel-date
1697621857
x-77-nzt
AcO1rw43Nzf/TTsAAA
pragma
public
x-accel-expires
@1697708257
x-77-age
15181
last-modified
Mon, 02 Oct 2023 20:52:02 GMT
server
CDN77-Turbo
x-77-nzt-ray
90833930850e222eaee22f6514376c34
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Thu, 19 Oct 2023 09:37:37 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 5773
263 KB
64 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
209807b4a945eb3978b50de85596e82a78af6ec6cf2d8757abadf90ef182a687

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
last-modified
Tue, 17 Oct 2023 19:57:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
x-amz-server-side-encryption
AES256
etag
W/"e715d530f804a6faeb76dbd12252e8fc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
elx450TydTpzjv4C8bO4C3bKwZDeY_xfHPtjP9g1RPvkVDwkfMJl5w==
gpt.js
www.googletagservices.com/tag/js/ Frame 5773
91 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3cd883defae255d80892ba738a59b663d0836fa0850513832f033ddbbed9c8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29654
x-xss-protection
0
server
cafe
etag
418 / 19648 / m202310120101 / config-hash: 18424697480299559098
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:50:39 GMT
usync.html
eus.rubiconproject.com/ Frame 601B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://tribuneonlineng.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 18 Oct 2023 13:50:39 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 18 Oct 2023 13:50:39 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server
AkamaiGHost
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
1 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:38 GMT
content-encoding
gzip
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 22:35:53 GMT
server
AmazonS3
etag
W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
VyRieobC3hK2NCQ_EhySMyFewlxfzpUKeZlMzmH5_vN6Xdow5gBtDg==
cmp-list.json
test.cmp.quantcast.com/GVL-v2/
11 KB
3 KB
XHR
General
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6800:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2777728b6a843d0c9f4cf48ee4ae0d6578ee7c565c15c32c29e48640893d52ee

Request headers

Accept
application/json, text/plain, */*
Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 03:00:37 GMT
x-amz-version-id
RmBAvo2GdAadPfN30SZARmFQmvGShfQI
content-encoding
br
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
39003
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 11 Oct 2023 19:52:29 GMT
server
AmazonS3
etag
W/"aa4d81007eaebf13941b812e0f4690d2"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
Ju2D2s1Pi8cRUOlosWKZMDVBmBt4S0YUPNQpwxVljGf4yjCWEYun3g==
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e6013824-dc8b-4125-4efd-92bb4888f0b2&reqId=d0cd0c83-2a2c-46ac-5a1c-60d9c29a7ecb&...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e6013824-dc8b-4125-4efd-92bb4888f0b2&reqId=d0cd0c83-2a2c-46ac-5a1c-60d9c29a7ecb...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHLTGm23u7BLbJieDVp-R8U&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e6013824-dc8b-4125-4efd-92bb4888f0b2&reqId=d0cd0c83-2a2c-46ac-5a1...
95 B
188 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEHLTGm23u7BLbJieDVp-R8U&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e6013824-dc8b-4125-4efd-92bb4888f0b2&reqId=d0cd0c83-2a2c-46ac-5a1c-60d9c29a7ecb&zdid=1258
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://tribuneonlineng.com
access-control-allow-credentials
true
cf-ray
81814066eacb63e4-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEHLTGm23u7BLbJieDVp-R8U&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e6013824-dc8b-4125-4efd-92bb4888f0b2&reqId=d0cd0c83-2a2c-46ac-5a1c-60d9c29a7ecb&zdid=1258
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
446
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pxf_4726x319.min.css
cdn.pixfuture.com/content_widget/
1 KB
978 B
Stylesheet
General
Full URL
https://cdn.pixfuture.com/content_widget/pxf_4726x319.min.css?pxft_v=286900659579001
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b39dd32c7e21de3d73a4abcbbbff83246972bd1dec70c5845a348e9d50352ad

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified
Tue, 20 Dec 2022 04:22:23 GMT
server
cloudflare
etag
W/"63a1387f-540"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPgv0SOy%2BHDsf0XtIwmDNBwsWMp3Fwn41GcBgK4mX8FM12KYhdhJcA7Y4SsAbXSGI%2B2u3ybxWqOfIpsF8TRTeHtwQx6gfjSKuZAHZyPVtNdAxX%2BtZorm9dIEoTwQdeQlC9O2GxAWs2NkWYe4GqEc"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
818140656f18640d-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 20 Oct 2023 13:50:38 GMT
/
reporting.powerad.ai/
2 B
272 B
Ping
General
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/
2 B
223 B
Fetch
General
Full URL
https://powerad.ai/detect-aau?ch=2
Requested by
Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.243.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-243-137.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by
Express
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/
2 B
222 B
Fetch
General
Full URL
https://powerad.ai/detect-aau?ch=1
Requested by
Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.243.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-243-137.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by
Express
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame BEFB
250 KB
76 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
762a6921a033f9c9921fa1d1ef75351b4e82685fd77e6eafd97134a8cd4436c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:26:15 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=94556
accept-ranges
bytes
content-length
77836
expires
Thu, 19 Oct 2023 16:06:35 GMT
pbjs_wrapper.v2.0.js
hb.brainlyads.com/ Frame B26D
49 KB
15 KB
Script
General
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
78e7f57e364b29566a69aee7e5eec546de5ed2a18da12b4d5d18f6a1e0a4b48d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Mon, 02 Oct 2023 13:29:47 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"651ac5cb-c36e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 25 Oct 2023 13:50:39 GMT
/
powerad.ai/pubPls/
11 KB
3 KB
XHR
General
Full URL
https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F
Requested by
Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.243.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-243-137.compute-1.amazonaws.com
Software
/ Express
Resource Hash
22070dbe31050881413cdd3f1df038c7e7b24fc04f50a61a3d5467331d6c94af

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"2d8e-iVfiq2odjIBj7WOBDdJf3nbty5I"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://tribuneonlineng.com
access-control-allow-credentials
true
access-control-allow-headers
*
collect
www.google-analytics.com/j/
2 B
209 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1514690579&t=pageview&_s=1&dl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ul=en-us&de=UTF-8&dt=Leaked%20s3x%20video%3A%20Why%20I%20agreed%20to%20film%C2%A0%20intimate%20moment%20with%20ex-partner%20%E2%80%94%20Moyo%20Lawal%C2%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1554305599&gjid=72320318&cid=253364812.1697637039&tid=UA-33246503-1&_gid=1266924059.1697637039&_r=1&gtm=457e3ag0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1688493891
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 10:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
528728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 10:58:31 GMT
/
c.mgid.com/pv/
43 B
138 B
Image
General
Full URL
https://c.mgid.com/pv/?lu=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&cbuster=1697637038982630523133&pvid=18b430d7b859dd4afef&implVersion=11&cxurl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&site=803025&i=1&scum=%3F0&scuw=%3F0
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
81814065dbb76546-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
OneSignalSDKStyles.css
onesignal.com/sdks/
82 KB
9 KB
Stylesheet
General
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
308
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
81814065da24418f-LHR
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 17 Nov 2023 13:50:39 GMT
collect
stats.g.doubleclick.net/j/
7 B
154 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-33246503-1&cid=253364812.1697637039&jid=1554305599&gjid=72320318&_gid=1266924059.1697637039&_u=YCDACUAABAAAACAAI~&z=508562061
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 18 Oct 2023 13:50:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-33246503-1&cid=253364812.1697637039&jid=1554305599&_u=YCDACUAABAAAACAAI~&z=900976223
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/
42 B
107 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-33246503-1&cid=253364812.1697637039&jid=1554305599&_u=YCDACUAABAAAACAAI~&z=900976223
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Hc6PdfQeAi.js
pixel.zprk.io/v5/pixeljs/
3 KB
3 KB
Script
General
Full URL
https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by
Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.196.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-196-139.compute-1.amazonaws.com
Software
/
Resource Hash
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2753
js
www.googletagmanager.com/gtag/
244 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6MC096FRP9
Requested by
Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ad27d1ce5be06fb5eed9122a9201f1284ea0efb39f9063b03c75cdf8cfb48dfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85963
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Oct 2023 13:50:39 GMT
js
www.googletagmanager.com/gtag/
241 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6MC096FRP9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33246503-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08619e4b70a60c2bc72539bc952eb1956c4006fb48049679a7255804660b8f3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85138
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Oct 2023 13:50:39 GMT
px.js
p.cpx.to/p/12967/
6 KB
3 KB
Script
General
Full URL
https://p.cpx.to/p/12967/px.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.145.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-145-6.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f4292b1388c918be4bc2ead83c44eb74a37b62141566fdf097bc032e2e7233be

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
content-encoding
gzip
cache-control
max-age=7200, public
content-type
application/javascript; charset=UTF-8
prebid.js
hb.brainlyads.com/ Frame BEFB
585 KB
194 KB
Script
General
Full URL
https://hb.brainlyads.com/prebid.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2c1d5421ea8222f212e4dce0deaa52832854b3065fb3e5ac649954610e81db0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 21:07:12 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"650a0d80-923f0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 25 Oct 2023 13:50:39 GMT
css2
fonts.googleapis.com/
2 KB
697 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/content_widget/pxf_4726x319.min.css?pxft_v=286900659579001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39f186b6eb6cae76659183907db8437fda9f3cd362e98dfe0c64596217a7c492
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.pixfuture.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 18 Oct 2023 13:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 13:50:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Oct 2023 13:50:39 GMT
cmp2ui-en.js
cmp.quantcast.com/tcfv2/48/
280 KB
69 KB
Script
General
Full URL
https://cmp.quantcast.com/tcfv2/48/cmp2ui-en.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46af09a4b95a6d4752b77f2644420d30923309dde813616ddd982ad2791fb570

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 05:59:31 GMT
content-encoding
br
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
28269
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Thu, 28 Sep 2023 19:02:13 GMT
server
AmazonS3
etag
W/"536ccb89e71d91899cbb40217285c9c4"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
7RinHHS1s0djnusD0naVuNOXRedgs0Ndo4iqEVtkJewxp5tDkgaSAw==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/
357 KB
48 KB
XHR
General
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dbedada2a4d7c019d0553171ece2c270a3cb7b5beea450bce5e26009d11d797

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 03:00:41 GMT
content-encoding
gzip
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
38999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 18 Oct 2023 03:00:37 GMT
server
AmazonS3
etag
W/"dda2081c82bffbef9767f01d5e66442f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
ZDGwDffiLLKKusrPB4w3p-isG0m1JCInzKRT0jxqYh-9oWxQNprJOQ==
9.gif
id5-sync.com/i/12/
43 B
921 B
Image
General
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 18 Oct 2023 13:50:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
google-atp-list.json
cmp.quantcast.com/tcfv2/
141 KB
33 KB
XHR
General
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac01587e10df3d38abebfe189188e4d6c18cf2fbc584f2dd81cb6cdea511cca9

Request headers

Accept
application/json, text/plain, */*
Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 03:00:29 GMT
content-encoding
br
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
39011
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 18 Oct 2023 03:00:26 GMT
server
AmazonS3
etag
W/"b09e56196f300a2db4b82b95c0b2e00e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
r_1xLgdxYgylZeO32waRFh6XfLj-rETt_d2fnoBE5U_dqd2IIabupQ==
cw_style.css
cdn.pixfuture.com/cw/
28 KB
28 KB
Stylesheet
General
Full URL
https://cdn.pixfuture.com/cw/cw_style.css
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94f9dc3fe1126d55053b1638ed35e036916f5e407a2651e0222adf5f6ee8b75d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39044
cf-polished
origSize=28765
cf-bgj
minify
last-modified
Thu, 02 Feb 2023 20:42:44 GMT
server
cloudflare
etag
W/"63dc2044-705d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=td%2BkSCz%2B35D1E%2BsB24qh1kxgPWPWrTubJtx0aZa2L4a7Q82RA13FjeTBY3xmJFN4rHQ4vTyvGVqlNuxYY1XxVh1o1afRBsfQAlu7gV7iqO5QZu21KD8PydeLIZa7r4HCaJhdxqIvlJh3U6tSkH9J"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
81814066d9a4640d-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 19 Oct 2023 22:49:08 GMT
icon
onesignal.com/api/v1/apps/e9d1f0e1-fda0-493c-bec4-7ed3996de5b8/
184 B
760 B
Fetch
General
Full URL
https://onesignal.com/api/v1/apps/e9d1f0e1-fda0-493c-bec4-7ed3996de5b8/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6d609b78bc9978723d16f1325bd16c8c51a392a834fbc40473fa5fb11dde963
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
994a8696-556f-4d56-8433-5be09c4f2644
x-runtime
0.012950
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"c6d609b78bc9978723d16f1325bd16c8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
818140671aeadc77-LHR
access-control-allow-headers
SDK-Version
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/ Frame 5773
421 KB
132 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 11:42:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
7678
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134870
x-xss-protection
0
server
cafe
etag
11169537383484699631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 11:42:41 GMT
/
audit-tcfv2.cmp.quantcast.com/
2 B
101 B
XHR
General
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22tribuneonlineng.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.48%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22Cv5oFa%2BFuApjbx95Q6c5Yg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1697637039217%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-7qp7lsy3xvaxt3m3f5xi%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/48/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.168.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-168-81.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 18 Oct 2023 13:50:39 GMT
content-length
2
content-type
text/plain; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame 601B
41 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1401a2aaeb82e735d02dbcd6ca44193e9a26b461ecbc40b6c2399d2eb794c5e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 13:50:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Oct 2023 20:01:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=22248
Connection
keep-alive
Content-Length
11123
Expires
Wed, 18 Oct 2023 20:01:27 GMT
notifyme.php
adtrack.adleadevent.com/
0
925 B
XHR
General
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.145.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-145-100.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Oct 2023 13:50:39 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://tribuneonlineng.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
9f4aa1d4a22aa89ffafebc9926b4f43d.png
cdn.pixfuture.com/content_widget/logos/
185 KB
186 KB
Image
General
Full URL
https://cdn.pixfuture.com/content_widget/logos/9f4aa1d4a22aa89ffafebc9926b4f43d.png?pxft_v=26744162293568
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/content_widget/pxf_4726x319.min.css?pxft_v=286900659579001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b82b0548064cbc1a5914521939d3bbe37e7e05f3cf7dd92bbf4ca41fadb8507d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.pixfuture.com/content_widget/pxf_4726x319.min.css?pxft_v=286900659579001
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38297
content-length
189541
last-modified
Wed, 13 Apr 2022 07:11:40 GMT
server
cloudflare
etag
"625677ac-2e465"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TiPG%2BP9JvJIAipKuZ4RumA2AgxEmwa6Zs9eVkVcq0UxDfeZr9z%2B6IJzPufpP0j84Rn8FBJMNt1qv64%2BOnjv%2F%2BRXKcb6SCFkS4rMz%2BbMmfIrcEFofD9EnfyO6zmOkpAjB5EBC4CnqW0AhB7Eu6MQB"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81814067cb01640d-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 18 Oct 2023 15:10:26 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tribuneonlineng.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:16:19 GMT
x-content-type-options
nosniff
age
502460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:16:19 GMT
cw_ad.js
cdn.pixfuture.com/cw/
48 KB
48 KB
Script
General
Full URL
https://cdn.pixfuture.com/cw/cw_ad.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d94741d73e4500db83b9e05383f2ac96c80e5c6741314a7adb72312c3f405cf9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39001
cf-bgj
minify
last-modified
Thu, 09 Mar 2023 20:35:22 GMT
server
cloudflare
etag
W/"640a430a-c03d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqB986obYwKBnjQASRYJhkcCagrj2SC%2FOs0d9aO6r1s1PpQRr1RaCeThDzPyRF5NByygPU%2Ft%2BlcFh4RiZU0uLbZYX60tXIBixRMtrXATpy%2F2NS9G6GyDfwFCd4VpwKEIqzsWmS53kA54V7NYxx%2BD"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
818140680b7a640d-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 18 Oct 2023 16:58:06 GMT
3d80cba81f2990a50e785d5c3491231c.jpeg
cdn.pixfuture.com/content_widget/
142 KB
143 KB
Image
General
Full URL
https://cdn.pixfuture.com/content_widget/3d80cba81f2990a50e785d5c3491231c.jpeg
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b6af8244c26a58a079c9f4ba8f39e89e51a609d0eaedf04af52959ca6656e29

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2279
content-length
145586
cf-bgj
h2pri
last-modified
Wed, 18 Oct 2023 13:12:23 GMT
server
cloudflare
etag
"652fd9b7-238b2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11%2FUueLCaG8aOa3lq%2F79EZhWr4XlZb6s7jG65LvDQIVmS0cdPViisZe06kUrDmJfS8CrPmSmIqZcCle2aBYXXeKvfLj3f8kKwpXPMrfFVyFz12dcBB1OVKJ88YNl%2FxfInExaiRkl9iz7KInDKWrq"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
818140681b86640d-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 20 Oct 2023 13:12:27 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6MC096FRP9&gtm=45je3ag0&_p=1514690579&gdid=dZTNiMT&cid=253364812.1697637039&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697637039&sct=1&seg=0&dl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&dt=Leaked%20s3x%20video%3A%20Why%20I%20agreed%20to%20film%C2%A0%20intimate%20moment%20with%20ex-partner%20%E2%80%94%20Moyo%20Lawal%C2%A0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6MC096FRP9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4b6cdba3-5903-424a-8496-508643d4ee59
img.onesignal.com/permanent/
9 KB
9 KB
Image
General
Full URL
https://img.onesignal.com/permanent/4b6cdba3-5903-424a-8496-508643d4ee59
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
087b977a0df14e2f5a753486a9febfee3fe516df6177214357cede00663e8d53
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Wed, 18 Oct 2023 13:50:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
121
x-guploader-uploadid
ADPycdsQZo0Om6ldx-na3PU2zNEWJ-nVo4wr9GAC2ilWjxMoJL4EkASSDzqvyqvVxsRju1jj2uGq1BuQli2YtoKZa6p2TQ
x-goog-meta-x-goog-source-etag
"10dc535c263a56a4616c6be02e0c0197"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
9003
pragma
no-cache
last-modified
Tue, 14 Feb 2023 03:17:45 GMT
server
cloudflare
etag
"-CNjCp8KGlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676344665170264
content-type
application/octet-stream
x-goog-hash
crc32c=mWtIsg==, md5=ENxTXCY6VqRhbGvgLgwBlw==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
9003
accept-ranges
bytes
cf-ray
818140690f896371-LHR
expires
Sat, 18 Nov 2023 13:50:39 GMT
jquery.min.js
cdn.pixfuture.com/
85 KB
30 KB
Script
General
Full URL
https://cdn.pixfuture.com/jquery.min.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39100
last-modified
Wed, 12 Aug 2020 19:49:59 GMT
server
cloudflare
etag
W/"5f3447e7-1538f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zn%2BnYJwQxvi0wqaakEiqpYXnc9NMZZNH%2BA6%2B5pCGFYvR1RHBWUoKQTCJChIs7XeUpfFldQiW8ATzTgh2oGZNFCjKaKvmdyPaXK%2BFx1TBbMRNdPZYPEKJaNEP1I7l5mXIReb5GSICMdb4nmBlxNgB"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
818140690d88640d-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 19 Oct 2023 22:41:12 GMT
pixf_sync.html
cdn.pixfuture.com/ Frame ECC5
933 B
934 B
Document
General
Full URL
https://cdn.pixfuture.com/pixf_sync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
839f7cd4fa941606da0bfe5208dc649bfae9aa082e3305098bc4ce512c19a987

Request headers

Referer
https://tribuneonlineng.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
818140690d93640d-LHR
content-encoding
br
content-type
text/html
date
Wed, 18 Oct 2023 13:50:39 GMT
last-modified
Wed, 07 Dec 2022 20:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbTIi7dmSMHCP2eRv%2BT%2F9G8Il9IdARKQi6QFqapJk%2FgA6%2F5Q4wpiSBBSmyG9pk1Pbiki2eC1sCOhOQWhXBn%2F8WibUKPTSKeQmJElQ92qggu70ShwG0d7xUwrMx2h68Ps%2FO6aZ5WlT5yqV18dLwjL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
r.js
aa.agkn.com/adscores/
0
459 B
Script
General
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.152.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-152-153.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:39 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
ima3.js
imasdk.googleapis.com/js/sdkloader/
361 KB
124 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126235
x-xss-protection
0
expires
Wed, 18 Oct 2023 13:50:39 GMT
3945a367-53fe-45cb-84a6-65cd66db8a63
https://tribuneonlineng.com/
1 KB
0
Media
General
Full URL
blob:https://tribuneonlineng.com/3945a367-53fe-45cb-84a6-65cd66db8a63
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ Frame ECC5
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pixf_sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://cdn.pixfuture.com/
Origin
https://cdn.pixfuture.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8181406a5e0424d1-LHR
mgid_ua.svg
cdn.mgid.com/images/mgid/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
7WA8KCPZQAH2PZWF
age
1535
alt-svc
h3=":443"; ma=86400
x-amz-id-2
kvsl6VAtvv8F+gGXdpAiyvfQuhCDH+KlU7RL7b7YoKk7lVyumbVObA9AuUZ0mYRKwhyRYqcQ4e0=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8181406a4c646546-LHR
expires
Thu, 19 Oct 2023 13:50:39 GMT
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
816 B
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
JYXHPFNPTFG828JN
age
1536
alt-svc
h3=":443"; ma=86400
x-amz-id-2
VptEv1ZMU7ImCI/FAzjgbTI+mStZGMF9ar/dySu++XICtqRjsiQc3kjbKJ2EJ8ArgX5QaYg5tyw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8181406a4c636546-LHR
expires
Thu, 19 Oct 2023 13:50:39 GMT
1
servicer.mgid.com/1305397/
8 KB
2 KB
Script
General
Full URL
https://servicer.mgid.com/1305397/1?tcfV2=1&mp4=1&ap=1&w=750&h=499&sz=243x219&szp=1,2,3,4,5,6&szl=1,2,3;4,5,6&cols=3&sessionId=652fe2b0-0f266&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&cbuster=1697637039775215021502&pvid=18b430d7b859dd4afef&implVersion=11&cxurl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&scum=%3F0&scuw=%3F0&uspString=1---&uniqId=170da&childs=1518158&niet=4g&nisd=false&pv=5&lct=1696982400&jsv=es6&pageView=1&dpr=1&ref=&tfre=1666
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribuneonlineng.com.1305397.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdaf94a9c46792fb7332a4e4bdab78940a582b7e6fee7d29c8c0b7a3a3e07380
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8181406acd836546-LHR
alt-svc
h3=":443"; ma=86400
d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
config.aps.amazon-adsystem.com/configs/ Frame 5773
537 B
814 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
33a2301b92c917b13f1c246e2d3cc77af9da5e050b183aa69338b3ec218d18fd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:07:17 GMT
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2602
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
FXV3kW_Mk_0ApSpFL7iMNTZVO4mhfnfxUunNXgjULCZmjLlUX1SADA==
config
c.amazon-adsystem.com/cdn/prod/ Frame 5773
4 KB
4 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftribuneonlineng.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 12:36:18 GMT
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
4461
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://tribuneonlineng.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3623
x-amz-cf-id
mUGmLnccv74wN0xPjLF8zFyIMW51kfmBNoV_eukqXtunUBgNT_Ei7w==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 5773
199 B
641 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&pid=aoyiha19ETyFR&cb=0&ws=750x150&v=23.1010.1530&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1697637038627-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22640x360%22%2C%22640x200%22%2C%22640x100%22%2C%22300x250%22%2C%22336x280%22%2C%22750x200%22%2C%22750x150%22%2C%22750x100%22%2C%22700x250%22%2C%22700x200%22%2C%22700x150%22%2C%22700x100%22%2C%22336x320%22%2C%22320x320%22%2C%22300x300%22%2C%22320x250%22%2C%22320x267%22%5D%2C%22sn%22%3A%22%2F147246189%2C33885318%2Ftribuneonlineng.com_750x360_inside_article_desktop%22%7D%5D&schain=1.0%2C1!setupad.com%2C1475%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
7b624581629a6a0146f7176860d739ddfadfa20c5e0f84ad85801ee51c63ecb5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
CGYZM8B0HB81PQR1JV5T
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://tribuneonlineng.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
199
x-amz-cf-id
F2SHK8Wuxhanb0272WRypS8b7osyB02bikWsKrOE1LQujo0DrwEV8Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5773
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
date
Wed, 18 Oct 2023 02:58:03 GMT
x-amz-cf-pop
FRA56-P3
age
39157
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
5UBXXZefmcjotAL933hX6RJLI5V8uYSvKvrKgI4jMAS5G_gVzFPbXQ==
rum
cdn.pixfuture.com/cdn-cgi/ Frame ECC5
0
136 B
XHR
General
Full URL
https://cdn.pixfuture.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cdn.pixfuture.com/pixf_sync.html
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
application/json

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://cdn.pixfuture.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8181406b29ae640d-LHR
pbixcw.js
cdn.pixfuture.com/
396 KB
397 KB
Script
General
Full URL
https://cdn.pixfuture.com/pbixcw.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7af7adebf7aa976a359422998a621b90b8a46a16f5373c05064c6184887a2872

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38979
cf-polished
origSize=405416
cf-bgj
minify
last-modified
Thu, 09 Feb 2023 19:58:28 GMT
server
cloudflare
etag
W/"63e55064-62fa8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0YxzQnrZw398MFAL%2FfUdLzDy6j2S8D14TMkpO2SGq2RyAnYLaFOOs829RhJPjdJcx60d0YR3dmMk4jSZMR3VJDMOTfL7BtWP%2F%2BpBmQEjE0gJJWBWQfdq3AdNkwcDgsWDOYfI2ZL5B0dIZ5mxebt"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
8181406b39c3640d-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 18 Oct 2023 14:32:36 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 5773
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 18 Oct 2023 14:05:40 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 5773
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:03:18 GMT
content-encoding
gzip
via
1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
42443
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
G_2LqEZmCNkoZLAr7Bg_3dbWhXffYL1AmuVA8LmeCtY6y4sQHodGCg==
hadron.js
cdn.hadronid.net/ Frame 5773
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ref=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&_it=amazon&partner_id=533
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907Z07N0H4YQRTZE
age
3714
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8181406bd9e57198-LHR
x-amz-id-2
FTX4uTVOoCJnlfZvtg3cS2GHfBFAI/wkwGXMvvfwDzP+hX8bS7Tqr3U+IhvV3h140Zc4iKtAHTg=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 5773
138 KB
30 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a9b728cbc4ea20ef9c0934035ba3300049c50682dcc0e58452c40749b6d853
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2023 11:34:12 GMT
server
cloudflare
x-amz-request-id
AEF97AC81WAVCSN1
age
1318
etag
W/"cc062d3a08ec5f94b7d1ab377b1e95bd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8181406bdbe7888f-LHR
x-amz-id-2
/+zwEZqwr7gudUdODKJ8UAj6mMb+Eb20CKZ1YDxwH30SgTaugYAZVIdtz7QoA6txggj3635Wtnw=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 5773
14 KB
5 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Wed, 18 Oct 2023 14:05:40 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wOS83OTIwNzYvOGY1O...
s-img.mgid.com/g/17345322/492x277/-/
10 KB
11 KB
Image
General
Full URL
https://s-img.mgid.com/g/17345322/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wOS83OTIwNzYvOGY1OGQ2ZjNjMmM4MTNjMmFmMzEwMjcyN2E3Mzk0ZmYuanBlZw.webp?v=1697637039-7JvCpwbTuVZ_pAzS8bQS0rEckcp1WdhgQApk6DnwW9A
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f12368eb04a7d6a8992140a1276fef6ab939cd15cfce3bd66c401299f4ee067f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tribuneonlineng.com/
Origin
https://tribuneonlineng.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
1deeea08-374b-44cd-b89f-1772d6933eb4
age
1456055
alt-svc
h3=":443"; ma=86400
content-length
10748
last-modified
Sun, 01 Oct 2023 16:40:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8181406be85e3daf-LHR
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy8zMTUyODgvNThkN...
s-img.mgid.com/g/16724799/492x277/-/
14 KB
14 KB
Image
General
Full URL
https://s-img.mgid.com/g/16724799/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy8zMTUyODgvNThkNTFkYWNjN2U4ZjU0YzgyNmY2ZTEzZWRjNTQwYzkuanBn.webp?v=1697637039-flvn3KpQtUvtIQnp2QqgLFZXOvBcQhhC9HLWYbjsQ2E
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85457ae0d3805b45c930918c1bdce216a0552377fc29e3eaeb3650455a0b8e99
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tribuneonlineng.com/
Origin
https://tribuneonlineng.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
f5e7c1f4-87c7-40bd-985b-9f9b5ffc724a
age
2445077
alt-svc
h3=":443"; ma=86400
content-length
14304
last-modified
Mon, 17 Jul 2023 13:12:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8181406be8683daf-LHR
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC83NjE5MzQvMTViZ...
s-img.mgid.com/g/17471728/492x277/-/
15 KB
15 KB
Image
General
Full URL
https://s-img.mgid.com/g/17471728/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC83NjE5MzQvMTViZGNjZmNkNjM1ZmU0OTdiMWU0YzliMmVmNDA0YWQuanBlZw.webp?v=1697637039-9cV3MHINjPmln2ZAkzekIZz4Rsqar9LEyQbWoGqFWbA
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3ff06dc5ee115ce8e235ac79d5349839e9bedaf7e6eb4f6f4d67a16e08bcee
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tribuneonlineng.com/
Origin
https://tribuneonlineng.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
95b1d5e9-c321-4bdb-b1c6-2d98217459ca
age
162191
alt-svc
h3=":443"; ma=86400
content-length
15310
last-modified
Mon, 16 Oct 2023 16:47:29 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8181406be8673daf-LHR
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC83NjE5MzQvY2IxN...
s-img.mgid.com/g/17480710/492x277/-/
9 KB
9 KB
Image
General
Full URL
https://s-img.mgid.com/g/17480710/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC83NjE5MzQvY2IxN2VkZjY5M2IwZmNmZGZhYWFmZmY5ZWVlZjZhNWQucG5n.webp?v=1697637039-NNOmYrMWLSa_co-R3d8AR1C7_K7MGAOlV5tiaYSlSAs
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f88e9858621eba7bd5c2c552bae32c1fd5f05c3de9e9ed89c8e9ea148ad0f0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tribuneonlineng.com/
Origin
https://tribuneonlineng.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
314fa40b-15f5-4127-905e-4f120bc0a3df
age
76765
alt-svc
h3=":443"; ma=86400
content-length
8988
last-modified
Tue, 17 Oct 2023 16:27:11 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8181406be8643daf-LHR
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wOS83NTQ2NDgvMjg5Z...
s-img.mgid.com/g/17225974/492x277/-/
19 KB
20 KB
Image
General
Full URL
https://s-img.mgid.com/g/17225974/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wOS83NTQ2NDgvMjg5ZGIzYzIzMmU4OGU3MTZhZTJiZmFjMmJkZGZiODUuanBlZw.webp?v=1697637039-m7hjm8EMd9tdhRJ9eqII2KkNczw8cQI2IU6KGfLNDxQ
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2189aca2d3e88903e64576a57c5661658663f900ed089163c8ad1dd98b99d5bf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tribuneonlineng.com/
Origin
https://tribuneonlineng.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
64b9d896-be4d-496b-86e7-009e75b63e64
age
2610957
alt-svc
h3=":443"; ma=86400
content-length
19776
last-modified
Mon, 18 Sep 2023 07:19:28 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8181406bf86d3daf-LHR
4b1d8f4cab4964971fcb4e69dfc67134.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-10/815305/
294 KB
295 KB
Media
General
Full URL
https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-10/815305/4b1d8f4cab4964971fcb4e69dfc67134.mp4?v=1697637039-z_0BgwoJ3Tz_X7CGFAKEeduApMQUhS-VR43oq9r-uAw
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9281 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3e96d03c89525936e9ee781d0cb7168035518e899c260cd27e426fc0e45b255
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tribuneonlineng.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
122839
Content-Range
bytes 0-300801/300802
server-timing
cld-fastly;mitm=cpo;dur=753;cpu=1;start=2023-10-16T12:58:24.228Z;desc=miss,rtt;dur=0,content-info;desc="width=680,height=382,abps=21006,fps=25.0,du=14.32,vc=\"h264\",bytes=300802,owidth=680,oheight=382,oabps=25406,ofps=25.0,odu=14.32,ovc=\"h264\",obytes=363817,oformat=\"mp4\"",cloudinary;dur=740;start=2023-10-16T12:58:24.234Z,cld-id;desc=115194cbdfb579a2e168514ce293b914
alt-svc
h3=":443"; ma=86400
Content-Length
300802
x-request-id
115194cbdfb579a2e168514ce293b914
last-modified
Mon, 16 Oct 2023 12:58:25 GMT
server
cloudflare
etag
"bf243a21aa0e2f69dbd4eaaa60f977a2"
vary
Accept-Encoding
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, max-age=31536000, no-transform, immutable
timing-allow-origin
*
x-robots-tag
noindex
cf-ray
8181406c78df6358-LHR
cwc.php
served-by.pixfuture.com/www/delivery/
25 KB
25 KB
XHR
General
Full URL
https://served-by.pixfuture.com/www/delivery/cwc.php?d=4726x319&keywords=leaked,s3x,video,why,agreed,filmnbsp,intimate,moment,expartner,moyo,lawalnbsp&refUrl=https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/&refresh=false&innerWidth=1600&w=640&h=478
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
66bea835121c445a495d6af4d60da1abeaad71655747919091b3e28ebb2605a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 18 Oct 2023 13:50:40 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
transfer-encoding
chunked
content-type
application/json
i.js
cm.mgid.com/
0
38 B
Script
General
Full URL
https://cm.mgid.com/i.js?cbuster=1697637039959278746236&uspString=1---
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribuneonlineng.com.1305397.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
8181406c485f6546-LHR
alt-svc
h3=":443"; ma=86400
content-length
0
i-noref.js
cm.mgid.com/ Frame F6FB
0
127 B
Script
General
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1697637039961190273309&uspString=1---
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribuneonlineng.com.1305397.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
8181406c48626546-LHR
alt-svc
h3=":443"; ma=86400
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/
138 KB
30 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribuneonlineng.com.1305397.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a9b728cbc4ea20ef9c0934035ba3300049c50682dcc0e58452c40749b6d853
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2023 11:34:12 GMT
server
cloudflare
x-amz-request-id
AEF97AC81WAVCSN1
age
1318
etag
W/"cc062d3a08ec5f94b7d1ab377b1e95bd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8181406bebfc888f-LHR
x-amz-id-2
/+zwEZqwr7gudUdODKJ8UAj6mMb+Eb20CKZ1YDxwH30SgTaugYAZVIdtz7QoA6txggj3635Wtnw=
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/
207 KB
63 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/r/tribuneonlineng.com.1305397.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:55:21 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=156450
accept-ranges
bytes
content-length
63913
expires
Fri, 20 Oct 2023 09:18:09 GMT
khaos.json
token.rubiconproject.com/ Frame 601B
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 5773
49 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Wed, 18 Oct 2023 14:05:40 GMT
map
bcp.crwdcntrl.net/6/ Frame 5773
235 B
697 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.194.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-194-117.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
87850fbbb20298abfae7a827f446d996b890b7bb3a1a08685f82161a957f2b80

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache
x-server
10.45.27.213
access-control-allow-credentials
true
content-length
235
expires
0
hadron.json
id.hadron.ad.gt/v1/ Frame 5773
104 B
292 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=tribuneonlineng.com&url=https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ref=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&_it=amazon&partner_id=533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f64dfe94cb486d43f0721a2556c3ecc7e5fba81c62f4522f43c969f186ca15ca

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
8181406dbc90775b-LHR
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=tribuneonlineng.com&url=https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://tribuneonlineng.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8181406d0b66775b-LHR
content-length
0
content-type
application/json
date
Wed, 18 Oct 2023 13:50:40 GMT
debug
OPTIONS block
expires
Thu, 17 Oct 2024 13:50:40 GMT
server
cloudflare
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame 5773
190 B
465 B
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://tribuneonlineng.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Wed, 18 Oct 2023 14:20:40 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame DEFB
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&dcc=t
369 B
1 KB
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b65d2c1a672e09b25465516783f6dd686d13a58aa13c5078ea3d2ded8637a08e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://tribuneonlineng.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
369
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 18 Oct 2023 13:50:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
D1A2MC451VG0HGRNW03V

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 18 Oct 2023 13:50:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FPFTFFYZV4B4JR8R2RN3
r.js
aa.agkn.com/adscores/
0
458 B
Script
General
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.152.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-152-153.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:40 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame 5773
223 KB
65 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:51:49 GMT
server
Apache
etag
"37c41-60386a6319d17-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
66128
expires
Wed, 18 Oct 2023 14:05:40 GMT
533
a.ad.gt/api/v1/u/matches/ Frame 5773
12 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/533?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ref=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&_it=amazon&partner_id=533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc12e0022d6b58c22cea0214317fc78655fbe2a274e1179afeffdd59986e362

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 18 Oct 2023 13:48:22 GMT
server
cloudflare
age
138
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8181406f490924d7-LHR
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame F363
3 KB
4 KB
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
1fd8238974376aeaf6d9277dd2e87425bf5548d2ac0327426f0258f033f4e26f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3334
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 18 Oct 2023 13:50:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
3C31ZZ9BYB7BVVDK9R8V
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F363
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=c54be2b9-40c9-4434-abd4-909b9f5bd618
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=c54be2b9-40c9-4434-abd4-909b9f5bd618
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3FA1JEP4FEWZ371X8W49
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=c54be2b9-40c9-4434-abd4-909b9f5bd618
date
Wed, 18 Oct 2023 13:50:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F363
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=6008a5bd-a699-45ac-abcc-7994dcf3b75c
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=6008a5bd-a699-45ac-abcc-7994dcf3b75c
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VHK5ZX7WMPXQD4MNABW0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=6008a5bd-a699-45ac-abcc-7994dcf3b75c
date
Wed, 18 Oct 2023 13:50:40 GMT
server
_
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F363
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1697637040676
  • https://ad.turn.com/r/cs?pid=45&rndcb=5036711212
  • https://sync.1rx.io/usersync/turn/7265569487072127626?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-85d63b52-dbb3-44b1-b388-d84c7c4dbc52-003?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-85d63b52-dbb3-44b1-...
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-85d63b52-dbb3-44b1-b388-d84c7c4dbc52-003
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-85d63b52-dbb3-44b1-b388-d84c7c4dbc52-003
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WFE1297548WDVTFXMAJS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-85d63b52-dbb3-44b1-b388-d84c7c4dbc52-003
date
Wed, 18 Oct 2023 13:50:40 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX85d63b52dbb344b1b388d84c7c4dbc52003
content-type
text/html
ecm3
s.amazon-adsystem.com/ Frame F363
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AADhg07KX8UAABisnIkiMA&ex=beeswax.com
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=AADhg07KX8UAABisnIkiMA&ex=beeswax.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EJCEM2Z8GP1PPXSXX5GY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AADhg07KX8UAABisnIkiMA&ex=beeswax.com
Date
Wed, 18 Oct 2023 13:50:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/match/ Frame F363
0
148 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F363
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
  • https://sync.outbrain.com/sync-external?uid=ZO5tUoutOsDgfTqczmuQ&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6YLBPAWWK5JOMFWWC6TPNYWWCZDTPFZXIZ...
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252F...
  • https://u.openx.net/w/1.0/cm?cc=1&id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam...
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6YLBPAWWK5JOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPOMXWKY3NGM7WK6B5N52XI...
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6YLBPAWWK5JOMFWWC6TPNYWWCZDTPFZXIZLNF...
  • https://sync.outbrain.com/cookie-sync?obhb=https://b1sync.zemanta.com/usersync/amazon_tam/callback/?d=NB2HI4DTHIXS6YLBPAWWK5JOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPOMXWKY3NGM7WK6B5N52XIYTSMFUW4LTDN5WSM2L...
  • https://b1sync.zemanta.com/usersync/amazon_tam/callback/?d=NB2HI4DTHIXS6YLBPAWWK5JOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPOMXWKY3NGM7WK6B5N52XIYTSMFUW4LTDN5WSM2LEHVNE6NLUKVXXK5CPONCGOZSUOFRXU3LVKE
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=ZO5tUoutOsDgfTqczmuQ
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=ZO5tUoutOsDgfTqczmuQ
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
014RVN9M2AHHAXA94RDF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=ZO5tUoutOsDgfTqczmuQ
Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
108
Content-Type
text/html; charset=utf-8
amzns2s
rtb.gumgum.com/usync/ Frame 16D5
3 KB
1 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.115.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-115-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c263ae1e34ee8d42728d709b104ef661467582751c239dc44366f70fad163ea1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 18 Oct 2023 13:50:40 GMT
etag
W/"0cbfe6a9cd7ea6287df78f0abef4110c7"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 46DC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
906 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
164b6bbc25089dc3b7ef9d43e135b9386f1082cc40ca5195675360c39fdb4acb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8181407148b2dccb-LHR
content-encoding
br
content-type
text/html
date
Wed, 18 Oct 2023 13:50:41 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCyOcRaPJcr3ynq%2FiMLL3Qp4DF7D%2Fg8jE9hAIzSamzd53t8EYbVaDi7YbZ7jINkkEgzwJbsSuk9GpP6KkCFR%2F8mz0FgXdtehU%2F%2FfrlUNEPDXOZAc0g7n6kcH6glizz%2BQx2dqbP%2BlFrvChw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
818140701f08dccb-LHR
content-length
0
date
Wed, 18 Oct 2023 13:50:40 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OrHK7negL5KGp5hFPjJ0HRI7FgDTlIGj6oecWUr%2B0Nlhuj85GLHrBqqx8YD7TMplN%2FjDEqJ31ykhHHC3QqPC%2Bj4OAGHL7XDuQBKGap4UUbmxSY%2FjT9JIoh5vRG4ZcWvGatsUchqN9In1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 3351
0
176 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 18 Oct 2023 13:50:40 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
ssbsync.smartadserver.com/api/ Frame AFFE
0
75 B
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=2
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
0
date
Wed, 18 Oct 2023 13:50:40 GMT
current
amazon-tam-match.dotomi.com/match/bounce/ Frame E6FE
0
0
Document
General
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1720 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, private, max-age=0, no-store
date
Wed, 18 Oct 2023 13:50:40 GMT
expires
0
pragma
no-cache
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5D85
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=89718
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 18 Oct 2023 13:50:40 GMT
expires
Thu, 19 Oct 2023 14:45:58 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5AA4
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 18 Oct 2023 13:50:40 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F435
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=3962086127277227103266
43 B
479 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=3962086127277227103266
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 18 Oct 2023 13:50:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
C7RTQCFRDC327AR9X0ZK

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 18 Oct 2023 13:50:40 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=3962086127277227103266
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.js
eus.rubiconproject.com/ Frame 5AA4
41 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1401a2aaeb82e735d02dbcd6ca44193e9a26b461ecbc40b6c2399d2eb794c5e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 13:50:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Oct 2023 20:01:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=22247
Connection
keep-alive
Content-Length
11123
Expires
Wed, 18 Oct 2023 20:01:27 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5D85
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83893231&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2536f2ffb8feb7700574a2fdb532fb3f4b44cd96cf50d7cafc2bdcd51122f6f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 18 Oct 2023 13:50:39 GMT
content-length
1710
content-type
text/html; charset=UTF-8
usersync
usersync.gumgum.com/ Frame 16D5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=8807342979975854936
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=8807342979975854936
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:40 GMT
an-x-request-uuid
3b2ec8c4-7204-4b20-b980-00d5c21765ee
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=8807342979975854936
x-proxy-origin
5.187.21.105; 5.187.21.105; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 16D5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9bc1789f-8f6c-44b5-a3a6-9ca9c4f84b2b&gdpr=&gdpr_consent=&us_privacy=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=c54be2b9-40c9-4434-abd4-909b9f5bd618
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=c54be2b9-40c9-4434-abd4-909b9f5bd618
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
3.126.125.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-125-13.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=c54be2b9-40c9-4434-abd4-909b9f5bd618
date
Wed, 18 Oct 2023 13:50:40 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cm
us-u.openx.net/w/1.0/ Frame 16D5
43 B
219 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame 16D5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1461cd0e-8d79-5b22-741e-394fb682a8bc$ip$5.187.21.105
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-1461cd0e-8d79-5b22-741e-394fb682a8bc$ip$5.187.21.105
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-1461cd0e-8d79-5b22-741e-394fb682a8bc$ip$5.187.21.105
Date
Wed, 18 Oct 2023 13:50:41 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 16D5
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:d271:299f:5c6e:4925 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame 16D5
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=190fb1c3-dc6e-47b8-b240-afafbdfa72f3
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=190fb1c3-dc6e-47b8-b240-afafbdfa72f3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=190fb1c3-dc6e-47b8-b240-afafbdfa72f3
Date
Wed, 18 Oct 2023 13:50:41 GMT
Connection
keep-alive
X-CI-RTID
c50e9766-86e5-481a-a59d-935e7407c0f8
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 16D5
0
339 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 18 Oct 2023 13:50:40 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 16D5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9bc1789f-8f6c-44b5-a3a6-9ca9c4f84b2b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
server_match
ad.360yield.com/ Frame 16D5
43 B
199 B
Image
General
Full URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.77.169.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-169-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 18 Oct 2023 13:50:40 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 16D5
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=3oaDtuWQGQUr&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=3oaDtuWQGQUr&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-GB
location
https://usersync.gumgum.com/usersync?b=pln&i=3oaDtuWQGQUr&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdf9fc9cc-g6hfm
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 16D5
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:39 GMT
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 16D5
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_9bc1789f-8f6c-44b5-a3a6-9ca9c4f84b2b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NVK9QKVT0NXF52CTHBYF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 6922
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=7023358037088889874&gdpr=&gdpr_consent=
35 B
208 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=7023358037088889874&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.115.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-115-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Wed, 18 Oct 2023 13:50:40 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 18 Oct 2023 13:50:40 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=7023358037088889874&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersync
usersync.gumgum.com/ Frame 05E8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZS-isAAAWmpqhAA5
  • https://usersync.gumgum.com/usersync?b=atm&i=ZS-isAAAWmpqhAA5&gdpr=&gdpr_consent=&_test=ZS-isAAAWmpqhAA5
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZS-isAAAWmpqhAA5&gdpr=&gdpr_consent=&_test=ZS-isAAAWmpqhAA5
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 18 Oct 2023 13:50:40 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 18 Oct 2023 13:50:40 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZS-isAAAWmpqhAA5&gdpr=&gdpr_consent=&_test=ZS-isAAAWmpqhAA5
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-lhr7323-LHR
x-timer
S1697637041.936518,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 5B89
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85YmMxNzg5Zi04ZjZjLTQ0YjUtYTNhNi05Y2E5YzRmODRiMmI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 13:50:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 438A
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=89718
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 18 Oct 2023 13:50:40 GMT
expires
Thu, 19 Oct 2023 14:45:58 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 6DBE
70 B
148 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Wed, 18 Oct 2023 13:50:40 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame A72E
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZS-iscCo8X4AAK6nrEAAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZS-iscCo8X4AAK6nrEAAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 18 Oct 2023 13:50:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 18 Oct 2023 13:50:41 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZS-iscCo8X4AAK6nrEAAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
8
X-SO-Cluster-ID
0
X-SO-HostName
m-ad1015.dc4p.scaleout.jp
X-SO-IP
5.187.21.105
X-SO-Key
ZS-iscCo8X4AAK6nrEAAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"0.0.0.0","key":"ZS-iscCo8X4AAK6nrEAAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad1015"}
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad1015
usersync
usersync.gumgum.com/ Frame 9735
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=eMia2WblL48GIZoEfPdd&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=eMia2WblL48GIZoEfPdd&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 18 Oct 2023 13:50:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 18 Oct 2023 13:50:40 GMT Wed, 18 Oct 2023 13:50:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=eMia2WblL48GIZoEfPdd&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame C478
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 18 Oct 2023 13:50:40 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 18 Oct 2023 13:50:40 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
/
reporting.powerad.ai/
2 B
272 B
Ping
General
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 18 Oct 2023 13:50:41 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
usersync.aspx
widget.us.criteo.com/dis/ Frame 8271
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...
43 B
363 B
Document
General
Full URL
https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 13:50:40 GMT
expires
Wed, 18 Oct 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
166994
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0

Redirect headers

content-length
0
date
Wed, 18 Oct 2023 13:50:40 GMT
location
https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
server
Kestrel
server-processing-duration-in-ticks
231304
strict-transport-security
max-age=31536000; preload;
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A1E2
43 B
479 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID148EC3A0-1308-44CB-8FA8-407D97186EFB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 18 Oct 2023 13:50:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
EV1AYD7KYGC612DRZEVK
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5D85
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FI7DoBMIRMuPqEB9lxhu-w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=89718
accept-ranges
bytes
content-length
5606
expires
Thu, 19 Oct 2023 14:45:58 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 5D85
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=148EC3A0-1308-44CB-8FA8-407D97186EFB&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.194.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-194-117.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.11
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 5D85
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1222064435
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=148EC3A0-1308-44CB-8FA8-407D97186EFB
0
284 B
Image
General
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=148EC3A0-1308-44CB-8FA8-407D97186EFB
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:40 GMT
via
1.1 google
last-modified
Wed, 18 Oct 2023 13:50:41 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=148EC3A0-1308-44CB-8FA8-407D97186EFB
date
Wed, 18 Oct 2023 13:50:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 5D85
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=148EC3A0-1308-44CB-8FA8-407D97186EFB
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YjY3cjI5TGtTTi1SMWltdTZPOHZXWWxadw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7023358037088889874&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.211.152.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-152-111.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 13:50:41 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 18 Oct 2023 13:50:41 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 5D85
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTQ4RUMzQTAtMTMwOC00NENCLThGQTgtNDA3RDk3MTg2RUZC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 13:50:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5D85
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEl-YjZSmfsKcJxXev-iKqM&google_cver=1
42 B
497 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEl-YjZSmfsKcJxXev-iKqM&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 13:50:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEl-YjZSmfsKcJxXev-iKqM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 5D85
43 B
612 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 17 Oct 2023 13:50:40 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5D85
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5873520761298104872
42 B
323 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5873520761298104872
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 13:50:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5873520761298104872
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 5D85
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_rbd_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:40 GMT
server
Kestrel
content-length
70
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame C478
41 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1401a2aaeb82e735d02dbcd6ca44193e9a26b461ecbc40b6c2399d2eb794c5e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 13:50:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Oct 2023 20:01:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=22247
Connection
keep-alive
Content-Length
11123
Expires
Wed, 18 Oct 2023 20:01:27 GMT
crum
dsum-sec.casalemedia.com/ Frame 46DC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZS-isJO-pZVJBnzGmtmEYAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO9TGOUB1miCoRZ5P8vODS8&google_cver=1
43 B
734 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO9TGOUB1miCoRZ5P8vODS8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94rDlzO%2BXejEw4%2FHbWvWZh%2BvYr43ScwCvaqNheuKNgXOtJId0XbtYZtRoM2JvAAR3AaCd97FtdL5xjF5LGDrg8pbnw8e2GE4piem57i%2F5K3f1E5aVyfmn0FGRqxfOU3ocQ1qph22E%2B5gjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81814073fa5271a4-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO9TGOUB1miCoRZ5P8vODS8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 46DC
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:41 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 46DC
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS_isJO_pZVJBnzGmtmEYAAABCUAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9WSC2W279ACN74YXVWYF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 46DC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZS_isJO_pZVJBnzGmtmEYAAABCUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGzbsQ7K5Q_qGxvOShg46EQ&google_cver=1
43 B
771 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGzbsQ7K5Q_qGxvOShg46EQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CWRwrhZEoHN87JVPKaRsXOdXvrsPGX2w0icDzK9iNK7NnbZSYLY7JukS8%2BLnQw3OyUcyllZlK%2BeivZoEC6bdW2mkxPgIUpXwtStqqNmCGAU3%2Bcs8Nq5Dc4bMdau77w%2F4M2V1vhRWeljdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81814072c8d971a4-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGzbsQ7K5Q_qGxvOShg46EQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 46DC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8807342979975854936
43 B
326 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8807342979975854936
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djB8FvLagd9qhtnFA8oVf6FbBiRF3mFpTIDeihyPJCNB%2Bwh8x4CWFvliKSbQNCx2N3gqYNA6PM8P2wwNYm1OTlH9%2FNPwzA9J1l3QS%2Ft8stRXNum3mNp2nir0iCYeKpMofh6S0VixT9%2FJPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81814072aa60dccb-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:41 GMT
an-x-request-uuid
d3c458d6-3209-4053-9136-579bd23b0855
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8807342979975854936
x-proxy-origin
5.187.21.105; 5.187.21.105; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 46DC
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZS-isJO-pZVJBnzGmtmEYAAA%261061?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZS-isJO-pZVJBnzGmtmEYAAA%261061
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZS-isJO-pZVJBnzGmtmEYAAA%261061
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
54.194.110.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-110-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v052-04265db47.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
RQagjqCISAQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v052-0349bf5f4.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
MPziP60wTIM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZS-isJO-pZVJBnzGmtmEYAAA%261061
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame 46DC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZS-isAAAWmpqhAA5
43 B
339 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZS-isAAAWmpqhAA5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2A6MwLzQxR4Vx%2BpJmAYEME3SILLHERAk4D0ZCMGAbF7NM6SgJOePxv4cf377xacExc6kzLi9m4dWTqO0tLK%2BdujTCQJdE9DYI3mgWZP5NM51l%2BUxGDEl9Lm3TgSmnFHcUIjUDkqJCbObCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81814072aa50dccb-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-lhr7323-LHR
pragma
no-cache
date
Wed, 18 Oct 2023 13:50:41 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697637041.037242,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZS-isAAAWmpqhAA5
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum.casalemedia.com/ Frame 46DC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_dae5f583-e48a-4745-88fe-dd60be7e9181&bsw_param=c54be2b9-40c9-4434-abd4-909b9f5bd618&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=&gdpr_consent=&us_privacy=
43 B
319 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82yQUlsm%2BfB%2BsKCIVLeWwBiqe%2FbHbNxIZGXaJUGG6kea6QsoR9IMwoRXhN1iW%2FyLamLu1INCO4JooqiFxn4kyP5rbJL2edeQBh4I90bURcbFrO%2BZRNQFTRXQMFapqoWjR6hLYuH8"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81814073fc43dccb-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 18 Oct 2023 13:50:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 46DC
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=ZS_isJO_pZVJBnzGmtmEYAAABCUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1S37JQ4CT7XJBH9HTSKE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 5AA4
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
khaos.json
token.rubiconproject.com/ Frame C478
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 5D85
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
admin-ajax.php
tribuneonlineng.com/wp-admin/
0
293 B
Fetch
General
Full URL
https://tribuneonlineng.com/wp-admin/admin-ajax.php
Requested by
Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 18 Oct 2023 13:50:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
818140813c2c6582-LHR
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1514690579&t=event&ni=1&_s=2&dl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ul=en-us&de=UTF-8&dt=Leaked%20s3x%20video%3A%20Why%20I%20agreed%20to%20film%C2%A0%20intimate%20moment%20with%20ex-partner%20%E2%80%94%20Moyo%20Lawal%C2%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Inserter%20Pro&ea=impression&el=2%20-%20Block%202&_u=aDDACUABBAAAACAAI~&jid=&gjid=&cid=253364812.1697637039&tid=UA-33246503-1&_gid=1266924059.1697637039&gtm=457e3ag0&z=1481650331
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 14:33:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1514690579&t=event&ni=1&_s=3&dl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ul=en-us&de=UTF-8&dt=Leaked%20s3x%20video%3A%20Why%20I%20agreed%20to%20film%C2%A0%20intimate%20moment%20with%20ex-partner%20%E2%80%94%20Moyo%20Lawal%C2%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Inserter%20Pro&ea=impression&el=2%20-%20Block%202&_u=aDDACUABBAAAACAAI~&jid=&gjid=&cid=253364812.1697637039&tid=UA-33246503-1&_gid=1266924059.1697637039&gtm=457e3ag0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=217013642
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 14:33:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1514690579&t=event&ni=1&_s=4&dl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ul=en-us&de=UTF-8&dt=Leaked%20s3x%20video%3A%20Why%20I%20agreed%20to%20film%C2%A0%20intimate%20moment%20with%20ex-partner%20%E2%80%94%20Moyo%20Lawal%C2%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Inserter%20Pro&ea=impression&el=9%20-%20Block%209&_u=aDDACUABBAAAACAAI~&jid=&gjid=&cid=253364812.1697637039&tid=UA-33246503-1&_gid=1266924059.1697637039&gtm=457e3ag0&z=992350543
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 14:33:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1514690579&t=event&ni=1&_s=5&dl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ul=en-us&de=UTF-8&dt=Leaked%20s3x%20video%3A%20Why%20I%20agreed%20to%20film%C2%A0%20intimate%20moment%20with%20ex-partner%20%E2%80%94%20Moyo%20Lawal%C2%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Inserter%20Pro&ea=impression&el=9%20-%20Block%209&_u=aDDACUABBAAAACAAI~&jid=&gjid=&cid=253364812.1697637039&tid=UA-33246503-1&_gid=1266924059.1697637039&gtm=457e3ag0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1910547552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 14:33:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1514690579&t=event&ni=1&_s=6&dl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ul=en-us&de=UTF-8&dt=Leaked%20s3x%20video%3A%20Why%20I%20agreed%20to%20film%C2%A0%20intimate%20moment%20with%20ex-partner%20%E2%80%94%20Moyo%20Lawal%C2%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Inserter%20Pro&ea=impression&el=3%20-%20Block%203&_u=aDDACUABBAAAACAAI~&jid=&gjid=&cid=253364812.1697637039&tid=UA-33246503-1&_gid=1266924059.1697637039&gtm=457e3ag0&z=950023071
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 14:33:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1514690579&t=event&ni=1&_s=7&dl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ul=en-us&de=UTF-8&dt=Leaked%20s3x%20video%3A%20Why%20I%20agreed%20to%20film%C2%A0%20intimate%20moment%20with%20ex-partner%20%E2%80%94%20Moyo%20Lawal%C2%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Inserter%20Pro&ea=impression&el=3%20-%20Block%203&_u=aDDACUABBAAAACAAI~&jid=&gjid=&cid=253364812.1697637039&tid=UA-33246503-1&_gid=1266924059.1697637039&gtm=457e3ag0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1705876241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 14:33:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1514690579&t=event&ni=1&_s=8&dl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ul=en-us&de=UTF-8&dt=Leaked%20s3x%20video%3A%20Why%20I%20agreed%20to%20film%C2%A0%20intimate%20moment%20with%20ex-partner%20%E2%80%94%20Moyo%20Lawal%C2%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Inserter%20Pro&ea=impression&el=7%20-%20Block%207&_u=aDDACUABBAAAACAAI~&jid=&gjid=&cid=253364812.1697637039&tid=UA-33246503-1&_gid=1266924059.1697637039&gtm=457e3ag0&z=1128290020
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 14:33:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1514690579&t=event&ni=1&_s=9&dl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ul=en-us&de=UTF-8&dt=Leaked%20s3x%20video%3A%20Why%20I%20agreed%20to%20film%C2%A0%20intimate%20moment%20with%20ex-partner%20%E2%80%94%20Moyo%20Lawal%C2%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Inserter%20Pro&ea=impression&el=7%20-%20Block%207&_u=aDDACUABBAAAACAAI~&jid=&gjid=&cid=253364812.1697637039&tid=UA-33246503-1&_gid=1266924059.1697637039&gtm=457e3ag0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=613333987
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 14:33:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1514690579&t=event&ni=1&_s=10&dl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ul=en-us&de=UTF-8&dt=Leaked%20s3x%20video%3A%20Why%20I%20agreed%20to%20film%C2%A0%20intimate%20moment%20with%20ex-partner%20%E2%80%94%20Moyo%20Lawal%C2%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Inserter%20Pro&ea=impression&el=10%20-%20Block%2010&_u=aDDACUABBAAAACAAI~&jid=&gjid=&cid=253364812.1697637039&tid=UA-33246503-1&_gid=1266924059.1697637039&gtm=457e3ag0&z=488340762
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 14:33:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1514690579&t=event&ni=1&_s=11&dl=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ul=en-us&de=UTF-8&dt=Leaked%20s3x%20video%3A%20Why%20I%20agreed%20to%20film%C2%A0%20intimate%20moment%20with%20ex-partner%20%E2%80%94%20Moyo%20Lawal%C2%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Inserter%20Pro&ea=impression&el=10%20-%20Block%2010&_u=aDDACUABBAAAACAAI~&jid=&gjid=&cid=253364812.1697637039&tid=UA-33246503-1&_gid=1266924059.1697637039&gtm=457e3ag0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=524145719
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 14:33:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5D85
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=18440095&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e6246ca8c59b633df50bca8316fb49791e9e5e649d4c1cbc713fa0a966809e6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 18 Oct 2023 13:50:42 GMT
content-length
1548
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 4F58
35 B
591 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=148EC3A0-1308-44CB-8FA8-407D97186EFB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 18 Oct 2023 13:50:43 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0FDA
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=148EC3A0-1308-44CB-8FA8-407D97186EFB&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 18 Oct 2023 13:50:43 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
HM6ANKA6YDXV5Z8B2F4J
Pug
image2.pubmatic.com/AdServer/ Frame 0FF9
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YH9mfjN4Nit7KTAgYit5ezd4bSl7eTZ-NyivFRzL
42 B
338 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YH9mfjN4Nit7KTAgYit5ezd4bSl7eTZ-NyivFRzL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 13:50:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 18 Oct 2023 13:50:43 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YH9mfjN4Nit7KTAgYit5ezd4bSl7eTZ-NyivFRzL
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 1AD7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8807342979975854936&gdpr=0&gdpr_consent=
42 B
299 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8807342979975854936&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 13:50:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
05b017bd-3adf-4b15-8342-67e18e78583c
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 13:50:43 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8807342979975854936&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
5.187.21.105; 5.187.21.105; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame EBD4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7291295580186998923&gdpr=0&gdpr_consent=
42 B
219 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7291295580186998923&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 13:50:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 18 Oct 2023 13:50:43 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7291295580186998923&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F1D5
43 B
479 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID148EC3A0-1308-44CB-8FA8-407D97186EFB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 18 Oct 2023 13:50:43 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
WYS2WV8WSJY7ZC47D0NA
mw
mwzeom.zeotap.com/ Frame 5D85
95 B
195 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=148EC3A0-1308-44CB-8FA8-407D97186EFB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
81814083fa3063e4-LHR
access-control-allow-headers
*
content-length
95
info2
uipus.semasio.net/pubmatic/1/ Frame 5D85
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=148EC3A0-1308-44CB-8FA8-407D97186EFB&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipus.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=148EC3A0-1308-44CB-8FA8-407D97186EFB&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipus.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=148EC3A0-1308-44CB-8FA8-407D97186EFB&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B
Image
General
Full URL
https://uipus.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=148EC3A0-1308-44CB-8FA8-407D97186EFB&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
50.57.31.206 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:44 GMT
Frontend-ID
14
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 18 Oct 2023 13:50:44 GMT
Frontend-ID
15
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=148EC3A0-1308-44CB-8FA8-407D97186EFB&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 5D85
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=148EC3A0-1308-44CB-8FA8-407D97186EFB&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=d4654c2a9ba2b4e7022e31e014fd7f1a&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:44 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
148EC3A0-1308-44CB-8FA8-407D97186EFB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5D85
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/148EC3A0-1308-44CB-8FA8-407D97186EFB?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:d271:299f:5c6e:4925 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 5D85
0
125 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=148EC3A0-1308-44CB-8FA8-407D97186EFB&redir=true&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
PugMaster
image6.pubmatic.com/AdServer/ Frame 438A
1 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=7169474&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b4b2e0b61f898a3ec52a9bdb99e686dd89c4d966aff2d4df2c1ee4d3d0b8e3db

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 18 Oct 2023 13:50:43 GMT
content-length
1463
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame CF9D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARi0xb-pBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEFUyV2ptvRHuhuAAJZDAZHyqAQhwdWJtYXRpY7IBJGM1NGJlMmI5LTQwYzktNDQzNC1hYmQ0LTkwOWI5ZjViZDYxOA**
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=5532576a-6dbd-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=c54be2b9-40c9-4434-abd4-909b9f5bd618
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
166 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 13:50:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 18 Oct 2023 13:50:44 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c54be2b9-40c9-4434-abd4-909b9f5bd618&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
simage2.pubmatic.com/AdServer/ Frame 05FA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FGHNDo15WyJ0HjlPtoKovAW7FWk&gdpr=0&gdpr_consent=
42 B
299 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FGHNDo15WyJ0HjlPtoKovAW7FWk&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 13:50:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 18 Oct 2023 13:50:43 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FGHNDo15WyJ0HjlPtoKovAW7FWk&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 8C73
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
185 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 13:50:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Wed, 18 Oct 2023 13:50:43 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame D6B4
85 B
258 B
Document
General
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 18 Oct 2023 13:50:43 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lhr7323-LHR
x-timer
S1697637044.883901,VS0,VE79
Pug
simage2.pubmatic.com/AdServer/ Frame ECFB
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 13:50:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 18 Oct 2023 13:50:43 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame BDF5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEaGcwN0tYOFVBQUJpc25Ja2lNQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AADhg07KX8UAABisnIkiMA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADhg07KX8UAABisnIkiMA&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADhg07KX8UAABisnIkiMA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6296753743886515757&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADhg07KX8UAABisnIkiMA&gdpr=0&gdpr_consent=
42 B
199 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADhg07KX8UAABisnIkiMA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 13:50:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 18 Oct 2023 13:50:44 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADhg07KX8UAABisnIkiMA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 7AE8
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU874e9e9b6b7c47ef990079a23d13e11d
42 B
359 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU874e9e9b6b7c47ef990079a23d13e11d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 18 Oct 2023 13:50:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 13:50:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU874e9e9b6b7c47ef990079a23d13e11d
pragma
no-cache
server
Tengine
usersync
usersync.gumgum.com/ Frame 9DC1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=148EC3A0-1308-44CB-8FA8-407D97186EFB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 18 Oct 2023 13:50:43 GMT
Expires
0
Pragma
no-cache
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 438A
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 18 Oct 2023 13:50:43 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 438A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7265569487072127626&gdpr=0&gdpr_consent=&us_privacy=
1 B
298 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7265569487072127626&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 13:50:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7265569487072127626&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 18 Oct 2023 13:50:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 438A
0
103 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=148EC3A0-1308-44CB-8FA8-407D97186EFB&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1720 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://tribuneonlineng.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://tribuneonlineng.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Wed, 18 Oct 2023 13:50:44 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
localstore.js
script.4dex.io/ Frame 5773
4 KB
2 KB
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 13:50:44 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 02 Oct 2023 15:19:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1077890
ETag
W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7c5d3MVYKpcl14l%2BTM%2BE4Y9az1E%2BJuFqbxrxp72B%2F2usUzPx0BSvBJxgpjlF9bZm7CL2ZQOrFyN1IuFLqAQQfnBmeXOU8KwRm9TrYbv2a%2Bae8bdfjffYL3GH%2FfZneKDuyMK5B5kkR1tiBUni"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
81814084fc696552-LHR
cookie_sync
prebid-stag.setupad.net/ Frame 5773
35 B
571 B
XHR
General
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0d9b0c47e56700062e1e6cfcaa084f5bfd85a7901721f9c8ce651b60c59a6a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:44 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NachZ0iJDN7IWlO%2BjiK%2BPpPhWMjF%2FvtaxoLAXUBNlPaieNj0TK1gQEUWe%2BoOQuMptB1dOVlrgx%2F1U%2BYpv14PO8LPNlGfFb67qOmHcOL5Xb79cZy44Y9TNLm6D0EaxJHOk2xupgNEsN02"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81814084fd7876c9-LHR
content-length
35
expires
0
auction
prebid-stag.setupad.net/openrtb2/ Frame 5773
312 B
552 B
XHR
General
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac5ca278cc9c4206e5b003cd038afb2c4a570e739a27c7ab4f7129b58681b60

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.234.0-3-gde6ed827
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bmo3OeAttPq7ZWudtY95P7WA%2FQtTDZNstLJgw3hwRi11eGVI1M0vd0QHXddjoMC8iRu%2FslN5LeAvMIcE9XXCwHos6CsdY2Uvj3Z2hBB%2BsZ3qgoBueZEAKSV5qUaET8iV5oNDBCPLw7ow"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81814084fd7a76c9-LHR
expires
0
prebid
ib.adnxs-simple.com/ut/v3/ Frame 5773
48 B
615 B
XHR
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:44 GMT
an-x-request-uuid
ace4ccf7-4480-4d4f-b48b-bcf76e9ae1df
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.187.21.105; 5.187.21.105; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length
48
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 5773
0
341 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.64 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip64.ip-5-196-111.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:43 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://tribuneonlineng.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
translator
hbopenbid.pubmatic.com/ Frame 5773
0
115 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tribuneonlineng.com
date
Wed, 18 Oct 2023 13:50:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ Frame 5773
0
534 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 5773
0
216 B
XHR
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:43 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
arj
setupad-d.openx.net/w/1.0/ Frame 5773
73 B
207 B
XHR
General
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5c807ff7-85c0-434b-af3f-77e549e3724e&nocache=1697637043921&gdpr=1&x_gdpr_f=1&pubcid=487a957c-92f0-4331-9552-ab1db2290609&schain=1.0%2C1!setupad.com%2C1475%2C1%2C%2C%2C&aus=728x90%2C640x360%2C640x200%2C640x100%2C300x250%2C336x280%2C750x200%2C750x150%2C750x100%2C700x250%2C700x200%2C700x150%2C700x100%2C336x320%2C320x320%2C300x300%2C320x250%2C320x267&divids=div-custom-ad-1697637038627-0&aucs=&auid=557064807
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
793b2daf438e98eb08b02458b17a1ba048cd8c4428aaefd6df6fd17c0a549812

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:43 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://tribuneonlineng.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5773
267 B
793 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1905014&size_id=15&alt_size_ids=2%2C16%2C39%2C40%2C48%2C72%2C159%2C198%2C199&gdpr=1&rp_schain=1.0,1!setupad.com,1475,1,,,&rf=https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=5c807ff7-85c0-434b-af3f-77e549e3724e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4340285935089516
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ada9cad8c6ffb84b798894adde204dfdbece5dfbd691573241e5c0ad205d8c85

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
267
expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ Frame 5773
37 B
426 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=811511&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2227c7a8e5099dfdd%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F%22%2C%22page%22%3A%22https%3A%2F%2Ftribuneonlineng.com%2Fleaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2228cf67b16e14d4b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A640%2C%22h%22%3A360%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A640%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A640%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A150%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A700%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A700%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A700%2C%22h%22%3A150%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A700%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A320%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A320%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A267%2C%22ext%22%3A%7B%22siteID%22%3A%22811511%22%2C%22sid%22%3A%22tribuneonlineng.com_750x360_inside_article_desktop%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%221475%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e187da169fa874c7ea2f0d62d22f419075a159628b8a13eed96594695426315

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 13:50:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JWkEvNKwt2LcNBDmaDzzyZSgsye%2FLxbR%2BCl1U1GisMufZkN2X5eFhWBps0dtsZEfZtMUB67%2FkKG2M%2FPUoOQvaG5p4T8a%2FG%2F54qPBNMfxx87jVfrUckRcNdVB5D8URJRUZodQ3vB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81814084ab34dccb-LHR
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ Frame 5773
0
278 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tribuneonlineng.com
date
Wed, 18 Oct 2023 13:50:43 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5773
0
181 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tribuneonlineng.com
date
Wed, 18 Oct 2023 13:50:43 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
mp.4dex.io/ Frame 5773
60 B
487 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 18 Oct 2023 13:50:44 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: div-custom-ad-1697637038627-0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tribuneonlineng.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
818140850c6260e4-LHR
expires
0
cdb
bidder.criteo.com/ Frame 5773
0
198 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=50161214264
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tribuneonlineng.com
date
Wed, 18 Oct 2023 13:50:43 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
script.js
cadmus.script.ac/dahhc4ozyvjm6/ Frame 5773
132 KB
46 KB
Script
General
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66d2f0f4aee409d55aac5174b6d331b9d1f52a30c66af7bc08b63eb9ac04a685

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:50:44 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 10:57:14 GMT
server
cloudflare
age
0
etag
W/"e37652b4725e209a6d773039988abf48725a11c4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
81814085ad52418f-LHR
adagio.js
script.4dex.io/ Frame 5773
75 KB
24 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tribuneonlineng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 13:50:44 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1376877
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 02 Oct 2023 15:19:33 GMT
Server
cloudflare
ETag
W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXwr%2FkSyq2csOJk9ytSE5p%2Ba005uNjCq1wRejJLd07F%2B3MQFnwBnhEBWqYVE38fR9JIq47tk8ECvGa7YoXKjtXEMfstqrrewvl7AxQ%2BEXNURrhuesa2pBgi%2BGQ4s5wlw8iHb4JQfXuMQmoZ7"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
818140857d4d48b8-LHR
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 -, , ASN (),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://tribuneonlineng.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 18 Oct 2023 13:50:44 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ Frame 5773
0
104 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 -, , ASN (),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tribuneonlineng.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 18 Oct 2023 13:50:44 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

388 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 string| jnews_ajax_url object| jnews object| jnewsDataStorage object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer function| documentInitOneSignal function| OneSignal function| __tcfapi function| __uspapi function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| http string| url number| random_cent_ab_test number| tmzr_siteid number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| leadplaceScript object| iframe object| tagsObject string| website number| random object| pubstack object| headelement object| notifyme object| tmzr object| d object| pbs number| random_sw number| intervalCheckNb number| checkInterval2 number| checkInterval1 object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26328 number| checkInterval string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| GetMobileDesktop function| GetMobileDesktopId function| GetRichAudienceZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeTriplelift function| Getsize function| GetsizeRubicon function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText function| whatToLoad number| nugg_ab number| site_id string| pubstack_ab object| sublime string| sh object| _qevents boolean| moneycaching object| params number| nugg object| amzn_targetingParamsList object| adsAmzn26328 number| nugg_amazon function| Adcall_26328 object| googletag object| adsbygoogle object| aries object| jnews_module_758804_0_652fe2ae05285 object| jfla object| molongui_authorship_byline_params object| addComment function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| lazySizesConfig object| lazySizes function| verbose function| Waypoint object| html5 object| Modernizr object| jnewsoption number| start object| pxftGoStoryConfig function| pxftContinueFlow object| jnewsvideo object| _stq object| jnews_select_share function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp boolean| ai_ip string| ai_data_id string| ai_ajax_url number| ai_internal_tracking number| ai_external_tracking string| ai_external_tracking_category string| ai_external_tracking_action string| ai_external_tracking_label string| ai_external_tracking_username number| ai_track_pageviews number| ai_advanced_click_detection object| ai_viewport_widths object| ai_viewport_indexes string| ai_viewport_names_string number| ai_debug_tracking string| ai_adb_attribute function| ai_mouseoverHander function| ai_mouseoutHander function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| u function| y function| v function| F function| I function| G function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists function| ai_process_ip_addresses object| ai_viewport_names function| installIframeTracker object| ai_iframeTracker boolean| ai_tracking_finished boolean| ai_js_code function| st_go function| linktracker_init object| wpcom function| ai_install_standard_click_trackers function| ai_install_click_trackers function| ai_process_impressions function| onYouTubeIframeAPIReady number| progressTimer number| vidverto object| regeneratorRuntime object| ggeac object| google_tag_data object| google_js_reporting_queue object| _mgIntExchangeNews object| MarketGidInfC1305397 boolean| mg_loaded_803025_1305397 function| _mgWidgetLoad1305397 object| google_tag_manager number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga object| gaGlobal boolean| sas_usePostStandard object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA number| intervalCounterNumberGPP object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| intervalCounterNumberGPP2 number| sas_renderMode object| twemoji object| wp object| libJsLeadPlace function| mapperjs object| __core-js_shared__ number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| ADAGIO function| quantserve function| __qc object| ezt object| _qoptions function| __tcfapiui object| _0x4cc4 function| _0x30b6 function| _0x4a113e object| _ds05un3 number| _pa_v object| paGlobal function| callUnitMan object| pa_prebid_fw object| pa_pbjs_fw2.0 object| gaplugins object| gaData object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint803025 object| _mgPageView803025 object| _mgPvidList string| _mgPvid string| _mgCanonicalUri object| pbstck object| pbstckQ object| Pubstack object| _mgUserPages object| tmzrChunk object| bliinkBid object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 undefined| Adcall_26325 undefined| Adcall_80234 undefined| Adcall_video object| pubstack_publica number| bidder_geo object| refCatKv function| google_sa_impl undefined| __gpp object| pa_pbjs_fw object| npt object| CookieObj function| pixFutureAdvertisementEnvironment number| cmpVersion object| onClickExcludes function| mgReject1305397 function| mgLoadAds1305397_170da function| _mgConsentWait1305397_170da function| MarketGidCReject1305397 function| MarketGidLoadGoods1305397_170da function| mgReject1518158 function| mgLoadAds1518158_170da function| _mgConsentWait1518158_170da function| MarketGidCReject1518158 function| MarketGidLoadGoods1518158_170da object| _mgSessionPages string| _mgSessionId number| _mgSessionPagesNumber object| _mgSessionsTimeList object| _google_rum_ns_ number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| _cwpixChunk object| _cwpix object| mnet string| _mgUniqueHash1305397_170da boolean| i.js.loaded boolean| i-noref.js.loaded object| PWT object| pbjs object| owpbjsChunk object| owpbjs boolean| _mgPubmaticExists object| hadron boolean| __halo_loaded__ object| au number| ai_delay_tracking object| ai_check_data object| ai_cookie object| _ADAGIO function| arrive function| unbindArrive function| leave function| unbindLeave

101 Cookies

Domain/Path Name / Value
.tribuneonlineng.com/ Name: __cf_bm
Value: JupdfgFszoqo_k_VZGoyux62issFzvZvtP_PMsTQdBg-1697637038-0-AZpH+BfzjrrpFezJe8v3regiR+OM764U+JvuDJgY3Wh5IUA5Vj4NU8pUT1QSTj71hafXkuMYgJrvh6HF2rzmHFs=
.mgid.com/ Name: __cf_bm
Value: GMgM.Bgla5EfgSHfptO7mZizlmTZVTCg3foGAgLUzns-1697637038-0-ATbUYdzAZGvdB6xNKnl556/cTg/tVxjDctZg9NnVotQoVdblMsyFiGZe+iIP6teyPsbYyzvfi7rGIpdaG2Vrt9A=
.onesignal.com/ Name: __cf_bm
Value: HEmN9xrq5SpSDBZYj_cPdJVOcnpq2uNb51wESxjoUZE-1697637038-0-AZUM06+ZQPauz8DSCC2h8gLmReUpHROv+DpURj6m1Tfmei+8/dQDX7bdY4B3EMhon6MAV83OMurxlgpTEGDheYk=
tribuneonlineng.com/ Name: stpdOrigin
Value: {"origin":"direct"}
.zeotap.com/ Name: zc
Value: e6013824-dc8b-4125-4efd-92bb4888f0b2
.zeotap.com/ Name: zsc
Value: p%F8%DC%B9%B9%E5%91i%BEv%EA%ED%0A%FC%60%3E%D5%28%5C%E1%3E%F4%F9%C7H%23%7C%DAl%ED%C4%9A%95%DA%BB%DC%83%A8%C8%3B%F1y9q%91%A8kua4%23%B3%5Dz%F4g%AE%224%B4%17%08%A7%3AS%BA%BF%23z%BA%A1O%00%40%8E%7F%84%1F%CFDl%B4%7D
.tribuneonlineng.com/ Name: _gid
Value: GA1.2.1266924059.1697637039
.tribuneonlineng.com/ Name: _gat_gtag_UA_33246503_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkoOAJsB-xnAHfqDVZVuh7joDUpTxxP6bLBbg_VxfhwCAD_NTxD2zv55apMvoI
.tribuneonlineng.com/ Name: _ga
Value: GA1.1.253364812.1697637039
adtrack.adleadevent.com/ Name: AWSELBCORS
Value: 9FC54D150466C174912E5199B1F8E822A79961F459747D218DA8067809F8238A086EE8BF67D63A2A90D1DB19587375008B81DF393E974B37DE71BA6F26DE79F63E8F5DED51
.agkn.com/ Name: ab
Value: 0001%3A9q6dBeuB7v9ynoGb4QNdyBvOGUl3TASt
tribuneonlineng.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1305397%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221697637039901%22%7D%7D
tribuneonlineng.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 8196837b51f848b3aef443c00319d52d
.tribuneonlineng.com/ Name: _cc_id
Value: 8196837b51f848b3aef443c00319d52d
.tribuneonlineng.com/ Name: panoramaId_expiry
Value: 1698241840176
.tribuneonlineng.com/ Name: panoramaId
Value: 34d9aa7f0b3a409d1af0dc202e48e32246b07d9bb26fd734ef0f8280d1f498b5
.tribuneonlineng.com/ Name: panoramaIdType
Value: panoIndiv
.amazon-adsystem.com/ Name: ad-id
Value: A7ejhcjDoUvKnStBgWTYtRs
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.csync.loopme.me/ Name: viewer_token
Value: 6008a5bd-a699-45ac-abcc-7994dcf3b75c
.gumgum.com/ Name: vst
Value: e_9bc1789f-8f6c-44b5-a3a6-9ca9c4f84b2b
.3lift.com/ Name: tluid
Value: 3962086127277227103266
.bidswitch.net/ Name: tuuid
Value: c54be2b9-40c9-4434-abd4-909b9f5bd618
.bidswitch.net/ Name: c
Value: 1697637040
.bidswitch.net/ Name: tuuid_lu
Value: 1697637040
.bidr.io/ Name: bito
Value: AADhg07KX8UAABisnIkiMA
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 148EC3A0-1308-44CB-8FA8-407D97186EFB
.casalemedia.com/ Name: CMID
Value: ZS-isJO-pZVJBnzGmtmEYAAA
.casalemedia.com/ Name: CMPS
Value: 1061
.casalemedia.com/ Name: CMPRO
Value: 1061
.adnxs.com/ Name: uuid2
Value: 8807342979975854936
.turn.com/ Name: uid
Value: 7265569487072127626
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 11ea7f144c8dfcd3
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-85d63b52-dbb3-44b1-b388-d84c7c4dbc52-003%22%7D
.adform.net/ Name: C
Value: 1
.creativecdn.com/ Name: u
Value: eMia2WblL48GIZoEfPdd
.creativecdn.com/ Name: ts
Value: 1697637040
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZS-isAAAWmpqhAA5
.weborama.fr/ Name: AFFICHE_W
Value: yDYTGtzX98XI81
.simpli.fi/ Name: suid
Value: 194FFAB326BF403D95B11B3D98B91CEC
.adform.net/ Name: uid
Value: 7023358037088889874
.zemanta.com/ Name: zuid
Value: ZO5tUoutOsDgfTqczmuQ
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEEl-YjZSmfsKcJxXev-iKqM&KRTB&23025-CAESEEl-YjZSmfsKcJxXev-iKqM&KRTB&23386-CAESEEl-YjZSmfsKcJxXev-iKqM
.audrte.com/ Name: arcki2
Value: b67r29LkSN-R1imu6O8vWYlZw!20220908!1697637040961!ip#5.187.21.105
.audrte.com/ Name: arcki2_pubmatic
Value: 148EC3A0-1308-44CB-8FA8-407D97186EFB!20220908!1697637040961
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5873520761298104872&KRTB&23263-5873520761298104872&KRTB&23481-5873520761298104872
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-85d63b52-dbb3-44b1-b388-d84c7c4dbc52-003%22%7D
.audrte.com/ Name: arcki2_ddp2
Value: b67r29LkSN-R1imu6O8vWYlZw!20220908!1697637041046
.audrte.com/ Name: arcki2_adform
Value: 7023358037088889874!20220908!1697637041140
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1461cd0e-8d79-5b22-741e-394fb682a8bc.X2SM931R2myrau0tEBWJyofScOv1YEZ3SdHl2zoReoo
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1461cd0e-8d79-5b22-741e-394fb682a8bc.X2SM931R2myrau0tEBWJyofScOv1YEZ3SdHl2zoReoo
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFGHNDo15WyJ0HjlPtoKovAW7FWk.A8ue0zw14ovOJsp3Ji%2BAvvjkJFHK8PSzpO3CoGZAz2g
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFGHNDo15WyJ0HjlPtoKovAW7FWk.A8ue0zw14ovOJsp3Ji%2BAvvjkJFHK8PSzpO3CoGZAz2g
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGEBXK4QipDwfyUmxUwkP9RL9mINvBWHwjU1Hcd8xfGXEHwYBCCxxb-pBjABOgTwLrJgQgTDPHNB.pV1usrIKpPKy4rmhTOXQvlry4ZhPtiLDNnQqDAjNzSA
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGEBXK4QipDwfyUmxUwkP9RL9mINvBWHwjU1Hcd8xfGXEHwYBCCxxb-pBjABOgTwLrJgQgTDPHNB.pV1usrIKpPKy4rmhTOXQvlry4ZhPtiLDNnQqDAjNzSA
.ipredictive.com/ Name: cu
Value: 190fb1c3-dc6e-47b8-b240-afafbdfa72f3|1697637041112
.demdex.net/ Name: demdex
Value: 37888359949897109861854302676456899201
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_dae5f583-e48a-4745-88fe-dd60be7e9181
.dpm.demdex.net/ Name: dpm
Value: 37888359949897109861854302676456899201
.deepintent.com/ Name: CDIUSER
Value: di_c454e04d1b794a00bd434
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220231018%22%7D
.openx.net/ Name: i
Value: e12847e1-1d1e-40ca-a1b8-f34d56602c85|1697637041
.pubmatic.com/ Name: SPugT
Value: 1697637042
.tribuneonlineng.com/ Name: _ga_8SFJTPHHCP
Value: GS1.1.1697637038.1.0.1697637043.55.0.0
.tribuneonlineng.com/ Name: _ga_6MC096FRP9
Value: GS1.1.1697637039.1.0.1697637043.0.0.0
.pubmatic.com/ Name: DPSync3
Value: 1698796800%3A197_235_201_245_241_227_226_219
.ads.pubmatic.com/ Name: KCCH
Value: YES
.quantserve.com/ Name: d
Value: EPEBCwGbKvijAA
.quantserve.com/ Name: mc
Value: 652fe2b3-cd84a-ca291-3bfab
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: SyncRTB3
Value: 1698883200%3A35%7C1698796800%3A251_8_21_3_196_22_56_55_234_13_54_71_220_233_166_264%7C1698192000%3A2_15_223%7C1700179200%3A203%7C1698451200%3A63
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8807342979975854936&KRTB&23339-8807342979975854936
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-YH9mfjN4Nit7KTAgYit5ezd4bSl7eTZ-NyivFRzL&KRTB&19420-YH9mfjN4Nit7KTAgYit5ezd4bSl7eTZ-NyivFRzL&KRTB&22979-YH9mfjN4Nit7KTAgYit5ezd4bSl7eTZ-NyivFRzL&KRTB&23403-YH9mfjN4Nit7KTAgYit5ezd4bSl7eTZ-NyivFRzL
.onaudience.com/ Name: cookie
Value: 00323d89c301373b
.onaudience.com/ Name: done_redirects161
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7291295580186998923
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7265569487072127626&KRTB&23150-7265569487072127626&KRTB&23527-7265569487072127626
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7291295580186998923&KRTB&23369-7291295580186998923
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-FGHNDo15WyJ0HjlPtoKovAW7FWk&KRTB&23334-FGHNDo15WyJ0HjlPtoKovAW7FWk&KRTB&23417-FGHNDo15WyJ0HjlPtoKovAW7FWk&KRTB&23426-FGHNDo15WyJ0HjlPtoKovAW7FWk
.adx.opera.com/ Name: UID
Value: OPU874e9e9b6b7c47ef990079a23d13e11d
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU874e9e9b6b7c47ef990079a23d13e11d&KRTB&23485-OPU874e9e9b6b7c47ef990079a23d13e11d&KRTB&23524-OPU874e9e9b6b7c47ef990079a23d13e11d
.prebid.a-mo.net/ Name: __amc
Value: 1_1697637044_1697637044
.bumlam.com/ Name: suuid3
Value: IiQ1NTMyNTc2YS02ZGJkLTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
.exelator.com/ Name: EE
Value: "d4654c2a9ba2b4e7022e31e014fd7f1a"
.script.ac/ Name: __cf_bm
Value: SiQ9Gk.y_ShouufJ9nvREi21Eq48PAKEL57__diNXj0-1697637044-0-ARX7R9bKgDany9ZIAbZ+jwQSoIk6/ycBLmMwMv5K6/2JBW2I6p6SsDKMngyKQIBluWz8epZta90MQmzFwrd83bc=
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHFxMzUJNko0TIp0SjJJNXcwMgo1dgw1cDQJC3FPM0wcXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQYkl%252BUWb6InenxUUpaQyLSopPBR9d2A4AqrsqoQ%253D%253D"
.rubiconproject.com/ Name: khaos
Value: LNVT9IKD-28-G17O
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpwkxs4Gg8zo6JvvWgC/Qcxgndhc+y7+ZAsIXB9INQ/Rt32/JJp636gYpaoIhvIOoOiTV94/2wi2PPzJ6cr+j5/07n88GpG9I1HDrG6etDLgSKPLRELhl3x0A+VO7RH1E0=
.onaudience.com/ Name: done_redirects147
Value: 1
.smartadserver.com/ Name: pid
Value: 6296753743886515757
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AADhg07KX8UAABisnIkiMA
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-c54be2b9-40c9-4434-abd4-909b9f5bd618
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADhg07KX8UAABisnIkiMA
.pubmatic.com/ Name: PugT
Value: 1697637044

3 Console Messages

Source Level URL
Text
deprecation warning URL: https://c0.wp.com/c/6.3.1/wp-includes/js/jquery/jquery.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://tribuneonlineng.com/leaked-s3x-video-why-i-agreed-to-film-intimate-moment-with-ex-partner-moyo-lawal/
Message:
The keyword 'push-button' specified to an 'appearance' property is not standardized. It will be removed in the future.
network error URL: https://prebid-stag.setupad.net/cookie_sync
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ad.vidverto.io
ads.pubmatic.com
ads.themoneytizer.com
adtrack.adleadevent.com
adx.adform.net
ajax.googleapis.com
amazon-tam-match.dotomi.com
applets.ebxcdn.com
audit-tcfv2.cmp.quantcast.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
boot.pbstck.com
c.amazon-adsystem.com
c.mgid.com
c.tmyzer.com
c0.wp.com
c1.adform.net
cadmus.script.ac
cdn.hadronid.net
cdn.id5-sync.com
cdn.mgid.com
cdn.onesignal.com
cdn.pbstck.com
cdn.pixfuture.com
ced.sascdn.com
cl.imghosts.com
cm.g.doubleclick.net
cm.mgid.com
cmp.quantcast.com
cms.quantserve.com
config.aps.amazon-adsystem.com
cr.frontend.weborama.fr
creativecdn.com
csync.loopme.me
d2zur9cc2gf1tx.cloudfront.net
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.brainlyads.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
i0.wp.com
ib.adnxs-simple.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.onesignal.com
jsc.mgid.com
loada.exelator.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mp.4dex.io
mwzeom.zeotap.com
onesignal.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.wp.com
pixel.zprk.io
powerad.ai
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
region1.analytics.google.com
region1.google-analytics.com
reporting.powerad.ai
rtb-csync.smartadserver.com
rtb.gumgum.com
rules.quantcount.com
s-img.mgid.com
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
served-by.pixfuture.com
servicer.mgid.com
setupad-d.openx.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
stats.g.doubleclick.net
stats.wp.com
stpd.cloud
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tag.leadplace.fr
tags.crwdcntrl.net
test.cmp.quantcast.com
tg.socdm.com
token.rubiconproject.com
tribuneonlineng.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
uipus.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
web.hb.ad.cpe.dotomi.com
widget.us.criteo.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.18.26.193
104.26.9.178
124.146.153.167
141.94.171.215
145.239.192.166
145.40.97.66
151.101.66.49
161.35.253.218
162.159.136.54
162.19.138.119
172.217.18.2
178.250.1.9
18.198.69.109
185.184.8.90
185.64.189.112
185.64.191.210
185.86.138.150
185.86.138.151
185.89.210.101
185.89.211.116
192.0.76.3
192.0.77.2
192.0.77.37
198.47.127.19
198.47.127.20
2.16.238.155
2.19.105.180
2001:4860:4802:32::178
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
208.93.169.131
209.54.182.161
212.8.250.228
23.20.158.212
23.57.19.78
23.60.204.187
2600:9000:211e:e000:9:46dc:4700:93a1
2600:9000:223c:3e00:6:44e3:f8c0:93a1
2600:9000:225e:6800:3:a4cd:8380:93a1
2602:803:c003:200::51
2606:4700:10::6816:15d
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:10::6816:5d
2606:4700:10::ac43:db6
2606:4700:1::6813:844c
2606:4700:20::681a:644
2606:4700:20::ac43:4bf1
2606:4700:4400::ac40:9281
2606:4700::6810:3965
2606:4700::6812:1791
2606:4700::6812:1f31
2606:4700::6812:272
2606:4700::6812:d63b
2606:4700:e2::ac40:8d0d
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:800::2002
2a00:1450:4001:801::200a
2a00:1450:4001:803::2002
2a00:1450:4001:808::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c0a::9c
2a02:2638:3::7
2a02:2638:3::c
2a02:6ea0:c700::10
2a02:fa8:8806:20::2100
2a02:fa8:8806:21::1720
2a05:d018:d29:3602:d271:299f:5c6e:4925
3.126.125.13
3.126.233.203
3.216.243.137
3.33.220.150
3.64.168.81
3.75.62.37
31.172.81.160
34.111.129.221
34.111.131.239
34.91.62.186
34.95.69.49
34.98.64.218
35.210.239.72
35.214.232.33
37.157.3.20
37.157.6.233
44.195.196.139
46.228.174.117
5.196.111.64
50.57.31.206
51.89.9.251
52.210.15.1
52.211.152.111
52.211.174.80
52.213.152.153
52.222.208.154
52.222.253.136
52.71.211.164
52.72.239.170
54.194.110.112
54.234.151.247
54.246.145.100
54.38.64.100
54.72.115.16
54.77.169.39
64.202.112.159
64.202.112.223
65.9.66.122
65.9.7.141
67.220.228.200
69.173.144.165
74.119.119.150
76.223.111.18
77.243.51.121
8.18.47.7
82.145.213.8
85.114.159.118
88.221.169.246
98.98.134.243
99.80.145.6
99.81.194.117
99.86.4.30
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0514580c53e8c81ce58ff2a3f86d65f5c8b671896f9c4f0489973670c1912f94
056c8acee66105032f878177b7d8925e6abffd1fab079c0b8c69322d86413214
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e2bb08faeeea0cc98981210e9dfb040a8c17c2f046e1af76ab8a788bfa3d93
08619e4b70a60c2bc72539bc952eb1956c4006fb48049679a7255804660b8f3e
087b977a0df14e2f5a753486a9febfee3fe516df6177214357cede00663e8d53
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1067fd8473f88955d6b702043be6c77ea08617238b6c0b4d262303e77af8985c
1285fa0d3efa9b784623a0ee0575627ae18e2dba5545321767925eb3445b3d15
1401a2aaeb82e735d02dbcd6ca44193e9a26b461ecbc40b6c2399d2eb794c5e3
1516157c149cb4a8861f89bdf815d6ecb3008347eda0bb173361d70191d1560b
15210dfa3b3694e62f2c7d66cc729a9da61823043fa3ce28378c82b71c53abbf
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
164b6bbc25089dc3b7ef9d43e135b9386f1082cc40ca5195675360c39fdb4acb
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b15b4c5b04a6eb4f7809b76aa670c86dbcb633b91ead770fd64816d458fa481
1c483c83318c93d883f638129fe28dbd41f8b7d6881d94b0d99c93f5d87bb934
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1cecf6aff3799676afbba5d917af1ed2ba13d4cb15431ba6ac1a32a27cb7aa58
1df2e870b373f1bf5c660a65e0afc2c47226992fdec0b26db18aff14e9d3299b
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fd8238974376aeaf6d9277dd2e87425bf5548d2ac0327426f0258f033f4e26f
1feaf7aa318841a8158633ea1174980d282ee76d48844e2da331f3fd13cf1da8
209807b4a945eb3978b50de85596e82a78af6ec6cf2d8757abadf90ef182a687
2189aca2d3e88903e64576a57c5661658663f900ed089163c8ad1dd98b99d5bf
22070dbe31050881413cdd3f1df038c7e7b24fc04f50a61a3d5467331d6c94af
2536f2ffb8feb7700574a2fdb532fb3f4b44cd96cf50d7cafc2bdcd51122f6f2
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
270408a8aaa2bb3d3c892c519e0465a39b3386faa3bec22d77edbcabe919c762
270a3b45760fc517bf0587933ee4fd7293ef5a1dbf77fdb3fd70b28a1c8e7f5b
275bace21e01961de13dd85b2454bf719249ee3b33559f7b468c92e3cf01a93a
2777728b6a843d0c9f4cf48ee4ae0d6578ee7c565c15c32c29e48640893d52ee
28d894b4664f51376d31de576644dad93b7c928551e66efc58bdba0ad51f3a9d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b6af8244c26a58a079c9f4ba8f39e89e51a609d0eaedf04af52959ca6656e29
2c1d5421ea8222f212e4dce0deaa52832854b3065fb3e5ac649954610e81db0a
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e187da169fa874c7ea2f0d62d22f419075a159628b8a13eed96594695426315
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f8853a1e59a595b8f20aeaa96e486803cbd5748f6c02a06901127e7dd29ab37
33a2301b92c917b13f1c246e2d3cc77af9da5e050b183aa69338b3ec218d18fd
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3857d64c3c3a56eaa34880c5fba143ad30e5a65fb10afe7b83e7b665a98c899c
39c03d779cc83e8b56c74e3aa57625e7a26996c45086174be034ad25f6bff078
39f186b6eb6cae76659183907db8437fda9f3cd362e98dfe0c64596217a7c492
3aadbcda8995e46511be69530fbbcc1ac78d830d3dd55dafb03670dcfaa45a3b
3ae5ca5f83697df545671effeaf1567404e779d58c06979af9e9099e115e9974
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3cd883defae255d80892ba738a59b663d0836fa0850513832f033ddbbed9c8c7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f13a8a652585934679b92ef7b5bceaeda7672269c9e8d6155e00d803dc359d2
3f368bad709ba2631e19261f4aceed4b15c9ec0c0bf17fe6346db2bbb2249e4e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
413a420c0b7f9130b7f0e93ea830e8ae7e1c5bc80ae0691e37e03e130522cf0f
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44d05a36c4fecbb76a902b5b76f9ed3712bb30b0248cbe27c5a4930fab14ae2a
44d5ee568ddf565939179a4295008a26606cc96c7cbec097f48a55d2dd59d796
44fda2ae98e3f1e0e24e75a854b38b700cf1d76f3a1412790db2d22160801fc3
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
46af09a4b95a6d4752b77f2644420d30923309dde813616ddd982ad2791fb570
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b782cac9a76a4137f6a94ed25c97d1df386ad8866192f86c2bc1136c10627d5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eaa9a43c63295f2060dc352c8bd1c608ab952260b2446d18c306cc240d03b86
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55d95c3d5ae0d82be172167529f472e51b86ef0b3020c1c4c60a898314e5e054
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5957c4e11afc3c18b780c5c771dd2097da53c7ee0bb306d2a00f65f892805d8a
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d
5b1c83a6b5079dd406543b42c4912ab20ea029d50fddb31d32d9cc679a8ce06c
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5cca0ef808e8d5ee5dda189b9353b6019ffc6c54cde0c871130090b8061adea6
5ef83a93ed4b5c944831c0e80d525bbb042d938c573886aa3bf90cbad47afc4e
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b
600d2982c523190fd1fcb960f0f1f08e25a2975949a1c44ab951fd20936ec0a3
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
62f88e9858621eba7bd5c2c552bae32c1fd5f05c3de9e9ed89c8e9ea148ad0f0
6400dc8b0e288909fa6cc5abdb32a8c2f1a8f8efeb93369ab9bf9378f5f50bd7
6559d2c7967ad6208672b0575f56d8036aaccb8095eb72e0901ed34b72de634d
665df8faf93cfeb4317132716a98d57aae38894992502c3db080be341c603785
66bea835121c445a495d6af4d60da1abeaad71655747919091b3e28ebb2605a3
66d2f0f4aee409d55aac5174b6d331b9d1f52a30c66af7bc08b63eb9ac04a685
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
679e1de8c8422d99e5d79e1ca78bc0e26eb2198ab663d9199593606298a8a079
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
6a01813651c579780ec351da47e8c3dcae72a6b9d498d6238add858c73afd409
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae09a5576b810460bf954ff176cc8a3d58844d7b07ebcebbb41df6249ce4ab2
6b1d472fc194f2e3128c71bcb88c0a17eb7fb6e52cee7ffd9690f1feeace1840
6b3ff06dc5ee115ce8e235ac79d5349839e9bedaf7e6eb4f6f4d67a16e08bcee
6b45d49a5d298624228fe85e340515226e82ae5abd1f158e53b0874a1b2e6c41
6cc12e0022d6b58c22cea0214317fc78655fbe2a274e1179afeffdd59986e362
6dbedada2a4d7c019d0553171ece2c270a3cb7b5beea450bce5e26009d11d797
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
6ffa5bdd954bd97dbb682d87e79e9bf03a0a0f943b1dec274684714cc3b4b400
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7163f5572d22f8b046b23941ea1996345706b2417c4e42f4b76debc3ba7ea8ed
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
762a6921a033f9c9921fa1d1ef75351b4e82685fd77e6eafd97134a8cd4436c0
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
78e7f57e364b29566a69aee7e5eec546de5ed2a18da12b4d5d18f6a1e0a4b48d
793b2daf438e98eb08b02458b17a1ba048cd8c4428aaefd6df6fd17c0a549812
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7af7adebf7aa976a359422998a621b90b8a46a16f5373c05064c6184887a2872
7b624581629a6a0146f7176860d739ddfadfa20c5e0f84ad85801ee51c63ecb5
809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
812dd62c974124cfee5b571776cc1c847f0cd0ed363e0cbdfc023e40e5f192ef
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82e7b90af6b29c128d545993e102e879715d7ee09d43e216449f86e49d8a5b3a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839f7cd4fa941606da0bfe5208dc649bfae9aa082e3305098bc4ce512c19a987
83fc5047fb0d3941449d2feeceb5e82ad981f296f33b34e7b5c627c01b73064f
85457ae0d3805b45c930918c1bdce216a0552377fc29e3eaeb3650455a0b8e99
8779150e41758c8077ed4876f73aa8aa9e3a0bc46c9c7eda1b0ae2bc8dc6841d
87850fbbb20298abfae7a827f446d996b890b7bb3a1a08685f82161a957f2b80
89a9b728cbc4ea20ef9c0934035ba3300049c50682dcc0e58452c40749b6d853
8ab781bf27583bdff4e614a22c4cfad9b122df26146560761b886f15a87038e4
8b39dd32c7e21de3d73a4abcbbbff83246972bd1dec70c5845a348e9d50352ad
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94f9dc3fe1126d55053b1638ed35e036916f5e407a2651e0222adf5f6ee8b75d
95e82669cfbd4c014668b7b29195a78e82e994a812d99fa7eef89d38e2ae7f6b
96644c250619a3947bc06342fbe5e310cd16f2069b779409a160da84d6879914
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a349142858b1b1de98addf15f76366b1aa85b1c7074215dd2a68ee0604c8dac
9ab6fe2bf97ae3218625c1b808abaad9f40936b9780a22428d8daf42144cdd09
9b10daa29af1578c74f000c6bd02d37a4b4f9e6fb2b40161481a438bed53d978
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2
9df6c4c7c9ded0611ccf30c49f5a271fe7ab2405cdecbfbf38413a1430d5f75e
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3e96d03c89525936e9ee781d0cb7168035518e899c260cd27e426fc0e45b255
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abbcd73db004e56766842ef27dd73a1f8d8bc75bd3e22ac886837a6ba2788a5e
ac01587e10df3d38abebfe189188e4d6c18cf2fbc584f2dd81cb6cdea511cca9
ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4
ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2
acb4ff754b6afb2d69d752b114f863d6399ca18fc255bba7a4863629170df2ba
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad27d1ce5be06fb5eed9122a9201f1284ea0efb39f9063b03c75cdf8cfb48dfd
ada9cad8c6ffb84b798894adde204dfdbece5dfbd691573241e5c0ad205d8c85
ae63276d13de5376dd9d5d0dd2d330cb131ace6ab96008ddcad724acff553cea
af1c8d56406938096d49c1cefa52b3141494941f3fe98079bd8497114aebe05e
af86ad9a418e18f3cc4e4fe922cd9916b667d1b9c21f110c4c9c37c1b01d52d3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b4b2e0b61f898a3ec52a9bdb99e686dd89c4d966aff2d4df2c1ee4d3d0b8e3db
b5664101ad7c79e42e9c3454042eefe491f007e48fd91793b282a019563b17a5
b65d2c1a672e09b25465516783f6dd686d13a58aa13c5078ea3d2ded8637a08e
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b82b0548064cbc1a5914521939d3bbe37e7e05f3cf7dd92bbf4ca41fadb8507d
ba215ba8311f7063ebcdc4d1c4591837e30efd2cd6b353d06e323cde052695e9
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c263ae1e34ee8d42728d709b104ef661467582751c239dc44366f70fad163ea1
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c6d609b78bc9978723d16f1325bd16c8c51a392a834fbc40473fa5fb11dde963
c827d398c2331de5b6160a7e29fcd2596643cadd239dd2f2cdcc79f40c4be408
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb8256c8d497b551ea5aeb94efd0e7fe90ae9437bc3a42b3f7b568c6546a7e77
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d42c6d2547a751bec562c530be04ef4c914196f029d73334263dcc1f95f3c1a6
d6c5c42ba9ce5fa8599bec02406a22093c46d2d2fafe12e0d217290393040273
d7bc0f0de90e4e883e5f1670f95311c4c0d09c33eecfaaa60a99ba5c471d9d23
d816458b15e8caa008d5a4d7e5936cd054342983cc03230cb2419f8fe386da78
d87dd540ed8b01e6bfe2d1f93cb8a82dc0840444b6c95d7b9c25834cac87456a
d94741d73e4500db83b9e05383f2ac96c80e5c6741314a7adb72312c3f405cf9
d96f84ad4dbb965b45f5095c9291dfe728ea85b1305ce229f722ba6b3362d935
d9a43412311a6ea06c8b670be224dd3774ef65ffc8cd0daa98d5da44632caca8
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dcda49194b1d46917617552b08d65be9bc2770a3d0e9300d72dc8955a5e573bf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df90a40819ef897eb30c32bb12d65469d0c0ba77bf96fe472c697c2dd252cc14
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e318e8e4e76b59e04865574b0297d58fcf311b392f02eaf3c9ca3de9c7e7e735
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e284f113e4bcac5dff1505966a91a128687b12fae8d9c14e83d334a1f4afe6
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882
e6246ca8c59b633df50bca8316fb49791e9e5e649d4c1cbc713fa0a966809e6d
ec1ef72f3a308528aaa93e15bfe931a457ac7babcd443fadd9ad266d6fab9d94
ec9d8c907138c1545c1e92a42a86e0fc451ecedf5259d0562ec2192429092451
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
eda1eb96ea5e8e373d685074e1d65630c4fd4169ac0f9bbce41b2242d9095936
eea82e21af4a0070d6899aacf4c12574b98d7b49034fc80fdcc9d1dd76dfef4d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1ca3361799fca8fc79ff0e30ea846dc2da773abb8d6a32900db8c4c0139638
f12368eb04a7d6a8992140a1276fef6ab939cd15cfce3bd66c401299f4ee067f
f28fdae33f8ef4ea1c515edc121c58a5d8117f6b69b7069b2029578313fcfb8d
f2d56b12a7ed1d26a956582936096c3f52240e61efac0c590e082834718c57d9
f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4292b1388c918be4bc2ead83c44eb74a37b62141566fdf097bc032e2e7233be
f4b4a13fbf1e89d2117eda447667893a4ac2636ce3cba3903da7a0565e6933e2
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
f64dfe94cb486d43f0721a2556c3ecc7e5fba81c62f4522f43c969f186ca15ca
f6eef34a0c9e985e995c924486d23ac237ae9e428763dd934b07ad65626526c3
f7a0fcb6dc2faf553d3093b228519114b09d538dde82fcea861a90635aae4363
f9347d0cb957d8ede80a0ecba588550f864aaf468a0bd776be2621385ac331b5
fac5ca278cc9c4206e5b003cd038afb2c4a570e739a27c7ab4f7129b58681b60
fc36e8571049f10aa682debe3ffc61bcb792d8a7d6def4dccbcb79547cb2d9dc
fdaf94a9c46792fb7332a4e4bdab78940a582b7e6fee7d29c8c0b7a3a3e07380
fe0d9b0c47e56700062e1e6cfcaa084f5bfd85a7901721f9c8ce651b60c59a6a
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ffbc586e48acd966a592f44ac7533f0e86f4c3a7f814e255d002956080024b2e