urlscan.io logo urlscan.io
SecurityTrails logo

www.npr.org Open in urlscan Pro
2600:141b:f000:487::1155  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you...
Submission: On May 12 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 106 IPs in 9 countries across 99 domains to perform 356 HTTP transactions. The main IP is 2600:141b:f000:487::1155, located in Edison, United States and belongs to AKAMAI-ASN1, NL. The main domain is www.npr.org. The Cisco Umbrella rank of the primary domain is 13056.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 29th 2022. Valid for: a year.
This is the only time www.npr.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 2600:141b:f00... 20940 (AKAMAI-ASN1)
11 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
15 2600:141b:13:... 20940 (AKAMAI-ASN1)
5 151.101.128.176 54113 (FASTLY)
2 2606:4700:440... 13335 (CLOUDFLAR...)
4 18.238.8.230 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
19 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2600:141b:f00... 20940 (AKAMAI-ASN1)
1 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 23.192.24.31 16625 (AKAMAI-AS)
3 54.187.159.182 16509 (AMAZON-02)
1 34.208.115.43 16509 (AMAZON-02)
1 18.238.12.225 16509 (AMAZON-02)
6 184.29.128.213 16625 (AKAMAI-AS)
3 2001:4860:480... 15169 (GOOGLE)
1 216.35.221.71 3561 (CENTURYLI...)
3 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
4 2600:9000:25c... 16509 (AMAZON-02)
1 2 3.134.172.54 16509 (AMAZON-02)
1 3.230.49.253 14618 (AMAZON-AES)
1 2600:9000:25c... 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 104.18.25.185 13335 (CLOUDFLAR...)
1 104.36.115.111 62713 (AS-PUBMATIC)
2 7 68.67.160.186 29990 (ASN-APPNEX)
2 13 52.46.155.104 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2600:1400:d:5... 20940 (AKAMAI-ASN1)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:9000:25c... 16509 (AMAZON-02)
1 35.244.142.80 15169 (GOOGLE)
2 4 18.238.4.53 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 35.241.9.51 15169 (GOOGLE)
1 104.19.149.54 13335 (CLOUDFLAR...)
7 34.107.254.252 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 104.18.11.47 13335 (CLOUDFLAR...)
2 151.101.193.108 54113 (FASTLY)
2 18.238.12.115 16509 (AMAZON-02)
2 13.224.207.247 16509 (AMAZON-02)
4 104.77.150.190 20940 (AKAMAI-ASN1)
1 44.209.137.140 14618 (AMAZON-AES)
1 1 35.214.153.92 15169 (GOOGLE)
2 2 34.171.234.26 396982 (GOOGLE-CL...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3.229.81.233 14618 (AMAZON-AES)
4 18 192.40.39.223 27381 (CASALE-MEDIA)
1 4 8.28.7.81 62713 (AS-PUBMATIC)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 5 35.190.43.134 15169 (GOOGLE)
14 16 52.223.40.198 16509 (AMAZON-02)
3 145.40.89.32 54825 (PACKET)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 3 68.67.179.166 29990 (ASN-APPNEX)
1 21 35.172.99.217 14618 (AMAZON-AES)
5 5 35.211.178.172 15169 (GOOGLE)
2 2 54.146.9.250 14618 (AMAZON-AES)
1 1 3.81.178.203 14618 (AMAZON-AES)
2 2 64.74.236.31 22075 (AS-OUTBRAIN)
1 1 23.192.32.8 16625 (AKAMAI-AS)
2 2 198.148.27.140 19189 (PULSEPOINT)
3 3 70.42.32.31 22075 (AS-OUTBRAIN)
1 82.145.213.8 39832 (NO-OPERA)
2 3 34.98.64.218 396982 (GOOGLE-CL...)
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
2 2 54.225.103.173 14618 (AMAZON-AES)
2 2 2603:c020:400... 31898 (ORACLE-BM...)
2 3 38.91.45.7 398989 (DEEPINTENT)
2 2 54.224.41.210 14618 (AMAZON-AES)
1 1 199.187.193.182 47043 (SMARTADSE...)
3 4 151.101.130.49 54113 (FASTLY)
1 1 199.38.167.131 54312 (ROCKETFUEL)
8 8.28.7.83 62713 (AS-PUBMATIC)
16 19 142.250.65.194 15169 (GOOGLE)
3 5 34.111.113.62 396982 (GOOGLE-CL...)
1 2 52.223.22.214 16509 (AMAZON-02)
1 2 34.193.215.195 14618 (AMAZON-AES)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 12 162.248.18.37 62713 (AS-PUBMATIC)
5 6 34.200.65.202 14618 (AMAZON-AES)
4 8.28.7.84 62713 (AS-PUBMATIC)
1 174.137.133.32 27257 (WEBAIR-IN...)
1 8.2.111.13 46636 (NATCOWEB)
3 3 216.200.232.253 30419 (MEDIAMATH...)
1 1 124.146.215.43 2514 (INFOSPHER...)
2 2 141.226.224.48 200478 (TABOOLA-AS)
2 2 2620:116:800b... 14618 (AMAZON-AES)
2 3.225.4.30 14618 (AMAZON-AES)
1 1 80.77.87.163 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 23.66.229.147 16625 (AKAMAI-AS)
2 23.192.31.127 16625 (AKAMAI-AS)
6 2607:f8b0:400... 15169 (GOOGLE)
8 13 69.173.151.100 26667 (RUBICONPR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 184.29.129.187 16625 (AKAMAI-AS)
1 2600:9000:25c... 16509 (AMAZON-02)
2 8.28.7.92 62713 (AS-PUBMATIC)
3 68.67.179.155 29990 (ASN-APPNEX)
1 184.29.128.199 16625 (AKAMAI-AS)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.95.118.179 16509 (AMAZON-02)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 2 2600:1901:0:8... 15169 (GOOGLE)
2 74.119.119.139 19750 (AS-CRITEO)
1 141.95.33.111 16276 (OVH)
1 34.237.249.254 14618 (AMAZON-AES)
6 6 3.217.144.211 14618 (AMAZON-AES)
1 1 199.187.193.179 47043 (SMARTADSE...)
2 2 173.231.178.116 32475 (SINGLEHOP...)
1 54.84.233.243 14618 (AMAZON-AES)
1 54.209.161.130 14618 (AMAZON-AES)
1 54.194.86.208 16509 (AMAZON-02)
2 2 2606:ae80:145... 25751 (VALUECLICK)
1 74.119.119.150 19750 (AS-CRITEO)
2 2 52.73.81.183 14618 (AMAZON-AES)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
2 2 35.190.60.146 15169 (GOOGLE)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 34.200.54.87 14618 (AMAZON-AES)
1 34.225.243.74 14618 (AMAZON-AES)
2 2 35.207.24.140 15169 (GOOGLE)
2 2 207.198.113.93 13768 (COGECO-PEER1)
1 2 38.98.69.175 174 (COGENT-174)
2 2 185.167.164.49 198622 (ADFORM)
356 106
23    2600:141b:f000:487::1155 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
www.npr.org
media.npr.org
11    2606:4700::6813:bb61 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    2600:141b:13:79b::13b8 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com
15    2600:141b:13:7a3::1155 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
static-assets.npr.org
bundles.npr.org
legacy.npr.org
5    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
2    2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
4    18.238.8.230 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-8-230.phl51.r.cloudfront.net
c.amazon-adsystem.com
5    2607:f8b0:4006:824::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.piano.io
c2.piano.io
i.piano.io
2    2600:141b:13:78e::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
68794905.akstat.io
19    2606:4700:10::6816:3ad5 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.documentcloud.org
api.www.documentcloud.org
s3.documentcloud.org
4    2600:141b:f000:4a0::1155 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
media.npr.org
1    2606:4700:e4::ac40:aa20 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    2600:141b:13:6ac::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
3    2606:4700:10::ac43:c91 (United States)

ASN13335 (CLOUDFLARENET, US)
s3.documentcloud.org
1    23.192.24.31 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-24-31.deploy.static.akamaitechnologies.com
a11107397707.cdn.optimizely.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
1    34.208.115.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-115-43.us-west-2.compute.amazonaws.com
m.stripe.com
1    18.238.12.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-12-225.phl51.r.cloudfront.net
aax.amazon-adsystem.com
6    184.29.128.213 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-128-213.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    216.35.221.71 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
api.npr.org
3    2607:f8b0:4006:809::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
8    2607:f8b0:4006:81e::2002 (New York, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    2600:9000:25c8:5a00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
2    3.134.172.54 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-172-54.us-east-2.compute.amazonaws.com
secure-us.imrworldwide.com
1    3.230.49.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-49-253.compute-1.amazonaws.com
logx.optimizely.com
1    2600:9000:25c8:e00:17:1d53:f700:93a1 (United States)

ASN16509 (AMAZON-02, US)
organization.api.npr.org
4    2607:f8b0:4006:817::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
1    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    68.67.160.186 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
13    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2606:4700::6812:1af (United States)

ASN13335 (CLOUDFLARENET, US)
e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
4    2600:1400:d:595::268b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
3    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:25c8:b200:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm
4    18.238.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-53.phl51.r.cloudfront.net
sb.scorecardresearch.com
6    2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
2    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-adaptive-growth.cloudfunctions.net
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
e1cef1f0-495f-4973-ba1c-880786e73a66.prmutv.co
1    104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
7    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
2    2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
cdn.adnxs.com
2    18.238.12.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-12-115.phl51.r.cloudfront.net
js.adsrvr.org
2    13.224.207.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-207-247.phl50.r.cloudfront.net
sc-static.net
4    104.77.150.190 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-77-150-190.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    44.209.137.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-137-140.compute-1.amazonaws.com
ping.chartbeat.net
1    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
2    34.171.234.26 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 26.234.171.34.bc.googleusercontent.com
um.simpli.fi
10    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2607:f8b0:4006:806::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    3.229.81.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-81-233.compute-1.amazonaws.com
rtb.gumgum.com
18    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
4    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
16    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
3    145.40.89.32 (Ashburn, United States)

ASN54825 (PACKET, US)
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
1    2607:f8b0:4006:80f::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2607:f8b0:4006:81f::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2607:f8b0:4006:823::2001 (New York, United States)

ASN15169 (GOOGLE, US)
9945223d3cb69ecf699a51dab0237bd6.safeframe.googlesyndication.com
3    68.67.179.166 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
21    35.172.99.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-99-217.compute-1.amazonaws.com
usersync.gumgum.com
5    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    54.146.9.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-9-250.compute-1.amazonaws.com
ads.avct.cloud
1    3.81.178.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-178-203.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    64.74.236.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    23.192.32.8 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-32-8.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
4    2600:1f18:4e9:5a02:6422:e7b:c10:ea7a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    54.225.103.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-103-173.compute-1.amazonaws.com
sync.ipredictive.com
2    2603:c020:400d:3000:67b7:1059:7283:c690 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    54.224.41.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-41-210.compute-1.amazonaws.com
ad.360yield.com
1    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
8    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
19    142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
cm.g.doubleclick.net
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    34.193.215.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-215-195.compute-1.amazonaws.com
thrtle.com
1    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
12    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
6    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
1    8.2.111.13 (United States)

ASN46636 (NATCOWEB, US)
cs.iqzone.com
3    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    124.146.215.43 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    2620:116:800b:21:4cb8:1820:80ca:50f7 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
2    3.225.4.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-4-30.compute-1.amazonaws.com
rtb.adentifi.com
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    23.66.229.147 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-229-147.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.192.31.127 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    2607:f8b0:4006:822::2001 (New York, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
13    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    2607:f8b0:4006:823::2002 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    184.29.129.187 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-129-187.deploy.static.akamaitechnologies.com
z.moatads.com
1    2600:9000:25c8:b000:10:43f:4352:ad61 (United States)

ASN16509 (AMAZON-02, US)
gw.geoedge.be
2    8.28.7.92 (United States)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
3    68.67.179.155 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
1    184.29.128.199 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-128-199.deploy.static.akamaitechnologies.com
crcdn01.adnxs-simple.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.95.118.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
1    34.237.249.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-249-254.compute-1.amazonaws.com
id.crwdcntrl.net
6    3.217.144.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-144-211.compute-1.amazonaws.com
match.prod.bidr.io
1    199.187.193.179 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
2    173.231.178.116 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-8.sys.adgear.com
cm.adgrx.com
1    54.84.233.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-233-243.compute-1.amazonaws.com
crb.kargo.com
1    54.209.161.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-161-130.compute-1.amazonaws.com
sync.bfmio.com
1    54.194.86.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-86-208.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
2    2606:ae80:1451:17::1400 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    52.73.81.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-81-183.compute-1.amazonaws.com
pm.w55c.net
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.200.54.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-54-87.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    34.225.243.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-243-74.compute-1.amazonaws.com
bpi.rtactivate.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    207.198.113.93 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    38.98.69.175 (New York, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
2    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
Apex Domain
Subdomains		 Transfer
44 npr.org
www.npr.org — Cisco Umbrella Rank: 13056
static-assets.npr.org — Cisco Umbrella Rank: 28464
bundles.npr.org — Cisco Umbrella Rank: 27269
media.npr.org — Cisco Umbrella Rank: 18344
api.npr.org — Cisco Umbrella Rank: 26211
legacy.npr.org — Cisco Umbrella Rank: 33523
organization.api.npr.org — Cisco Umbrella Rank: 36938
996 KB
37 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 514
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 506
image6.pubmatic.com — Cisco Umbrella Rank: 746
image2.pubmatic.com — Cisco Umbrella Rank: 958
simage2.pubmatic.com — Cisco Umbrella Rank: 707
image4.pubmatic.com — Cisco Umbrella Rank: 1104
t.pubmatic.com — Cisco Umbrella Rank: 3357
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
201 KB
29 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
183 KB
22 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1537
usersync.gumgum.com — Cisco Umbrella Rank: 1933
7 KB
22 documentcloud.org
embed.documentcloud.org — Cisco Umbrella Rank: 262987
api.www.documentcloud.org — Cisco Umbrella Rank: 233006
s3.documentcloud.org — Cisco Umbrella Rank: 189637
1 MB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 525
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
16 KB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 406
s.amazon-adsystem.com — Cisco Umbrella Rank: 293
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1052
129 KB
18 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1533
insight.adsrvr.org — Cisco Umbrella Rank: 571
match.adsrvr.org — Cisco Umbrella Rank: 356
13 KB
16 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1111
eus.rubiconproject.com — Cisco Umbrella Rank: 589
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
token.rubiconproject.com — Cisco Umbrella Rank: 600
21 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
acdn.adnxs.com — Cisco Umbrella Rank: 611
secure.adnxs.com — Cisco Umbrella Rank: 440
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1367
cdn.adnxs.com — Cisco Umbrella Rank: 1649
66 KB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
9945223d3cb69ecf699a51dab0237bd6.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
174 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 410
190 KB
10 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448
ups.analytics.yahoo.com — Cisco Umbrella Rank: 301
4 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
94 KB
8 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2740
api.permutive.com — Cisco Umbrella Rank: 2151
6 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5131
p1cluster.cxense.com — Cisco Umbrella Rank: 9716
comcluster.cxense.com — Cisco Umbrella Rank: 4695
id.cxense.com — Cisco Umbrella Rank: 10143
76 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1202
q.stripe.com — Cisco Umbrella Rank: 7069
m.stripe.com — Cisco Umbrella Rank: 1158
131 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 559
3 KB
6 tinypass.com
buy.tinypass.com — Cisco Umbrella Rank: 6833
49 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 429
mug.criteo.com — Cisco Umbrella Rank: 2429
dis.criteo.com — Cisco Umbrella Rank: 674
2 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 471
1 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 324
3 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 927
2 KB
5 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 1720
gw.geoedge.be — Cisco Umbrella Rank: 1951
530 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 278
adservice.google.com — Cisco Umbrella Rank: 83
2 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
323 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 682
1 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
249 B
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 720
102 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 164
1 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
222 KB
4 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 734
a11107397707.cdn.optimizely.com — Cisco Umbrella Rank: 31560
logx.optimizely.com — Cisco Umbrella Rank: 1316
236 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
1 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 505
2 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1098
930 B
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 472
733 B
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 765
1 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
200 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
22 KB
3 piano.io
cdn.piano.io — Cisco Umbrella Rank: 23053
c2.piano.io — Cisco Umbrella Rank: 5411
i.piano.io — Cisco Umbrella Rank: 21613
104 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 585
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 5066
967 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 668
938 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1106
899 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 848
1 KB
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3491
744 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1397
1011 B
2 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2607
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1013
1 KB
2 rlcdn.com
api.rlcdn.com Failed
idsync.rlcdn.com — Cisco Umbrella Rank: 416
841 B
2 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2041
589 B
2 moatads.com
z.moatads.com — Cisco Umbrella Rank: 499
536 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
105 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 527
701 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1183
69 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 740
1005 B
2 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 991
620 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1317
683 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
734 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 776
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 607
835 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 681
644 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1433
4 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 974
1019 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 573
2 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 562
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4216
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 792
1 KB
2 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1026
27 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 671
cdn.indexww.com — Cisco Umbrella Rank: 1563
2 KB
2 cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2621
2 imrworldwide.com
secure-us.imrworldwide.com — Cisco Umbrella Rank: 2252
1 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1274
17 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1313
c.go-mpulse.net — Cisco Umbrella Rank: 625
51 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 636
568 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1691
109 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 831
632 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2462
308 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2520
397 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1625
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1659
504 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 444
1 KB
1 adnxs-simple.com
crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 4593
56 KB
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1076
660 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1080
824 B
1 iqzone.com
cs.iqzone.com — Cisco Umbrella Rank: 3548
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1096
191 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 949
518 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 806
790 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2553
412 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 548
684 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 700
881 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1003
228 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1299
201 B
1 prmutv.co
e1cef1f0-495f-4973-ba1c-880786e73a66.prmutv.co — Cisco Umbrella Rank: 46435
391 B
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 2599
6 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1680
15 KB
1 permutive.app
e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app — Cisco Umbrella Rank: 32176
95 KB
1 akstat.io
68794905.akstat.io — Cisco Umbrella Rank: 16590
200 B
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7821
3 KB
356 99
Domain Requested by
24 media.npr.org www.npr.org
bundles.npr.org
static-assets.npr.org
21 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
19 cm.g.doubleclick.net 16 redirects rtb.gumgum.com
eus.rubiconproject.com
15 match.adsrvr.org 13 redirects rumcdn.geoedge.be
ads.pubmatic.com
14 embed.documentcloud.org www.npr.org
embed.documentcloud.org
13 s.amazon-adsystem.com 2 redirects rumcdn.geoedge.be
s.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
12 simage2.pubmatic.com 1 redirects ads.pubmatic.com
s.amazon-adsystem.com
12 bundles.npr.org www.npr.org
bundles.npr.org
11 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
11 cdn.cookielaw.org www.npr.org
cdn.cookielaw.org
10 cdnjs.cloudflare.com buy.tinypass.com
8 pixel.rubiconproject.com 4 redirects js.adsrvr.org
eus.rubiconproject.com
8 image2.pubmatic.com ads.pubmatic.com
s.amazon-adsystem.com
8 securepubads.g.doubleclick.net bundles.npr.org
rumcdn.geoedge.be
securepubads.g.doubleclick.net
www.npr.org
www.googletagservices.com
7 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
js-sec.indexww.com
ssum-sec.casalemedia.com
rtb.gumgum.com
7 api.permutive.com e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
7 ib.adnxs.com 2 redirects ads.pubmatic.com
e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
acdn.adnxs.com
js.adsrvr.org
7 s3.documentcloud.org embed.documentcloud.org
www.npr.org
6 match.prod.bidr.io 6 redirects
6 tpc.googlesyndication.com rumcdn.geoedge.be
6 ups.analytics.yahoo.com 5 redirects js.adsrvr.org
6 buy.tinypass.com cdn.piano.io
rumcdn.geoedge.be
buy.tinypass.com
6 ads.pubmatic.com bundles.npr.org
ads.pubmatic.com
s.amazon-adsystem.com
rtb.gumgum.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 pixel.tapad.com 3 redirects s.amazon-adsystem.com
5 x.bidswitch.net 5 redirects
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 tr.snapchat.com 1 redirects rumcdn.geoedge.be
sc-static.net
5 www.googletagmanager.com www.npr.org
www.googletagmanager.com
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
4 www.facebook.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 analytics.tiktok.com www.npr.org
analytics.tiktok.com
rumcdn.geoedge.be
4 sb.scorecardresearch.com 2 redirects
4 cdn.cxense.com cdn.piano.io
cdn.cxense.com
rumcdn.geoedge.be
4 rumcdn.geoedge.be bundles.npr.org
rumcdn.geoedge.be
www.npr.org
4 c.amazon-adsystem.com www.npr.org
c.amazon-adsystem.com
cdn.cookielaw.org
3 simage4.pubmatic.com ads.pubmatic.com
3 px.ads.linkedin.com 1 redirects eus.rubiconproject.com
s.amazon-adsystem.com
3 nym1-ib.adnxs.com rumcdn.geoedge.be
cdn.adnxs.com
3 fonts.gstatic.com fonts.googleapis.com
3 sync.mathtag.com 3 redirects
3 match.deepintent.com 2 redirects ssum-sec.casalemedia.com
3 us-u.openx.net 2 redirects s.amazon-adsystem.com
3 sync.outbrain.com 3 redirects
3 secure.adnxs.com 2 redirects rumcdn.geoedge.be
3 connect.facebook.net www.npr.org
connect.facebook.net
3 www.google.com bundles.npr.org
rumcdn.geoedge.be
3 www.google-analytics.com bundles.npr.org
www.google-analytics.com
3 q.stripe.com www.npr.org
3 js.stripe.com www.npr.org
js.stripe.com
3 www.npr.org bundles.npr.org
2 c1.adform.net 2 redirects
2 pmp.mxptint.net 1 redirects s.amazon-adsystem.com
2 pixel-sync.sitescout.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 idsync.rlcdn.com 2 redirects
2 pm.w55c.net 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 cm.adgrx.com 2 redirects
2 mug.criteo.com
2 lexicon.33across.com 1 redirects
2 gum.criteo.com 1 redirects
2 t.pubmatic.com ads.pubmatic.com
2 z.moatads.com rumcdn.geoedge.be
2 www.googletagservices.com rumcdn.geoedge.be
2 eus.rubiconproject.com rtb.gumgum.com
eus.rubiconproject.com
2 creativecdn.com 2 redirects
2 rtb.adentifi.com ssum-sec.casalemedia.com
s.amazon-adsystem.com
2 cms.quantserve.com 2 redirects
2 sync.taboola.com 2 redirects
2 thrtle.com 1 redirects
2 eb2.3lift.com 1 redirects
2 ad.360yield.com 2 redirects
2 sync.technoratimedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 bh.contextweb.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 ads.avct.cloud 2 redirects
2 fonts.googleapis.com buy.tinypass.com
rumcdn.geoedge.be
2 um.simpli.fi 2 redirects
2 sc-static.net www.npr.org
tr.snapchat.com
2 js.adsrvr.org www.googletagmanager.com
match.adsrvr.org
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm
2 secure-us.imrworldwide.com 1 redirects
2 m.stripe.network js.stripe.com
m.stripe.network
2 geolocation.onetrust.com cdn.cookielaw.org
2 static-assets.npr.org www.npr.org
2 cdn.optimizely.com www.npr.org
cdn.cookielaw.org
1 bpi.rtactivate.com s.amazon-adsystem.com
1 bcp.crwdcntrl.net s.amazon-adsystem.com
1 pippio.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 synchroscript.deliveryengine.adswizz.com s.amazon-adsystem.com
1 sync.bfmio.com s.amazon-adsystem.com
1 crb.kargo.com s.amazon-adsystem.com
1 rtb-csync.smartadserver.com 1 redirects
1 id.crwdcntrl.net ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 cdn.adnxs.com rumcdn.geoedge.be
1 crcdn01.adnxs-simple.com rumcdn.geoedge.be
1 gw.geoedge.be rumcdn.geoedge.be
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 secure-assets.rubiconproject.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 tg.socdm.com 1 redirects
1 cs.iqzone.com rtb.gumgum.com
1 sync.adkernel.com rtb.gumgum.com
1 image4.pubmatic.com
1 ad.turn.com 1 redirects
1 p.rfihub.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 t.adx.opera.com rtb.gumgum.com
1 stags.bluekai.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 9945223d3cb69ecf699a51dab0237bd6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com rumcdn.geoedge.be
1 p1cluster.cxense.com cdn.cxense.com
1 insight.adsrvr.org 1 redirects
1 rtb.gumgum.com s.amazon-adsystem.com
1 i.piano.io buy.tinypass.com
1 csync.loopme.me 1 redirects
1 ping.chartbeat.net
1 acdn.adnxs.com ads.pubmatic.com
1 js-sec.indexww.com ads.pubmatic.com
1 analytics.google.com www.googletagmanager.com
1 cdn.permutive.com e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
1 e1cef1f0-495f-4973-ba1c-880786e73a66.prmutv.co e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
1 cdn.pdst.fm www.npr.org
1 static.chartbeat.com www.npr.org
1 c2.piano.io cdn.piano.io
1 e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app bundles.npr.org
1 hbopenbid.pubmatic.com ads.pubmatic.com
1 htlb.casalemedia.com ads.pubmatic.com
1 www.gstatic.com www.google.com
1 organization.api.npr.org bundles.npr.org
1 logx.optimizely.com cdn.optimizely.com
1 legacy.npr.org bundles.npr.org
1 api.npr.org bundles.npr.org
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 m.stripe.com m.stripe.network
1 68794905.akstat.io s.go-mpulse.net
1 a11107397707.cdn.optimizely.com cdn.optimizely.com
1 c.go-mpulse.net s.go-mpulse.net
1 www.npttech.com www.npr.org
1 api.www.documentcloud.org embed.documentcloud.org
1 s.go-mpulse.net www.npr.org
1 cdn.piano.io www.npr.org
0 api.rlcdn.com Failed ads.pubmatic.com
356 155
Subject Issuer Validity Valid
www.npr.org
DigiCert SHA2 Extended Validation Server CA		 2022-07-29 -
2023-07-30		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-30 -
2023-10-30		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-04-20 -
2023-08-05		 4 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
documentcloud.org
Cloudflare Inc ECC CA-3		 2023-03-30 -
2024-03-29		 a year crt.sh
npttech.com
GTS CA 1P5		 2023-05-06 -
2023-08-04		 3 months crt.sh
*.cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-03 -
2023-06-07		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-14 -
2023-06-13		 4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-28 -
2023-07-26		 4 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.npr.org
Thawte RSA CA 2018		 2023-01-09 -
2024-02-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-10		 8 months crt.sh
logx.optimizely.com
Amazon RSA 2048 M01		 2023-02-27 -
2023-08-22		 6 months crt.sh
*.api.npr.org
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-07		 10 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-05-10 -
2023-08-08		 3 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-18 -
2023-05-19		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
cdn.pdst.fm
GTS CA 1D4		 2023-03-28 -
2023-06-26		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.prmutv.co
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
api.permutive.com
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
sc-static.net
Amazon RSA 2048 M02		 2023-01-20 -
2024-02-18		 a year crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2023-03-13 -
2024-04-12		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-17 -
2023-08-05		 6 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-12		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.iqzone.com
Go Daddy Secure Certificate Authority - G2		 2023-04-05 -
2024-05-06		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh

This page contains 55 frames:

Primary Page: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Frame ID: FA1B074943F998BED8EA11B8B2FC5448
Requests: 176 HTTP requests in this frame

Frame: https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
Frame ID: C816FCA01B3C022C631B95200CAB8EE0
Requests: 23 HTTP requests in this frame

Frame: https://a11107397707.cdn.optimizely.com/client_storage/a11107397707.html
Frame ID: 9EF02C4592228D13A9211352773C39DE
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 75C0FF4CAFB78FA0CC6597159EAF2C09
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 9DF4CEDEE3DF67EAD88350F0B0F28371
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&dcc=t
Frame ID: FE56829AEB87555ACEAF95DD54C370A5
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Frame ID: 1ABEC6057C12C786CDDF014088981034
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: FFB3A7EE85211B6A077F43B8B1239F97
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Frame ID: E34C930AA7D90EAB79DDDFA5DB8EC687
Requests: 14 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EB9CF0906C0B708DD57E7BDDE5AB21F8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8E17B1AED28CC69E1F0EB592C87B3D9F
Requests: 3 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 0B8900E086BDF064F54AFC7C899FA0E4
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 5789EE37B7CA69CB7E3FBF3411257DBF
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 052497D6DA2186AF8B64B068AB535E9A
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: D7E03FDA589638B9438F3523E12BF310
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: D1F87BD61898252D13E89A64A0A2DA01
Requests: 10 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=af8035d0-06ae-4a44-8fd1-e54332a4abd8&u_scsid=4dfd7bc5-e54b-4da7-930a-6b2c09d7a8c3&u_sclid=c05703ab-313a-4c7d-b81f-e46746c548ca
Frame ID: 89E746701C25873D1AFD4225BCA3EEAC
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=a8wczr9&ref=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&upid=6lzlhnf&upv=1.1.0
Frame ID: C1EC906DA5747856548ACCE26F950598
Requests: 2 HTTP requests in this frame

Frame: https://9945223d3cb69ecf699a51dab0237bd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EA06DB2DB9A8E33ED7932B3DF90E36EB
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZF2D7QAJan2HowBa
Frame ID: 55DF6A913A74782ECF21018E79F13960
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314639533267504
Frame ID: 5DCDA27F45D5FA64BEEB89F8D5C37B6A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&redir=true&gdpr=0&gdpr_consent=
Frame ID: 5812D2194E4E4C8DB25541C4B57471AF
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 8824B01C660F60A710C99B080F3B3F7B
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=u_1488d12f-431d-446d-8c7c-76352bf75401&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: 436F6D5013C7CF321B67D49299A34749
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: E2BF0441847AD63B4310B755976DD5D4
Requests: 12 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=3ec4d4ee-9729-4f72-97e5-82f58aca8f39
Frame ID: 32CF18CEEDE8F8525A1545E04C19DE3F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=bb75645d-83ed-4500-8bc7-011a248e5d45&gdpr=&gdpr_consent=
Frame ID: 73D801DE6FA8450FA70D94A088781203
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZF2D7QAJWfGa1gAp&gdpr=&gdpr_consent=&_test=ZF2D7QAJWfGa1gAp
Frame ID: 1679A02A1BE3BC5299011DE74C787088
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8xNDg4ZDEyZi00MzFkLTQ0NmQtOGM3Yy03NjM1MmJmNzU0MDE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Frame ID: 25A6F265FFF7E2F5BDACADBF5328ED16
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZF2D7cCo8XYAALq-F7AAAAAA
Frame ID: 63B4E7572B9D10FA8DB8380C599BD6F3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=3f815e86-e251-4c0b-9350-f7846f377bf0
Frame ID: E6C966F008EB53FCD62BD7FCCD2F6192
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 31C36FE5850106CD6A13C1073A523376
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=o6QV0QJdLztL1mof1p62&pi=gumgum&tc=1
Frame ID: 185F2C680ABD762C4D4498A1D23AF59D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 402A064F949FD9B2556C5D576E5FEFA4
Requests: 12 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1683750848451&pnid=140&pcid=eb740e63-58b5-4b30-a391-d996413c50ea
Frame ID: DC68E161CBDA9781E3FB99EB0763B686
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: ACA4DBB5D86B362057B57666029CDAD4
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/55953/sync?uid=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&_origin=0&gdpr=0&gdpr_consent=
Frame ID: 05D5501E3B2D148DA5F76F9DEABF8F3A
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=&expires=30
Frame ID: 0DDD22DEAED6660BAE13B7F48D14ADEA
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/setuid?entity=82&code=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=
Frame ID: 006E44819F9BF4AADC9FA9CC103213C8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D0D8081572AAAF5A8D96BFA474D1923F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 878B68D108608C12D5801C73769EC4A3
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FEA93A9C501FAE43FE4C9D4C70D9EAB4
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw7R0oKV2mwxGoxH5B94Go7ZRF_LIaNBRHoa4mA3AAj9E32Thn0uI9-HDNNNz4S5bvgS049Y885JYQFanucLyIBqhb_7rThg8mbayM8H-tkhjrhmnRvF5g6NBXdVYdw_I1ljcrCY6QnEL3dPRgkqkl18JHlcvFAMvG26SH8doe4-vGEzUNip9iOJBZybhRqfx5f1Ox7EVq0SGU6bLJHFh6n_1L6ADNK1TCcjMqxHmAhtL7rlqnV-oJ4WQY09erMxA74d2wySG1rXY2XQSdqxzzPrpOS9_wNL2yMNSlMjVLPHGb8T8zxkcGyYrceYFGrdhSguYtMxjs&sai=AMfl-YQ67GeTYZee5-YamOPx0dboQATb8zpfgDyDyzq3aS6KDOj1O8lugweeEzFq1wyVImpSxXkXdGCsN6DIwJ0x3_JWnLzkjdOwoYJsjlH-J_2BQOdOugHT1Yy6MZMcnHgFjfR0kPsMtWqhhHZR49CN&sig=Cg0ArKJSzIo006gD1OzoEAE&uach_m=[UACH]&adurl=
Frame ID: 405014E21BF67BACA60313513BEFB863
Requests: 9 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Frame ID: 83617D6A32BB429710F74AE06CA6698D
Requests: 13 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABPA07IuwgAACFVmowLtA&gdpr=0&gdpr_consent=
Frame ID: 26615FA554C7C83F15507C201766F906
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bb75645d-83ed-4500-8bc7-011a248e5d45&gdpr=0&gdpr_consent=
Frame ID: E55EC83DE7B70819DAC9DA1E9110C2C4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=64354240-f059-11ed-9a84-e9c9e824e41f
Frame ID: A463916292C4953E66758670D7894ECD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5585051093897204759&gdpr=0&gdpr_consent=
Frame ID: 7F6EA9B50609262F2832EE55A7D88F99
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID03F1BCA6-29A9-42C8-8233-80D59BD77E9D
Frame ID: D4E208E2A44E914CBF574C00E4FC5DDE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WJCDGlaX0xpDkYQdW52bRlmX0kxDxoMfCMebNgaO
Frame ID: F2276F8B57D97691B70EDEB3213B8195
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_9f53e7dca3a940a1a1cfb
Frame ID: EEAF453CC6A8732AE9C87FADDFAD4647
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: C3778CBE0CE3D354853A385E5E5CA77C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0FrJhKvE1PXgmA5&gdpr=0&gdpr_consent=
Frame ID: 868473C30708A30603F7A115ADA61398
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
Frame ID: 3C8C7B1D009C2C033CC19F791E851357
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=03F1BCA6-29A9-42C8-8233-80D59BD77E9D
Frame ID: 5A03F24612D55323E43619BD025EB209
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Here's what's in Virginia's secret execution files : NPRFill 10Back ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

356
Requests

83 %
HTTPS

32 %
IPv6

99
Domains

155
Subdomains

106
IPs

9
Countries

5700 kB
Transfer

15905 kB
Size

197
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803244h&cg=0&cc=1&si=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&rp=&ts=compact&rnd=1683850219927 HTTP 302
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803244h&cg=0&cc=1&si=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&rp=&ts=compact&rnd=1683850219927&ja=1
Request Chain 136
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&dcc=t
Request Chain 153
  • https://sb.scorecardresearch.com/b?c1=2&c2=17691522&ns__t=1683850220524&ns_c=UTF-8&c8=Here%27s%20what%27s%20in%20Virginia%27s%20secret%20execution%20files%20%3A%20NPR&c7=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=17691522&ns__t=1683850220524&ns_c=UTF-8&c8=Here%27s%20what%27s%20in%20Virginia%27s%20secret%20execution%20files%20%3A%20NPR&c7=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&c9=
Request Chain 154
  • https://sb.scorecardresearch.com/c2/17691522/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 179
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=4ef20b62-6512-4e08-bb4e-dc21f482c3a4
Request Chain 180
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=CB5033A211F645E781D9BE26BE718709&ex=simpli.fi&status=ok
Request Chain 199
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 206
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 210
  • https://insight.adsrvr.org/track/up?adv=a8wczr9&ref=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&upid=6lzlhnf&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=a8wczr9&ref=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&upid=6lzlhnf&upv=1.1.0
Request Chain 218
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5585051093897204759
Request Chain 219
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_1488d12f-431d-446d-8c7c-76352bf75401&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_1488d12f-431d-446d-8c7c-76352bf75401&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=140b447e-d1e7-4df3-8414-2e5cb259ff26&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=d58e1f47-673d-43c0-9eb5-3d3092a2f42c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 220
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-726727c3-2fec-5888-4b58-5e8c90b62167$ip$96.9.249.39
Request Chain 221
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_1488d12f-431d-446d-8c7c-76352bf75401&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=tUErNNrmnF3IeDQjI0fy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHV2FKRLSJZHHE3LOIYZUSZKEKFVESMDGPE HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHV2FKRLSJZHHE3LOIYZUSZKEKFVESMDGPE HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=tUErNNrmnF3IeDQjI0fy
Request Chain 222
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=SLUa04RHlEfB&ev=1&pid=558355
Request Chain 223
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28JnjMRgFnSPb5bZmnOsA7kpRNnlM7ibGMSgt1KDCZD821L4fDeVqRIVieByrmQT8y%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28JnjMRgFnSPb5bZmnOsA7kpRNnlM7ibGMSgt1KDCZD821L4fDeVqRIVieByrmQT8y%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_1488d12f-431d-446d-8c7c-76352bf75401&obuid=ENC(JnjMRgFnSPb5bZmnOsA7kpRNnlM7ibGMSgt1KDCZD821L4fDeVqRIVieByrmQT8y) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&initiator=$initiator
Request Chain 224
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=e5692b72-b18f-4f36-903b-344ef4b15587
Request Chain 225
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Ao4Gym1E2pet60MJjNUc5iE6VvELhRDfIeLc~A
Request Chain 226
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=38da2c82-a184-4f05-ba5c-0b96ac861902
Request Chain 227
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=4D3C4260A3D4496388DD53B7B232A07F
Request Chain 228
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_9f53e7dca3a940a1a1cfb
Request Chain 229
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=2641623b-1cfe-498f-95da-322c21926ada
Request Chain 230
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8500728873333680786
Request Chain 232
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZF2D7QAJan2HowBa
Request Chain 233
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314639533267504
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=A_G8pimpQsiCM4DVm9d-nQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=A_G8pimpQsiCM4DVm9d-nQ%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 236
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=03F1BCA6-29A9-42C8-8233-80D59BD77E9D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=03F1BCA6-29A9-42C8-8233-80D59BD77E9D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=eb740e63-58b5-4b30-a391-d996413c50ea%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&ttd_puid=eb740e63-58b5-4b30-a391-d996413c50ea%2C%2C
Request Chain 237
  • https://eb2.3lift.com/xuid?mid=7976&xuid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 238
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=040f6da3-3151-4ed9-bfc6-2c2c015f28c5
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDNGMUJDQTYtMjlBOS00MkM4LTgyMzMtODBENTlCRDc3RTlE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDNGMUJDQTYtMjlBOS00MkM4LTgyMzMtODBENTlCRDc3RTlE&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIALGw0mvkrLX-kmXf9VoHY&google_cver=1
Request Chain 241
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CB5033A211F645E781D9BE26BE718709
Request Chain 242
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4010939127404796361&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 243
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=
Request Chain 244
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.sFTDM9E2uWvcEh.5yksBsu61mXLx4A-~A&gdpr=0
Request Chain 250
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=3ec4d4ee-9729-4f72-97e5-82f58aca8f39
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=bb75645d-83ed-4500-8bc7-011a248e5d45&gdpr=&gdpr_consent=
Request Chain 252
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZF2D7QAJWfGa1gAp HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZF2D7QAJWfGa1gAp&gdpr=&gdpr_consent=&_test=ZF2D7QAJWfGa1gAp
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8xNDg4ZDEyZi00MzFkLTQ0NmQtOGM3Yy03NjM1MmJmNzU0MDE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8xNDg4ZDEyZi00MzFkLTQ0NmQtOGM3Yy03NjM1MmJmNzU0MDE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Request Chain 254
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZF2D7cCo8XYAALq-F7AAAAAA
Request Chain 255
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&expiration=1686442221&gdpr=0&gdpr_consent=
Request Chain 256
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZF2D7ZSUASbTp5SQYa1uOwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFp7MmOW3G3GN9jR52f2cuo&google_cver=1
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFcs7-Lq9ZYmhhhiKNVTHDI&google_cver=1
Request Chain 259
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZF2D7ZSUASbTp5SQYa1uOgAA%26074&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=9b7f42eb-aec6-45f5-8952-32eb8ea1c97f-tuctb57096d
Request Chain 260
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5585051093897204759
Request Chain 262
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZF2D7ZSUASbTp5SQYa1uOwAAAEoAAAAB&gdpr_consent=&us_privacy=1YNN&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZF2D7ZSUASbTp5SQYa1uOwAAAEoAAAAB&gdpr_consent=&us_privacy=1YNN&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAF3v4KlwGltx8acCVveiwE&google_cver=1
Request Chain 265
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&us_privacy=1YNN HTTP 302
  • https://cm.g.doubleclick.net/pixel?us_privacy=1YNN&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZF2D7ZSUASbTp5SQYa1uOwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENelQuOK8GkOtUouvw-vpEY&google_cver=1
Request Chain 266
  • https://match.adsrvr.org/track/cmf/casale?us_privacy=1YNN HTTP 302
  • https://match.adsrvr.org/track/cmb/casale?us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&expiration=1686442221&gdpr=0&gdpr_consent=
Request Chain 268
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=1YNN&gdpr=&gdpr_consent=&id=ZF2D7ZSUASbTp5SQYa1uOwAA%26074&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=0812bbd6-e5b9-48db-b1fb-afde6bbd835d-tuctb57096d
Request Chain 269
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Cvt7qwT8K6sR-nysCfZj9wv8Kv0RrXuuWqzPBAE2
Request Chain 271
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5c3d645d-83ed-4300-9acf-6d2d0e9de5b1
Request Chain 273
  • https://cs.admanmedia.com/sync/gumgum?puid=u_1488d12f-431d-446d-8c7c-76352bf75401&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=3f815e86-e251-4c0b-9350-f7846f377bf0
Request Chain 275
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=o6QV0QJdLztL1mof1p62&pi=gumgum&tc=1
Request Chain 276
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 284
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1683850221405&u_scsid=1603ec2d-2077-471a-9d4d-7d4121c33f8e&u_sclid=10aead5a-7461-4d90-af02-0194ed92ba84 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1683750848451%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://tr.snapchat.com/cm/p?rand=1683750848451&pnid=140&pcid=eb740e63-58b5-4b30-a391-d996413c50ea
Request Chain 291
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=b35ceeb4-8c5c-4065-9533-21dd50719f5d&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-crZR1klE2uIHOWvC9xysd7rpQXDensQ-~A&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&_origin=0&gdpr=0&gdpr_consent=
Request Chain 292
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b35ceeb4-8c5c-4065-9533-21dd50719f5d&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=&expires=30
Request Chain 293
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=b35ceeb4-8c5c-4065-9533-21dd50719f5d HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5585051093897204759&ttd_tdid=b35ceeb4-8c5c-4065-9533-21dd50719f5d HTTP 302
  • https://ib.adnxs.com/setuid?entity=82&code=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=
Request Chain 308
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1YNN&khaos=LHJSY2GP-1S-LAY HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LHJSY2GP-1S-LAY&us_privacy=1YNN
Request Chain 322
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1YNN HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHJSY2GP-1S-LAY&us_privacy=1YNN
Request Chain 323
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNN HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/T3pJGGSSp-m8zMF2ZgOKeQ?csrc=&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-SR3eYsBE2oLbYsQbtOG65QT5JJ.pR0.gx5sg9Q--~A
Request Chain 324
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhKU1kyR1AtMVMtTEFZ&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENrKPGfIi6HamciyLyZvmXM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKU1kyR1AtMVMtTEFZ&google_push=
Request Chain 325
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFbOaRtKMYy9Opbw1qB5_nw&google_cver=1
Request Chain 327
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XuLPysEERwebxGgruR-N3g&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XuLPysEERwebxGgruR-N3g
Request Chain 328
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=&expires=30
Request Chain 329
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTU2YmRjNTUyMWYyYjAxNDIyZGFjNGFkYzk4MjgwYTZiM2E0Mzc2ZA&us_privacy=1YNN
Request Chain 341
  • https://lexicon.33across.com/v1/envelope?pid=0015a000034M61LAAS&gdpr=0&src=pbjs&ver=6.29.3 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a000034M61LAAS&gdpr=0&src=pbjs&ver=6.29.3&b=1&g=IMaKFfiO8EMPZh95tzTOzpmW%2FvOTTktbf6fHHwgcE9Y%3D
Request Chain 342
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.npr.org%2F&domain=www.npr.org&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=rMKLTHxuMGZ6dkJuRjVpdDlxUEhxdDhtOGE4bjZVcHlsYXBGVlFaVDZPb000Q016bkZ6TFJsSU0zRkpCWGtiY1poc0ZCeWI0T01LZWhXTEFoODEwZk9vN28zWmVTYjQ3cUd3SXU0QzNETTlDaUk0bEd4a2tpMU9VQzRTM3A0Mng5ZUZWM0JVaXhPNWV4cnhiVjgzRSs2TmlidTVYbFE1MDVVT3FPYng0LzBVSy9HVFRYSGNmdHhabzR1akFhRExuUFBMVUp2SHRxekR4OThnRUdtQTJ5YVk1WGVQekpINXgwVjd6Y0tBRWtDZnhjWjAwPXw&cppv=2
Request Chain 355
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCUEEwN0l1d2dBQUNGVm1vd0x0QQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABPA07IuwgAACFVmowLtA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABPA07IuwgAACFVmowLtA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABPA07IuwgAACFVmowLtA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABPA07IuwgAACFVmowLtA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=8500728873333680786&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABPA07IuwgAACFVmowLtA&gdpr=0&gdpr_consent=
Request Chain 356
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bb75645d-83ed-4500-8bc7-011a248e5d45&gdpr=0&gdpr_consent=
Request Chain 357
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=64354240-f059-11ed-9a84-e9c9e824e41f
Request Chain 358
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5585051093897204759&gdpr=0&gdpr_consent=
Request Chain 364
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=38da2c82-a184-4f05-ba5c-0b96ac861902&gdpr=0&gdpr_consent=
Request Chain 365
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=37ca4854493113ee&is_secure=true&networkId=17100&version=1&nuid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHYVuvaU_-tQM18iIfAAAAAAA&expiration=1683936624&nuid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 367
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WJCDGlaX0xpDkYQdW52bRlmX0kxDxoMfCMebNgaO
Request Chain 368
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_9f53e7dca3a940a1a1cfb
Request Chain 370
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0FrJhKvE1PXgmA5&gdpr=0&gdpr_consent=
Request Chain 371
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
Request Chain 373
  • https://idsync.rlcdn.com/712188.gif?partner_uid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent= HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CPy7KxIwCiwIARCFpQoaJDAzRjFCQ0E2LTI5QTktNDJDOC04MjMzLTgwRDU5QkQ3N0U5RBAAGg0I8If2ogYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=dfe086b87c0d1e4576aa02effaed472f715963c3759ace4a6497733c23942869791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=dfe086b87c0d1e4576aa02effaed472f715963c3759ace4a6497733c23942869791426b5417dce21&rand=05453285 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=dfe086b87c0d1e4576aa02effaed472f715963c3759ace4a6497733c23942869791426b5417dce21&rand=05453285&expected_cookie=94d66d61-6361-4bfc-b6fb-3f79399310db
Request Chain 377
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=d58e1f47-673d-43c0-9eb5-3d3092a2f42c&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=d58e1f47-673d-43c0-9eb5-3d3092a2f42c&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=debaf0e6-4083-41dd-9a65-90fbca33492d&ssp=pubmatic&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d58e1f47-673d-43c0-9eb5-3d3092a2f42c&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 378
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=6c792d18-465e-4d16-97e8-9a0002930b3c-645d83f0-5553&gdpr=0&gdpr_consent=
Request Chain 379
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_102876CBD_8D98B488&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 381
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6620998075383522498

356 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
www.npr.org/2023/05/11/1174343605/ 		103 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f8431b6878da29f1c8dd7eac6b019190d0274aade3b212a81d19e18048acb879
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://news.google.com
cache-control
no-cache
content-encoding
gzip
content-length
24146
content-type
text/html; charset=UTF-8
date
Fri, 12 May 2023 00:10:17 GMT
expires
Fri, 12 May 2023 00:10:17 GMT
referrer-policy
no-referrer-when-downgrade
server-timing
cdn-cache; desc=HIT edge; dur=14 ak_p; desc="467736_1749903243_302871076_1339_11313_44_0";dur=1
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 101364 0 pmb=mRUM,1
x-cache-npr
HIT
x-content-type-options
nosniff
x-npr-trace-id
renJpRxp7bE
x-served-by
pod-www-render-nginx-787647677d-7czg6
x-xss-protection
1; mode=block
OtAutoBlock.js
cdn.cookielaw.org/consent/82089dfe-410c-4e1b-a7f9-698174b62a86/ 		53 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/82089dfe-410c-4e1b-a7f9-698174b62a86/OtAutoBlock.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e9c4efbf23439cb9f4dc22b5f36b6ced619f8c81bce299eeeeacfb377d38975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 00:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Zjc7T/QljcxL8cWe9IUKHQ==
age
36657
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
9613
x-ms-lease-status
unlocked
last-modified
Wed, 21 Dec 2022 15:27:08 GMT
server
cloudflare
etag
0x8DAE367D320D167
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c992cd58-901e-013a-24e1-5add10000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c5e70153f04d163-BUF
expires
Sat, 13 May 2023 00:10:17 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 00:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
rpnZu/dYNZPLIh9pLOSMrg==
age
71713
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6757
x-ms-lease-status
unlocked
last-modified
Tue, 09 May 2023 06:38:40 GMT
server
cloudflare
etag
0x8DB5058071C5A59
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4cb9a801-201e-014e-4ca9-825b56000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c5e70153f05d163-BUF
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 00:10:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
69736
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7c5e70153f06d163-BUF
11107397707.js
cdn.optimizely.com/js/ 		368 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/11107397707.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:79b::13b8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccd58a79f3d3a3d5efdebfeabee337687299d5fb4639c98473945eed036b61a8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
hapr7wD0uqQkNZi8R.9z8yQDcNknSJvP
content-encoding
gzip
date
Fri, 12 May 2023 00:10:17 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
VSJZ17RMNCZYG496
x-amz-server-side-encryption
AES256
x-amz-meta-revision
5618
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="52";dur=0,cdnip;desc="2600:141b:13:79b::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="467736_388993430_430573923_40_3067_52_0";dur=1
content-length
118627
x-amz-id-2
JcfEyUkFmWdSKZj95GTwRqdhV0mVesfFV4FcIMOMGBJOonQdTRM7LTlo1hd3feflXv79/w7ON/E=
last-modified
Wed, 03 May 2023 04:01:19 GMT
server
AmazonS3
etag
"daa1b4ca869b9545009f2224c610e717"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=1200
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
modernizr.custom.js
static-assets.npr.org/static/javascript/lib/modernizr/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-assets.npr.org/static/javascript/lib/modernizr/modernizr.custom.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
907ea9db8dcc37d39bafb708da0587f1d5d0a6062b38072f4a8a2c937f4488ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
last-modified
Thu, 01 Sep 2022 15:36:44 GMT
etag
"cefa2999c346df576db1571179a30b2e:1662047040.94201"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=256224
accept-ranges
bytes
timing-allow-origin
*
content-length
3499
svg-loader.min.js
static-assets.npr.org/static/javascript/lib/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-assets.npr.org/static/javascript/lib/svg-loader.min.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
868a6e0b1de3d5354170751a8f94464b40741e54ca97200d1ff0a49519d44aa9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:17 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 17:40:16 GMT
etag
"ea58e4edd394259009511763d10fdd93:1681926136.717599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=355191
accept-ranges
bytes
timing-allow-origin
*
content-length
3003
/
js.stripe.com/v3/ 		471 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6c6ace8ca494bbaa48ca4462e46f0f9fd6c18060f78406c37020446011a7ee0f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 12 May 2023 00:10:18 GMT
via
1.1 varnish
age
14
x-cache
HIT
content-length
129653
x-request-id
5c7e0bd7-d2a7-45b5-bf01-909287ea1887
x-served-by
cache-yyz4525-YYZ
last-modified
Thu, 11 May 2023 20:30:30 GMT
server
Fastly
etag
"5222c9375d17217c9a2cc9e8240e0133"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4
33.a8cf164d6ef5d0d51d83.chunk.js
bundles.npr.org/dist/bundles/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bundles.npr.org/dist/bundles/33.a8cf164d6ef5d0d51d83.chunk.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6ae2307935e6ecb8e1ab0a354e8893c3e76524fdb34a2adbf699947bbd926ff3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:17 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2023 15:59:56 GMT
server
AkamaiNetStorage
etag
"77d1c857352fe3a6a0db430d35cd42fb:1683647996.638945"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31794
accept-ranges
bytes
timing-allow-origin
*
content-length
2785
expires
Fri, 12 May 2023 09:00:11 GMT
persistent-css-90c6727d4f9ef64cfc6c.css
bundles.npr.org/dist/bundles/ 		271 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bundles.npr.org/dist/bundles/persistent-css-90c6727d4f9ef64cfc6c.css
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
57dee34477b101dd863b576a1ac614c9f285e558769b47b2aff2c100e2881266

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:17 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2023 15:59:57 GMT
server
AkamaiNetStorage
etag
"e0d1473c29c5c8fc3bf5c56502f7f1a9:1683647997.676721"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=79671
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 22:18:08 GMT
persistent_medium-css-90c6727d4f9ef64cfc6c.css
bundles.npr.org/dist/bundles/ 		101 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bundles.npr.org/dist/bundles/persistent_medium-css-90c6727d4f9ef64cfc6c.css
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
87eafc724caa21b42a8a0488852e718a150bb80dc80c2ed86ceb7c7bd2d7a1ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:17 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2023 16:00:01 GMT
server
AkamaiNetStorage
etag
"a6b2df08d38ccf5ced57eab85e40d573:1683648001.122718"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43490
accept-ranges
bytes
timing-allow-origin
*
content-length
19176
expires
Fri, 12 May 2023 12:15:07 GMT
persistent_large-css-90c6727d4f9ef64cfc6c.css
bundles.npr.org/dist/bundles/ 		26 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bundles.npr.org/dist/bundles/persistent_large-css-90c6727d4f9ef64cfc6c.css
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
af72f6f8aec89faa50db5c5c8f5e29e9ea04955c873c59c174bad75b3fc25441

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:17 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2023 15:59:55 GMT
server
AkamaiNetStorage
etag
"1244ed094ad77cefa7eca96af64faea3:1683647995.372547"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=85307
accept-ranges
bytes
timing-allow-origin
*
content-length
7753
expires
Fri, 12 May 2023 23:52:04 GMT
fonts-css-90c6727d4f9ef64cfc6c.css
bundles.npr.org/dist/bundles/ 		165 KB
125 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bundles.npr.org/dist/bundles/fonts-css-90c6727d4f9ef64cfc6c.css
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
55b403bb290e6dff8563ef72b7d0436c9d75cff0f633a766d062431ecef8313c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:17 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2023 15:59:57 GMT
server
AkamaiNetStorage
etag
"de5e9ed88978eadd0e15e59afb296121:1683647997.746422"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31084
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 08:48:21 GMT
newsStory-css-90c6727d4f9ef64cfc6c.css
bundles.npr.org/dist/bundles/ 		307 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bundles.npr.org/dist/bundles/newsStory-css-90c6727d4f9ef64cfc6c.css
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ec72861d01529c263bda4e010b7be752402122f1d92b8791a2ec6cb9fb85131c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:17 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2023 16:00:00 GMT
server
AkamaiNetStorage
etag
"184ba570f8c5ebae5950232fa19a7d1c:1683648000.221476"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=79303
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 22:12:00 GMT
npr-logo.svg
media.npr.org/chrome_svg/ 		1001 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/chrome_svg/npr-logo.svg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
f706b55d047b48cadabd4fd6c3ad48a413cd96eb257f9faa0625fbdf93ab3d01
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
1001
x-xss-protection
1; mode=block
x-served-by
prod-web-20
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Apr 2023 16:26:35 GMT
server
Apache/2.4.25 (Debian)
etag
"3e9-5f9b2e335c4c0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 May 2023 00:10:18 GMT
music-logo-dark.svg
media.npr.org/chrome_svg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/chrome_svg/music-logo-dark.svg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
640ae5edaa96ef9ed6e2a4205debd81a6d785b88b689755843fa97238a5e2604
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
1709
x-xss-protection
1; mode=block
x-served-by
prod-web-3
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Apr 2023 16:26:35 GMT
server
Apache/2.4.25 (Debian)
etag
"6ad-5f9b2e335c4c0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 May 2023 00:10:18 GMT
music-logo-light.svg
media.npr.org/chrome_svg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/chrome_svg/music-logo-light.svg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
8730f88f0ca82a89a4d57269d485c0f728069df2bb5b362394d491977daca2b7
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
1696
x-xss-protection
1; mode=block
x-served-by
prod-web-50
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Apr 2023 16:26:35 GMT
server
Apache/2.4.25 (Debian)
etag
"6a0-5f9b2e335c4c0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 May 2023 00:10:18 GMT
chiara-eisner_sq-ec453c62c319430a41202807b8934a6296da431e.jpg
media.npr.org/assets/img/2022/07/18/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/assets/img/2022/07/18/chiara-eisner_sq-ec453c62c319430a41202807b8934a6296da431e.jpg?s=100&c=85&f=webp
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
23a1198790bf8dc8fee4786a0f701f663e4e9f5752f9deaa70ad6e68bccdce8d
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
2628
x-xss-protection
1; mode=block
x-served-by
prod-web-13
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 07 Mar 2023 17:48:04 GMT
server
Apache/2.4.25 (Debian)
etag
"a44-5f653037ce829"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=13259023
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 11:14:01 GMT
82089dfe-410c-4e1b-a7f9-698174b62a86.json
cdn.cookielaw.org/consent/82089dfe-410c-4e1b-a7f9-698174b62a86/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/82089dfe-410c-4e1b-a7f9-698174b62a86/82089dfe-410c-4e1b-a7f9-698174b62a86.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a1c12d5f09aa87f7ebf272386861586358152d0af351f112f456cf770d52863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/h/IIjqfGI5EqBJisg6huQ==
age
39667
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1706
x-ms-lease-status
unlocked
last-modified
Wed, 21 Dec 2022 15:27:10 GMT
server
cloudflare
etag
0x8DAE367D3F0FC9A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
490ee4bb-701e-00f3-04e1-5a0b8f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c5e70167994d14f-BUF
expires
Sat, 13 May 2023 00:10:18 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		78 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ed37e392b16dc80c3fe4470e3e48eb831b86dc84531de828b734190073d8062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7c5e7018da9bd15f-BUF
vary
Accept-Encoding
content-type
text/javascript
apstag.js
c.amazon-adsystem.com/aax2/ 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-230.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a95e7d0a3cb18909649c1c1cf3a03b867df399d7a68a95438700d0c250190ea5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 23:28:04 GMT
content-encoding
gzip
via
1.1 1bd7d779bed244375679d82e1821cc3c.cloudfront.net (CloudFront), 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, PHL51-P1
age
2535
x-amz-server-side-encryption
AES256
etag
W/"7495a9027cbb36cfc88c8eb9e9614a3b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
R6kSC9FEBGcDBJKdnYSnL5Pl5IrEmSlgqUkcP8J_kBr8Zd_x9HU1HQ==
gtm.js
www.googletagmanager.com/ 		286 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MVD397M
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
194770ceb65932caf6b0559b3efaaafa0e49277ab21c12207e2d87ac596c3c92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66314
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 May 2023 00:10:18 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		69 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7c5e7017890bd153-BUF
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.39.0/ 		372 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Zp/CcrZmK7hQ2S6c/t9Tpw==
age
46645
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
90454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:04 GMT
server
cloudflare
etag
0x8DA87805EB35DE2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
526a626c-301e-007c-66e1-5a45d3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c5e70181fc7d163-BUF
tinypass.min.js
cdn.piano.io/api/ 		340 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.piano.io/api/tinypass.min.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
526af0d18923aab3c743f0a4150f50edeee909d4733ea097d4958dfeccad1627
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:18 GMT
x-amz-version-id
1KjHa67u6wjoKfJ4aRVbE36Nd9AGxeAu
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
P6AJGZVXSH19GH5V
age
9356
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
8E9AG28V52eIVta0qZ8kKf/rC2cbJhl+nOfmH/rvF8sN8xu2hzoh8QjCaqPLxV13aJX80l06TCQ=
last-modified
Fri, 05 May 2023 12:02:46 GMT
server
cloudflare
etag
W/"617e46ba8633f008affde0c90abf7835"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7c5e7018db2ed157-BUF
expires
Fri, 12 May 2023 04:10:18 GMT
MBVDT-3L9KY-36ZMJ-SPSAR-JR833
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/MBVDT-3L9KY-36ZMJ-SPSAR-JR833
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:78e::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
br
last-modified
Sat, 29 Apr 2023 12:40:09 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
/
embed.documentcloud.org/documents/23809205-scans-3/ Frame C816 		388 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3c8c37ae73c3001f505645de9da73a6d67dd3ccbffb97dbb3e89289ff600b41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
14465
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c5e701989d61869-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 May 2023 00:10:18 GMT
etag
W/"dcd6e574168d92cb008cc6eae26d42ca-ssl"
server
cloudflare
strict-transport-security
max-age=31536000
x-nf-request-id
01H06MPK0VVPY7GG731CJ20GVW
truncated
/ 		856 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe130e8bf841c6bed02ef9f38e07d3abaff612f5cd1f3020ee43845be4c52d0a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
965a2655ce64dfe9fee42b6e69cba58d714c23f00d46f10f3774637c82cc9784

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7a86e9413e9320eb64d52828515bcde30ccde38da26badd525ef8e8170fe81f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		909 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
602187963620e652a6e7fe0fe349fc98d1d6951a9efcf0298c644c79675a074c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8a7fdf18aab5015ecaa66b5c292f3ff993fe8a8ff346241902dc1db64af582e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1d685aace2f629301e7d5779989357ee2cffc61f81a605972bfa9003dc0f471

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		199 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dd1e49600584510a5c52ba9c899c29c26e9fae674deeea59a7059c4650c14c1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6fba4c5b964dff7dcfba3a302ff78d58d632d50189605769fdd5dda96dfd247d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		648 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92047072731f67e0594f9e2b6adb9bea4fe99d9e55080c1a90b966b197f15bc5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
close-embed-modal.png
media.npr.org/chrome/av/ 		253 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/chrome/av/close-embed-modal.png
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/newsStory-css-90c6727d4f9ef64cfc6c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
ca86bb6aa731e5bc443d519ae7a793ba60918dedeb37aba45e47fd3d3a706ca1
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bundles.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
253
x-xss-protection
1; mode=block
x-served-by
prod-web-19
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Jan 2017 21:40:53 GMT
server
Apache/2.4.25 (Debian)
etag
"fd-545b038d93fe3"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 May 2023 00:10:18 GMT
truncated
/ 		663 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42ec977c258878fb47ecb040921c269b9ae2a74429d0844568303609a1cab52d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		938 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c6db46804e0ca353706750fb2f550844db3cd4ce5fcfa260de8f11906ebf6ac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
icon_enlarge.png
media.npr.org/chrome/ 		103 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/chrome/icon_enlarge.png
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/newsStory-css-90c6727d4f9ef64cfc6c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
73d975f8f4c0ce2cbca4d56543de540f7a10c24907ebdaddfaa5371ba84e1009
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bundles.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
103
x-xss-protection
1; mode=block
x-served-by
prod-web-27
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Jan 2017 21:41:37 GMT
server
Apache/2.4.25 (Debian)
etag
"67-545b03b738654"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 May 2023 00:10:18 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47f9cbdf2bf8db793126b55147af7b213861d28b9e94d438b656e10061bea3ae

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
759d606521bc4e22d8935f2c0b7c1b9dd3271753c6ff499a97a28d19976153d1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808decd57931c7cbb70aca026b11abf6587307214588c32174043ca016304dd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90e782af8bb58958c6613744b251581cc85af4e74dd2b854a9481b29c3805e4

Request headers

Referer
Origin
https://www.npr.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Request headers

Referer
Origin
https://www.npr.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd2a355066b220462c40ceac06a68dcbd084677e1d7b28b986fcecde56776f59

Request headers

Referer
Origin
https://www.npr.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
application/x-font-woff
all-things-considered.png
media.npr.org/chrome/programs/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/chrome/programs/logos/all-things-considered.png
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
b02f5bbb01389d85596616f1bf5fb0122113f8bbc1ba5edaf300b77241a1def3
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
3937
x-xss-protection
1; mode=block
x-served-by
prod-web-15
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Oct 2018 14:51:41 GMT
server
Apache/2.4.25 (Debian)
etag
"f61-57881ecbbd1fc"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 May 2023 00:10:18 GMT
fresh-air.png
media.npr.org/chrome/programs/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/chrome/programs/logos/fresh-air.png
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
81430397badb5c924cfe57e75049039040b81eed2a033e57475ffc6c0d01bfd6
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
3549
x-xss-protection
1; mode=block
x-served-by
prod-web-18
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Oct 2018 14:51:41 GMT
server
Apache/2.4.25 (Debian)
etag
"ddd-57881ecbcfadc"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 May 2023 00:10:18 GMT
up-first.jpg
media.npr.org/chrome/programs/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/chrome/programs/logos/up-first.jpg?version=2
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
d761bfbed54ff398aa3320e53b8fa5005810bed14d349c7f4d9b137d435c7674
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
3208
x-xss-protection
1; mode=block
x-served-by
prod-web-3
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Nov 2019 16:26:18 GMT
server
Apache/2.4.25 (Debian)
etag
"c88-596c420042a79"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:10:18 GMT
takingcover_final_sq-ffc9645406171f832e44717f71a072277edda564-s100-c100.jpg
media.npr.org/assets/img/2023/03/11/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/assets/img/2023/03/11/takingcover_final_sq-ffc9645406171f832e44717f71a072277edda564-s100-c100.jpg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
b764ce150169f8cb3de122209b93f8e73a0f31b7698bdaefad21703e1c3ea354
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
prod-web-49
strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
akamai-mon-iucid-del
28919
timing-allow-origin
*
content-length
17906
x-xss-protection
1; mode=block
expires
Wed, 08 Nov 2023 00:10:18 GMT
ltar_s2_tile_01_sq-19a778e240e99c795205cab72b2d6823001eb4af-s100-c100.png
media.npr.org/assets/img/2023/03/08/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/assets/img/2023/03/08/ltar_s2_tile_01_sq-19a778e240e99c795205cab72b2d6823001eb4af-s100-c100.png
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
16ab56bb6d9dcf2840347dab10701dd876a0d55b7d726ee65ccd15c1314b616a
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
18046
x-xss-protection
1; mode=block
x-served-by
prod-web-13
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 16 Mar 2023 15:16:09 GMT
server
Apache/2.4.25 (Debian)
etag
"467e-5f705f0baadef"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=10681577
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 15:16:35 GMT
ibam_tile-2023_sq-8be9968a8deb580001ff44c27f77dcc028095187-s100-c100.jpg
media.npr.org/assets/img/2023/02/27/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/assets/img/2023/02/27/ibam_tile-2023_sq-8be9968a8deb580001ff44c27f77dcc028095187-s100-c100.jpg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
f837562dd6fbf32c3e7fb4d5512bd04e57ca34e1bbb3487b61851ce734767777
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
prod-web-45
strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
akamai-mon-iucid-del
28919
timing-allow-origin
*
content-length
21405
x-xss-protection
1; mode=block
expires
Wed, 08 Nov 2023 00:10:18 GMT
life-kit_tile_npr-network-01_sq-200388bae100cab944ffa3655e7f3119e026d305-s100-c100.jpg
media.npr.org/assets/img/2022/09/23/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/assets/img/2022/09/23/life-kit_tile_npr-network-01_sq-200388bae100cab944ffa3655e7f3119e026d305-s100-c100.jpg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
65e230b9c1ae8bdf74c5d20452f594351cf384eb295dbd59b64e71b735847250
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
prod-web-17
strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
akamai-mon-iucid-del
28919
timing-allow-origin
*
content-length
12755
x-xss-protection
1; mode=block
expires
Wed, 08 Nov 2023 00:10:18 GMT
up-first_tile_npr-network-01_sq-cd1dc7e35846274fc57247cfcb9cd4dddbb2d635.jpg
media.npr.org/assets/img/2022/09/23/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/assets/img/2022/09/23/up-first_tile_npr-network-01_sq-cd1dc7e35846274fc57247cfcb9cd4dddbb2d635.jpg?s=1100&c=15&f=webp
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
a1e32578c5dee120197d9f57470184cdf19f37c299b654ac8fa82d1d6cc8661f
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
prod-web-45
strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=14564670
akamai-mon-iucid-del
28919
timing-allow-origin
*
content-length
11454
x-xss-protection
1; mode=block
expires
Fri, 27 Oct 2023 13:54:48 GMT
composite-6_wide-84cd023a8f2bdffc8557972038d07f02f92870b1-s800-c85.webp
media.npr.org/assets/img/2023/05/10/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/assets/img/2023/05/10/composite-6_wide-84cd023a8f2bdffc8557972038d07f02f92870b1-s800-c85.webp
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
2e5e286bb15b00e381cf69cabb0cc8ea0e78091d4fd544d61e5eee2ed6f6aeae
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
75384
x-xss-protection
1; mode=block
x-served-by
prod-web-45
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 May 2023 09:19:11 GMT
server
Apache/2.4.25 (Debian)
etag
"12678-5fb677b445aa5"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=15501738
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 10:12:36 GMT
quad-virginia-edit_custom-b72206d162c6bd50b989b3df13baf4f26211c0a2-s800-c85.webp
media.npr.org/assets/img/2023/05/10/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/assets/img/2023/05/10/quad-virginia-edit_custom-b72206d162c6bd50b989b3df13baf4f26211c0a2-s800-c85.webp
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
a48faa03a87b95518e2817d8306c508396132b37e539db394791ffba6eecc2bb
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
72890
x-xss-protection
1; mode=block
x-served-by
prod-web-45
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 May 2023 09:18:42 GMT
server
Apache/2.4.25 (Debian)
etag
"11cba-5fb67797e6f7a"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=15501896
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 10:15:14 GMT
electric-chair-edit_custom-eb64f2798005458feae543e8ca97c11726298eef-s300-c85.webp
media.npr.org/assets/img/2023/05/10/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/assets/img/2023/05/10/electric-chair-edit_custom-eb64f2798005458feae543e8ca97c11726298eef-s300-c85.webp
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
0f0a76d016777d7da8886e7a315c567cc4775625a8cd19e1a130b9f63511fa3e
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
prod-web-50
strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=15454354
akamai-mon-iucid-del
28919
timing-allow-origin
*
content-length
30298
x-xss-protection
1; mode=block
expires
Mon, 06 Nov 2023 21:02:52 GMT
morning-edition.jpg
media.npr.org/chrome/programs/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/chrome/programs/logos/morning-edition.jpg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
fd0e391aa29b2d68f0382b95e93ef92288cffb43a9fb371360dc52f11fc1e548
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
2104
x-xss-protection
1; mode=block
x-served-by
prod-web-20
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Oct 2018 14:51:41 GMT
server
Apache/2.4.25 (Debian)
etag
"838-57881ecc3ffbc"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:10:18 GMT
apple-podcasts.svg
media.npr.org/chrome_svg/podcasts/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.npr.org/chrome_svg/podcasts/apple-podcasts.svg
Requested by
Host: static-assets.npr.org
URL: https://static-assets.npr.org/static/javascript/lib/svg-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:4a0::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
1af8ce1e16a862b7a82ea2835feac4774b1ac55cbc03f8ca1e563043acd2296c
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
4029
x-xss-protection
1; mode=block
x-served-by
prod-web-19
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Apr 2023 16:26:35 GMT
server
Apache/2.4.25 (Debian)
etag
"fbd-5f9b2e335c4c0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 May 2023 00:10:18 GMT
spotify.svg
media.npr.org/chrome_svg/podcasts/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.npr.org/chrome_svg/podcasts/spotify.svg
Requested by
Host: static-assets.npr.org
URL: https://static-assets.npr.org/static/javascript/lib/svg-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:4a0::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
b47fda20f5db9b11b7d9a8857e5342648875c9c511332b2a7ea80d527477ad37
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
1142
x-xss-protection
1; mode=block
x-served-by
prod-web-19
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Apr 2023 16:26:35 GMT
server
Apache/2.4.25 (Debian)
etag
"476-5f9b2e335c4c0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 May 2023 00:10:18 GMT
google-podcasts.svg
media.npr.org/chrome_svg/podcasts/ 		4 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.npr.org/chrome_svg/podcasts/google-podcasts.svg
Requested by
Host: static-assets.npr.org
URL: https://static-assets.npr.org/static/javascript/lib/svg-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:4a0::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
6f0280925dc8b1ff2a60804fbf9ed4fa1b57255e8d1c06effb7ed778772309c5
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
4442
x-xss-protection
1; mode=block
x-served-by
prod-web-17
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Apr 2023 16:26:35 GMT
server
Apache/2.4.25 (Debian)
etag
"115a-5f9b2e335c4c0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 May 2023 00:10:18 GMT
icon-email-333.svg
media.npr.org/chrome_svg/social-icons/story-pages/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.npr.org/chrome_svg/social-icons/story-pages/icon-email-333.svg
Requested by
Host: static-assets.npr.org
URL: https://static-assets.npr.org/static/javascript/lib/svg-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:4a0::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
bd590f1358d2daf65865f5f32d51a3972fee0812b82c55bc22d1641dce4af3b0
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:18 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
1543
x-xss-protection
1; mode=block
x-served-by
prod-web-17
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Apr 2023 16:26:35 GMT
server
Apache/2.4.25 (Debian)
etag
"607-5f9b2e335c4c0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 May 2023 00:10:18 GMT
en.json
cdn.cookielaw.org/consent/82089dfe-410c-4e1b-a7f9-698174b62a86/07422caf-dd0c-49ef-beed-17c5ce557396/ 		211 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/82089dfe-410c-4e1b-a7f9-698174b62a86/07422caf-dd0c-49ef-beed-17c5ce557396/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
361f0eb3651b2cd65fe34ef9e5f19f4dd707f1fc4b532e4a266d41215717d17c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vNTPEzzSxtDmHzfr4v/ZQg==
age
68149
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
37444
x-ms-lease-status
unlocked
last-modified
Wed, 21 Dec 2022 15:27:18 GMT
server
cloudflare
etag
0x8DAE367D903901E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8014b55c-e01e-0117-74e1-5a5ed0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c5e701919dcd14f-BUF
expires
Sat, 13 May 2023 00:10:18 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xx897lTVYGjMQiwuGCrzDA==
age
68149
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:55 GMT
server
cloudflare
etag
0x8DA87805972EF22
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6f9346ba-d01e-00f5-7fe1-5afcf7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c5e7019b9f9d14f-BUF
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
331852fd9912583b03043c973d33d23b2711924f3731bd8bcd31b7000a6d4a60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
444ho/eGhWdN7ej7RCW2zw==
age
68149
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13253
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:57 GMT
server
cloudflare
etag
0x8DA87805AD77A2D
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
c27ff170-c01e-0144-7fe1-5a42df000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c5e7019b9fbd14f-BUF
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 		22 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 00:10:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
B55i3ZY9miZIaUrwjufy0w==
age
68149
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7e19b7df-801e-0003-0de1-5adbe1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7c5e7019c9fcd14f-BUF
config
c.amazon-adsystem.com/cdn/prod/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5116&u=https%3A%2F%2Fwww.npr.org
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-230.phl51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 21:19:32 GMT
via
1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
age
10246
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.npr.org
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
8lVZx0FYKX4iiFI-mEvnnXWCxWWURxSbaL4dka4hMY_QE6A0SQJEHA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-230.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 21:16:55 GMT
x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
10404
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
fipT4ioqyb2ezdRlj8dtQY88bVQAFk3LE5-L0Xkdnz4FU87yoo_muw==
global.css
embed.documentcloud.org/ Frame C816 		141 B
284 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.documentcloud.org/global.css
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2363775ae69c16cf10895c1f0ac1dc974e059403abd16796b9c63bd32bc0988d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id
01H038JFHCDKF0F2D1CG2437V2
date
Fri, 12 May 2023 00:10:18 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
113381
etag
W/"ca78e1bed267e5b8023f359408b8d4d9-ssl"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public,max-age=86400,s-maxage=604800,immutable
cf-ray
7c5e701a4a841869-EWR
bundle.ce8e06f145c61c4b62f6.css
embed.documentcloud.org/ Frame C816 		22 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.documentcloud.org/bundle.ce8e06f145c61c4b62f6.css
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f195058493a01a281f2d262b43fe010473d8ef66860d77f8ee2261f34b0ab0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id
01H02ZQS2CY1B2FVFSGSRRYD2X
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cf-cache-status
HIT
server
cloudflare
age
122644
etag
"a927a6b3f16a489bd4d7334d5ac69ed8-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public,max-age=604800,immutable
accept-ranges
bytes
cf-ray
7c5e701a4a861869-EWR
content-length
2875
bundle.702525c4dda0a6091211.js
embed.documentcloud.org/ Frame C816 		420 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.documentcloud.org/bundle.702525c4dda0a6091211.js
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
203a2c3a6529e474db0ac571f8f9868fcb08096513d779f8a9c71eafd8062588
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id
01H066X5H1B3N168AA2DB1VFDV
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cf-cache-status
HIT
server
cloudflare
age
14464
etag
"90512738ab364d23887e8c7a57979b08-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=604800,immutable
cf-ray
7c5e701a4a871869-EWR
25.c70c2875394d9c76c37e.js
embed.documentcloud.org/ Frame C816 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.documentcloud.org/25.c70c2875394d9c76c37e.js
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/bundle.702525c4dda0a6091211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9df8813296bb5309dc02af567d86b921296a7e55665f47983094b291b12724e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id
01H066X5V8J4CPX3NZ3D5XC8D6
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cf-cache-status
HIT
server
cloudflare
age
14464
etag
"940b92e44c5254520b30d7ba487b6752-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=604800,immutable
cf-ray
7c5e701b4b471869-EWR
19.29664d1396fd3a2ec10a.js
embed.documentcloud.org/ Frame C816 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.documentcloud.org/19.29664d1396fd3a2ec10a.js
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/bundle.702525c4dda0a6091211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74fc56f0c75c533f69e18fb155d4d3a46fa5cbb58dd81fbac71db76a66645c6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id
01H02ZQSB8D7SZH5DSQHG83Z2V
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cf-cache-status
HIT
server
cloudflare
age
122644
etag
"940570aca7cf2aca0806d17ba4a88882-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=604800,immutable
accept-ranges
bytes
cf-ray
7c5e701b6b611869-EWR
content-length
8886
0.1d6ebb1b8dd58c003039.css
embed.documentcloud.org/ Frame C816 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.documentcloud.org/0.1d6ebb1b8dd58c003039.css
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/bundle.702525c4dda0a6091211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f69e56d9811fa9a411b628f963d60727ec1100a583774f037ef5a81cffc4a3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id
01H02ZQSBATBA6HH5MG7ZYB916
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cf-cache-status
HIT
server
cloudflare
age
122644
etag
"763d885f81aaa9f2ab0a01c930142045-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public,max-age=604800,immutable
accept-ranges
bytes
cf-ray
7c5e701b6b631869-EWR
content-length
2268
0.6ca1053ea22c467273a5.js
embed.documentcloud.org/ Frame C816 		21 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.documentcloud.org/0.6ca1053ea22c467273a5.js
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/bundle.702525c4dda0a6091211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
826c57348a6f162323dda2130f888219d675fcefb29f724a3d01a9fabf841aaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id
01H02ZQSB9CRB52315APZB63X8
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cf-cache-status
HIT
server
cloudflare
age
122644
etag
"390806c4baee0be0f2885649e4b5d55e-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=604800,immutable
accept-ranges
bytes
cf-ray
7c5e701b6b661869-EWR
content-length
3412
1.857e9664fbe2d1e276b8.css
embed.documentcloud.org/ Frame C816 		53 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.documentcloud.org/1.857e9664fbe2d1e276b8.css
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/bundle.702525c4dda0a6091211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cc47bf26342bb1fa15f3655f9cdf1fcd676313d60f48f959b196d5e58abb441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id
01H02ZQSB5JN28ZFDM0Q75WJAF
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cf-cache-status
HIT
server
cloudflare
age
122644
etag
"c8556061afb57afe00ce2f95a275ad4f-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public,max-age=604800,immutable
cf-ray
7c5e701b6b671869-EWR
1.1684ea7235b0e1a7d81c.js
embed.documentcloud.org/ Frame C816 		137 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.documentcloud.org/1.1684ea7235b0e1a7d81c.js
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/bundle.702525c4dda0a6091211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eff049e6709161aefb01e4913051076ef296be633b0b21f6b3c89756f36e5307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id
01H02ZQSB8XWK3PSFJH5S7XPMN
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cf-cache-status
HIT
server
cloudflare
age
122644
etag
"8eb958d0b5321c4136e2d8df2db9ddb1-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=604800,immutable
accept-ranges
bytes
cf-ray
7c5e701b6b681869-EWR
content-length
21337
9.94cb3c6a800bdbd15b25.css
embed.documentcloud.org/ Frame C816 		141 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.documentcloud.org/9.94cb3c6a800bdbd15b25.css
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/bundle.702525c4dda0a6091211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b0d214f9c234a924f9303a2d9149948594be2b0387a410fd5541a72c43a84b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id
01H02ZQSB7K31ZWHRXJXB51BYZ
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cf-cache-status
HIT
server
cloudflare
age
122644
etag
"92eddbb6cebc87789ddfe5f12fc97e5e-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public,max-age=604800,immutable
accept-ranges
bytes
cf-ray
7c5e701b6b691869-EWR
content-length
6946
9.b22e17d87e52e1069500.js
embed.documentcloud.org/ Frame C816 		305 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.documentcloud.org/9.b22e17d87e52e1069500.js
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/bundle.702525c4dda0a6091211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dce8bdec0e2d7fc1f93e9d24be027bde68f66527d5516a5a42564d6951ccdd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/documents/23809205-scans-3/?embed=1&responsive=1&title=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id
01H02ZQSB7QRHVS7XF5M07RJR4
date
Fri, 12 May 2023 00:10:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cf-cache-status
HIT
server
cloudflare
age
122644
etag
"404e7d4a180abbdb127279d85ad50291-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=604800,immutable
accept-ranges
bytes
cf-ray
7c5e701b6b6a1869-EWR
content-length
45615
/
api.www.documentcloud.org/api/documents/23809205/ Frame C816 		27 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.www.documentcloud.org/api/documents/23809205/?expand=user%2Corganization%2Cnotes%2Csections%2Cnotes.organization%2Cnotes.user
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/bundle.702525c4dda0a6091211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9cc850000ea176905f2f4ea82de7d5e5ef8ab93cf64461a6d91a733158f3cd1
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://embed.documentcloud.org/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:18 GMT
strict-transport-security
max-age=60; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 vegur
age
86
content-encoding
gzip
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 12 May 2023 00:08:52 GMT
server
cloudflare
x-frame-options
DENY
vary
Cookie, Accept, Origin, Accept-Language, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://embed.documentcloud.org
content-language
en
cache-control
public, max-age=600
access-control-allow-credentials
true
allow
GET, PUT, PATCH, DELETE, HEAD, OPTIONS
cf-ray
7c5e701b8b8f1869-EWR
apstag.js
c.amazon-adsystem.com/aax2/ 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-230.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a95e7d0a3cb18909649c1c1cf3a03b867df399d7a68a95438700d0c250190ea5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 23:28:04 GMT
content-encoding
gzip
via
1.1 1bd7d779bed244375679d82e1821cc3c.cloudfront.net (CloudFront), 1.1 2c547accf8ccad9698aef4c1dc4ac0d2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, PHL51-P1
age
2535
x-amz-server-side-encryption
AES256
etag
W/"7495a9027cbb36cfc88c8eb9e9614a3b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
7mHTF7q2HNUzUkFknpqbIA15DNxdY-zp84EnhO-U_srkSnrJBnD4Kw==
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:aa20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:18 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SSAKZRAZJ66BCBN0
age
6652
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
VhODtMAeP4FWRuI8Wnnku6v2PgthX3AoWjN9ssKBnnNGJi+/UEqWe7x6g3eJD6xtiiDVqbOh250=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFbm8FlNTTRA30CjIqaKh0Xch1SGa01Xu4%2BWJiRQJmW3EB21IArdJBUEC7QpbOslxPL7YqN1zUsaAWTT5ZbDc7ql3JQOmCtvI6eKuaA7k653evbnvk69%2BAEeQYlGgEFtpkSSb4VMrM9fvB6cDi8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
7c5e701c3c97421f-EWR
11107397707.js
cdn.optimizely.com/js/ 		368 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/11107397707.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:79b::13b8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccd58a79f3d3a3d5efdebfeabee337687299d5fb4639c98473945eed036b61a8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
hapr7wD0uqQkNZi8R.9z8yQDcNknSJvP
content-encoding
gzip
date
Fri, 12 May 2023 00:10:18 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
VSJZ17RMNCZYG496
x-amz-server-side-encryption
AES256
x-amz-meta-revision
5618
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="47";dur=0,cdnip;desc="2600:141b:13:79b::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="467736_388993430_430575460_30_2272_47_0";dur=1
content-length
118627
x-amz-id-2
JcfEyUkFmWdSKZj95GTwRqdhV0mVesfFV4FcIMOMGBJOonQdTRM7LTlo1hd3feflXv79/w7ON/E=
last-modified
Wed, 03 May 2023 04:01:19 GMT
server
AmazonS3
etag
"daa1b4ca869b9545009f2224c610e717"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=1200
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
npr-logo-rgb-white-border.png
cdn.cookielaw.org/logos/26b1c6a2-1285-46a9-a3af-3a0d7ddde52e/82089dfe-410c-4e1b-a7f9-698174b62a86/8edc49d4-62e4-4635-b6e1-6d38b029eb25/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/26b1c6a2-1285-46a9-a3af-3a0d7ddde52e/82089dfe-410c-4e1b-a7f9-698174b62a86/8edc49d4-62e4-4635-b6e1-6d38b029eb25/npr-logo-rgb-white-border.png
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e648861094dd784d862b00417d495e89b775ded1196f44cf9bd238675b07b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 00:10:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8EfOxdz7xyLJO0ioRc+MEQ==
age
68148
content-length
16547
x-ms-lease-status
unlocked
last-modified
Thu, 19 May 2022 20:41:01 GMT
server
cloudflare
etag
0x8DA39D7E31546C9
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
c992ccf7-901e-013a-4fe1-5add10000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c5e701bb87bd163-BUF
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 May 2023 00:10:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
70905
x-ms-lease-status
unlocked
last-modified
Tue, 09 May 2023 06:38:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
bf57cf4e-901e-009f-0e9c-82a05c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7c5e701bb87cd163-BUF
source-sans-pro-v21-latin-regular.woff2
embed.documentcloud.org/fonts/ Frame C816 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://embed.documentcloud.org/fonts/source-sans-pro-v21-latin-regular.woff2
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/bundle.ce8e06f145c61c4b62f6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://embed.documentcloud.org/bundle.ce8e06f145c61c4b62f6.css
Origin
https://embed.documentcloud.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id
01H038K9C6ZCE4MGVN8CPTQ3MM
date
Fri, 12 May 2023 00:10:18 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
server
cloudflare
etag
"86b301c6c94722ecac1c7b39b316289e-ssl"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
7c5e701bbbf21869-EWR
content-length
13036
config.json
c.go-mpulse.net/api/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=MBVDT-3L9KY-36ZMJ-SPSAR-JR833&d=www.npr.org&t=5612834&v=1.720.0&sl=0&si=ce6a02ec-9937-4d65-8f32-55ab80fa53ba-ruir55&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=290690
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/MBVDT-3L9KY-36ZMJ-SPSAR-JR833
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:6ac::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a0936f9df1b4c7049ad1e276809285abcbf955ee30bedf624086704be55627a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 00:10:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1065
truncated
/ Frame C816 		123 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
964f619d79d4ebc1522aa1780158dfe8457d5db1cef4dcc8d3aa25a254b381ad

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
source-sans-pro-v21-latin-700.woff2
embed.documentcloud.org/fonts/ Frame C816 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://embed.documentcloud.org/fonts/source-sans-pro-v21-latin-700.woff2
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/bundle.ce8e06f145c61c4b62f6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://embed.documentcloud.org/bundle.ce8e06f145c61c4b62f6.css
Origin
https://embed.documentcloud.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id
01H06GQ9XSZTZK6W4Q5TKVCTX5
date
Fri, 12 May 2023 00:10:19 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
server
cloudflare
etag
"c7ea3359e11efe268e3f3ed3b8f31002-ssl"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
7c5e701c7c961869-EWR
content-length
12924
scans-3.txt.json
s3.documentcloud.org/documents/23809205/ Frame C816 		33 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3.documentcloud.org/documents/23809205/scans-3.txt.json
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/bundle.702525c4dda0a6091211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:c91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ef7307726985e3a8e86d41b86990f7c48c5018aa57eb39a23814b92f15dbd6

Request headers

Accept
application/json, text/plain, */*
Referer
https://embed.documentcloud.org/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
2FMQ9AVY9M4ZZ9N0
age
2837
x-amz-server-side-encryption
AES256
x-amz-id-2
c0rgaQ/yMNside1xUPEX5QPJ6tElrQKZOasE3SOPucI/RmbCxAAoK3ymU6MUjFJDSCdTc6NNx2lr9HGhW7ePog==
last-modified
Thu, 11 May 2023 20:15:40 GMT
server
cloudflare
etag
W/"89f516f72f63db4af1d9c1c6de65a654"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
cf-ray
7c5e701d5e5c184d-EWR
a11107397707.html
a11107397707.cdn.optimizely.com/client_storage/ Frame 9EF0 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a11107397707.cdn.optimizely.com/client_storage/a11107397707.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/11107397707.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.24.31 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-24-31.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6cda543524d4a103d7fcb7a11c85b15f25204e637d7baf218dbe6fb886453c17
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
783
content-type
text/html; charset=utf-8
date
Fri, 12 May 2023 00:10:19 GMT
etag
"52c9da6b76c112153ce2dcbf81f0bb0b"
last-modified
Wed, 03 May 2023 04:01:05 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="54";dur=0,cdnip;desc="23.192.24.31";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="467736_3501799259_157787490_23_1339_54_0";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
P1SvoClqW5j8RvlrGXB2D+1LEdDsVUQuVP5zOOAFYLqv2Fnrg+reFywOBzA717JAwP+IYKUMn4M=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
Y4RXNRDEN6Q5CXCQ
x-amz-server-side-encryption
AES256
x-amz-version-id
zIcLsAyUjnC1fALA9HaiW2Qbrdf7c3Sc
scans-3-p1.position.json
s3.documentcloud.org/documents/23809205/pages/ Frame C816 		36 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3.documentcloud.org/documents/23809205/pages/scans-3-p1.position.json?ts=1683836140520
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/bundle.702525c4dda0a6091211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:c91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec7308df29f86d74aaf0ca6a024bb4f402c155169fe18bcd4ac6b2e9bd109c89

Request headers

Accept
application/json, text/plain, */*
Referer
https://embed.documentcloud.org/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
Q2XKZX1ZEWDF2PJV
age
6844
x-amz-server-side-encryption
AES256
x-amz-id-2
810u4EfyApnQTupc5E5Nj7c4UiJPi0RBy3K+O9Y7ECyglmHrFV3esePoyrAa6jPSXC/7NvcRcYI=
last-modified
Wed, 10 May 2023 16:50:29 GMT
server
cloudflare
etag
W/"2fc65dfbf5d12870f8b992f93b012075"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
cf-ray
7c5e701d5e5e184d-EWR
scans-3-p2.position.json
s3.documentcloud.org/documents/23809205/pages/ Frame C816 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3.documentcloud.org/documents/23809205/pages/scans-3-p2.position.json?ts=1683836140520
Requested by
Host: embed.documentcloud.org
URL: https://embed.documentcloud.org/bundle.702525c4dda0a6091211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:c91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466bab5da5ac2110d6e1b542d66e2f29606314e22f0870d64b78001e5ed0261c

Request headers

Accept
application/json, text/plain, */*
Referer
https://embed.documentcloud.org/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
AVJFC0CXFA8VBW2X
age
6664
x-amz-server-side-encryption
AES256
x-amz-id-2
L4DmgOE4Bhqyn7hITNQDOz+xcS16nJGNWejaLfL4TVntqis7EzwHuh0uBN1/h9vEdNCFyqKa7sY=
last-modified
Wed, 10 May 2023 16:50:27 GMT
server
cloudflare
etag
W/"52349dc0af2d721f7f8dc83a4fa882fb"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
cf-ray
7c5e701d5e5d184d-EWR
scans-3-p1-thumbnail.gif
s3.documentcloud.org/documents/23809205/pages/ Frame C816 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.documentcloud.org/documents/23809205/pages/scans-3-p1-thumbnail.gif?ts=1683836140520
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6e41b95cc960d2f92a9d8bdef50142f097f0477d03a96b9ec5615ca5c583f91

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 16:50:18 GMT
server
cloudflare
x-amz-request-id
Q2XPQDTYVYQKQ5H1
age
6844
etag
"41f82c70c666babb56d160d7f14ede36"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
image/gif
accept-ranges
bytes
cf-ray
7c5e701dee051869-EWR
content-length
5644
x-amz-id-2
+jU8z94RKTgUtzLrwpXJOT48zA8vChlu0wxBE870Kec4Y3DDm52LyyGDiLLCBJBHH8onBwM6CbQ=
scans-3-p1-normal.gif
s3.documentcloud.org/documents/23809205/pages/ Frame C816 		475 KB
475 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.documentcloud.org/documents/23809205/pages/scans-3-p1-normal.gif?ts=1683836140520
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20e6a8cb49b71922bfe3ee576430a68e47670af478be680c8f97131aa89a308c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 16:50:18 GMT
server
cloudflare
x-amz-request-id
Q2XW42G6HSBKYSTF
age
6844
etag
"87fc35b5256d3d133179902ec696bdcb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
image/gif
accept-ranges
bytes
cf-ray
7c5e701dee071869-EWR
content-length
486093
x-amz-id-2
9QKgB+D6C3x2Z0J5CK60LcAXx1sVGnnlgaoFnpqwUEH1xFPv0sto7skmlS0WYZCaAMh0tbTbFrc=
scans-3-p2-thumbnail.gif
s3.documentcloud.org/documents/23809205/pages/ Frame C816 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.documentcloud.org/documents/23809205/pages/scans-3-p2-thumbnail.gif?ts=1683836140520
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a36447245b4088b0f21215e07ff6bd5801521fc542fb5c6026e61b071760576

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 16:50:20 GMT
server
cloudflare
x-amz-request-id
P3H9DJ1FFK7QC0NV
age
6359
etag
"c34b8d3a0ce471f6355f79abd93592f8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
image/gif
accept-ranges
bytes
cf-ray
7c5e701dee091869-EWR
content-length
5052
x-amz-id-2
UD6ugmvremrP6Y1dvDjLZffrqgCHp0ZdaE2nOzV1EbCPcYNNZ9SbCtldrSccKjN70klLtMJ/pMgGArvgcbz4fg==
scans-3-p2-normal.gif
s3.documentcloud.org/documents/23809205/pages/ Frame C816 		432 KB
433 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.documentcloud.org/documents/23809205/pages/scans-3-p2-normal.gif?ts=1683836140520
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b64a59e71d5a31cca279801bd73fd7206af0af416ad03d41c9c8d2a265389f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.documentcloud.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 16:50:19 GMT
server
cloudflare
x-amz-request-id
P3H1XF1XZN71P4V9
age
6360
etag
"94252b9009c8b47684a6b76a96343edd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
image/gif
accept-ranges
bytes
cf-ray
7c5e701dee0a1869-EWR
content-length
442736
x-amz-id-2
1mQ5aBmcV2Q2abrjxAYRnPL8pmxWL8FnMjovOouT2kA8Qn2hieLhIzBKI54iIQPQNCwrP0ObcY0bDweiSfUlFA==
1.a5ad0bdd1934ef797e6d.chunk.js
bundles.npr.org/dist/bundles/ 		266 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bundles.npr.org/dist/bundles/1.a5ad0bdd1934ef797e6d.chunk.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a92479c7d4ec68714a0e8ecbe13984b698a7a2b30cd61736ecb9472a5a027bd6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2023 15:59:57 GMT
server
AkamaiNetStorage
etag
"452180b0c05903eea8e08622a8e45375:1683647997.571545"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=70657
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 19:47:56 GMT
2.b9188048d7bbc76a3fcd.chunk.js
bundles.npr.org/dist/bundles/ 		157 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bundles.npr.org/dist/bundles/2.b9188048d7bbc76a3fcd.chunk.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f9640b6bc7993b8073d596c44fb5872dad2c50e87cf088eb461eddd1af3f3026

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2023 16:00:01 GMT
server
AkamaiNetStorage
etag
"9482002a3c3904069ec9dbed2ccd192e:1683648001.808845"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=75311
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:05:30 GMT
3.f20b8625042a6627ed11.chunk.js
bundles.npr.org/dist/bundles/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bundles.npr.org/dist/bundles/3.f20b8625042a6627ed11.chunk.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8fe18e5c207388c0eca318a5cf1c8cfd98e94575497ec1cec755537ce251762a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2023 15:59:55 GMT
server
AkamaiNetStorage
etag
"7e7e9b4eee0512a3f4c1f8e3167d791d:1683647995.124504"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=61381
accept-ranges
bytes
timing-allow-origin
*
content-length
11847
expires
Fri, 12 May 2023 17:13:20 GMT
98.22052bf67bafc9947a72.chunk.js
bundles.npr.org/dist/bundles/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bundles.npr.org/dist/bundles/98.22052bf67bafc9947a72.chunk.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
85fb8a4562f4917f5764bd13b04a7b71b09680c7194cd017e9f40a0e04829634

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2023 16:00:01 GMT
server
AkamaiNetStorage
etag
"f97c217525363f062432e36a745ca012:1683648001.629397"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=70749
accept-ranges
bytes
timing-allow-origin
*
content-length
4498
expires
Fri, 12 May 2023 19:49:28 GMT
75.d2237d2851c94422b7ff.chunk.js
bundles.npr.org/dist/bundles/ 		810 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bundles.npr.org/dist/bundles/75.d2237d2851c94422b7ff.chunk.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
00f142b983b09c0f5c06945aa3a61bcd34982161c0504c91b2ec5cd500cf1c3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2023 16:00:00 GMT
server
AkamaiNetStorage
etag
"776fc3558a5f9d614387e86af9a2d084:1683648000.569566"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=79331
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 22:12:30 GMT
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 75C0 		200 B
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
11015515
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 12 May 2023 00:10:19 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Wed, 21 Dec 2022 18:20:45 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
34917
x-content-type-options
nosniff
x-request-id
0e57efae-a9f4-4b53-bf79-25f4d1ecf4f0
x-served-by
cache-yyz4525-YYZ
csp-report
q.stripe.com/ Frame 75C0 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1683850219778852
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1683850219778582
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 75C0 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1683850219778848
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1683850219778615
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 75C0 		631 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 12 May 2023 00:10:19 GMT
via
1.1 varnish
age
15480317
x-cache
HIT
content-length
332
x-request-id
5fdda461-3a47-419e-9538-8b724ec0bd71
x-served-by
cache-yyz4525-YYZ
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
29960
/
68794905.akstat.io/ 		0
200 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://68794905.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/MBVDT-3L9KY-36ZMJ-SPSAR-JR833
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:78e::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:19 GMT
content-type
image/gif
access-control-allow-origin
https://www.npr.org
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Fri, 12 May 2023 00:10:19 GMT
inner.html
m.stripe.network/ Frame 9DF4 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
207
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 12 May 2023 00:10:19 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
105
x-content-type-options
nosniff
x-request-id
ce45ac48-813e-4a0d-8992-927f5a1eb9f0
x-served-by
cache-yyz4525-YYZ
x-timer
S1683850220.547812,VS0,VE0
csp-report
q.stripe.com/ Frame 9DF4 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1683850219779175
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1683850219778640
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.42.js
m.stripe.network/ Frame 9DF4 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Fri, 12 May 2023 00:10:19 GMT
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 varnish
age
27
x-cache
HIT
content-length
16031
x-request-id
e9e7e7eb-e625-4d9d-be45-4a2d14c8e2f7
x-served-by
cache-yyz4525-YYZ
server
Fastly
x-timer
S1683850220.599350,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
18
6
m.stripe.com/ Frame 9DF4 		156 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.115.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-115-43.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3234277035affe05246eb12cceb5c3ba40e1fc50c9e90c9e84e28452e0e9ece
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 12 May 2023 00:10:20 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1683850220206546
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1683850220206267
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
bid
aax.amazon-adsystem.com/e/dtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5116&u=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&pid=U3xznMJsOAt4U&cb=0&ws=1600x1200&v=23.505.1627&t=1000&slots=%5B%7B%22sd%22%3A%22ad-backstage-News_Investigations%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F6735%2Fn6735.NPR%2FNews_Investigations%22%7D%2C%7B%22sd%22%3A%22ad-secondary-News_Investigations%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F6735%2FNPRSecondary%2FNews_Investigations%22%7D%2C%7B%22sd%22%3A%22ad-third-News_Investigations%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6735%2FNPRThird%2FNews_Investigations%22%7D%2C%7B%22sd%22%3A%22ad-standard-News_Investigations%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F6735%2Fn6735.NPR%2FNews_Investigations%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
195181727ea14f0bcdb964905bf243aff4eed91c722c5c6a5c57488c61812218
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-amz-rid
X4DRM6S5J59BQCR304A3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.npr.org
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1253
x-amz-cf-id
lk4nWp0laP38pL0rQkj8NQB2Rq_z-jq5edBSEnBZVrBJVE62L3kR0A==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/162268/7835/ 		525 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.d2237d2851c94422b7ff.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
55274b5eccbb145d96c31f4395d4d1d8ea783bfea7f1a3cc1aa4cb946a0ab5f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
content-encoding
gzip
last-modified
Tue, 25 Apr 2023 14:35:26 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=53837
accept-ranges
bytes
content-length
156628
expires
Fri, 12 May 2023 15:07:36 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.d2237d2851c94422b7ff.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 11 May 2023 23:55:21 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
899
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 12 May 2023 01:55:21 GMT
gtm.js
www.googletagmanager.com/ 		286 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MVD397M
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
194770ceb65932caf6b0559b3efaaafa0e49277ab21c12207e2d87ac596c3c92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66314
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 May 2023 00:10:19 GMT
recommendations
api.npr.org/stationfinder/v3/stations/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.npr.org/stationfinder/v3/stations/recommendations
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.d2237d2851c94422b7ff.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
216.35.221.71 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
af405f77a0f55a0cb65e56b82f45b7b11f5e7d3b7844bca53b7bd9d34dcdf33b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

X-Served-By
prod-web-44
Date
Fri, 12 May 2023 00:10:20 GMT
Content-Encoding
gzip
Server
Apache/2.4.25 (Debian)
X-Powered-By
PHP/7.4.14
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
application/json;
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
Keep-Alive
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=4985
Content-Length
2680
Expires
Fri, 12 May 2023 00:10:20 GMT
spiking-stories
www.npr.org/proxy/ 		2 B
741 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.npr.org/proxy/spiking-stories
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.d2237d2851c94422b7ff.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires
Fri, 12 May 2023 00:10:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
date
Fri, 12 May 2023 00:10:19 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
x-served-by
pod-www-render-nginx-787647677d-222c8
content-type
application/json
access-control-allow-origin
https://www.npr.org
cache-control
no-cache
access-control-allow-credentials
true
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467736_1749903243_302872084_36_8505_41_0";dur=1
content-length
2
x-xss-protection
1; mode=block
x-npr-trace-id
renjnJHi2b3
truncated
/ 		901 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24713d9602b5912dc8610cc4920378e39053cfaab46efc0e5b3ded9bed899475

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
api.js
www.google.com/recaptcha/ 		850 B
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.d2237d2851c94422b7ff.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dec366ad7034dda578b6f098d455487176a8cee3160c75cbd1eba0d77ce0b01a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
551
x-xss-protection
1; mode=block
expires
Fri, 12 May 2023 00:10:20 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.d2237d2851c94422b7ff.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b371c895a5881161a32ef477714929cd097a7c889cc4ea59038ea7ad8fa5a948
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25253
x-xss-protection
0
server
cafe
etag
423 / 19489 / m202305090101 / config-hash: 7593482187646896781
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 00:10:20 GMT
grumi-ip.js
rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.d2237d2851c94422b7ff.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:5a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 23:15:07 GMT
x-amz-version-id
DuJR1hVAvVhDHML78yIw9xWnN.jnHD8G
content-encoding
br
last-modified
Mon, 27 Mar 2023 06:19:38 GMT
server
AmazonS3
via
1.1 33529157e9445af08b5b7d15e72166ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
etag
W/"22b4da07003fc88ea067e3f866ea9c5a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
3314
x-amz-cf-id
0KkZIqFrF7-dBYsWY-e-ocFW6Vbf0nErb4phRjvQGxzYDS5RoBoy5g==
truncated
/ 		1018 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ca615b12424fc2a925831a1151e5270a48ff54f89acd00ce10c02f7114694d2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		350 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d9c1c742aac35a11e2f47ecc1b8b720c69647e630606368b2ae352cc758f27d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
endofstory
legacy.npr.org/proxy/recommendations/ 		39 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://legacy.npr.org/proxy/recommendations/endofstory?storyId=1174343605&previouslyReadStoryIds=[%221174343605%22]
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.d2237d2851c94422b7ff.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
de454389bce9d322350632e8de80f620f331e3f7aab9de50c24fbb090f4021b9
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 12 May 2023 00:10:20 GMT
x-powered-by
PHP/7.4.14
content-length
18825
x-xss-protection
1; mode=block
x-served-by
prod-web-7
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.npr.org
cache-control
max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 12 May 2023 00:10:20 GMT
up-first_tile_npr-network-01_sq-cd1dc7e35846274fc57247cfcb9cd4dddbb2d635.jpg
media.npr.org/assets/img/2022/09/23/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/assets/img/2022/09/23/up-first_tile_npr-network-01_sq-cd1dc7e35846274fc57247cfcb9cd4dddbb2d635.jpg?s=100&c=85&f=webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
4195f92d44315ac1fbb6ca162d8edb7df2a18ef07bc8e095507c8a52a15194ac
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
prod-web-13
strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:19 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=9865481
akamai-mon-iucid-del
28919
timing-allow-origin
*
content-length
5098
x-xss-protection
1; mode=block
expires
Sun, 03 Sep 2023 04:35:00 GMT
m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803244h&cg=0&cc=1&si=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-w...
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803244h&cg=0&cc=1&si=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-w...
44 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803244h&cg=0&cc=1&si=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&rp=&ts=compact&rnd=1683850219927&ja=1
Protocol
H2
Server
3.134.172.54 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-172-54.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:20 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:20 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
location
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803244h&cg=0&cc=1&si=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&rp=&ts=compact&rnd=1683850219927&ja=1
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b047f1e3da013288c9bf2d1b15fac6f3d665c1864baae8c81fb48ee3a6f9e75c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
logx.optimizely.com/v1/ 		0
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/11107397707.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.49.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-49-253.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 12 May 2023 00:10:20 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.npr.org
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
7c2baa7f-e8a0-4fa1-8e41-38bb67753f2f
grumi.js
rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/ 		839 KB
251 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:5a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
387b1c9ab969f54d1665b7268d166fe9fe7d042247290694284e5fb14752fcc2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 23:14:59 GMT
x-amz-version-id
nXs5Dgx9E.cUJIw38iegf3v8hemSz_Ue
content-encoding
br
last-modified
Thu, 11 May 2023 22:54:56 GMT
server
AmazonS3
via
1.1 33529157e9445af08b5b7d15e72166ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
etag
W/"9572321ebc98bbde36f376a36ab42265"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
3322
x-amz-cf-id
AR5Ul49JiA5xIOG8QqcRVqRUvTexeQEwj44_2qTt7-CQObCiL-4wnw==
floors.json
ads.pubmatic.com/AdServer/js/pwt/floors/162268/7835/ 		2 KB
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/floors/162268/7835/floors.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d58194f8dd3afcaff87c92757947fa69c7032a86ee4a34a718de1a76e8e03b9

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
gzip
last-modified
Thu, 11 May 2023 02:41:40 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
application/json
cache-control
max-age=95460
access-control-allow-credentials
true
accept-ranges
bytes
content-length
303
expires
Sat, 13 May 2023 02:41:20 GMT
358
organization.api.npr.org/v4/stations/ 		170 B
574 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://organization.api.npr.org/v4/stations/358
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.d2237d2851c94422b7ff.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:e00:17:1d53:f700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20c172ecf13ad582bc7309a373b31a04d62c6c3e009e420271cc5c05f8cd1bf0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
via
1.1 7e50e11b37fc55ad87bf48e905b770a0.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 07:05:08 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
etag
"ebb873f4e461e191a78864579d1e2527"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
content-length
170
x-amz-cf-id
NVGF6tbY9sqMG8Y7hNukegjQhfV28G4e87XstiYXjj-0muGTX_pE2Q==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ 		408 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
353893c6dfd213c596c69a8955f505ab7a0d3324a7df583b489472c7e86cc512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Origin
https://www.npr.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 16:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166792
x-xss-protection
0
last-modified
Mon, 08 May 2023 04:06:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 May 2024 16:20:14 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=922918&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211e76902addce8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222115c9a1c09a81%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22922918%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22922918%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%223293a444c2093d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22922909%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22922909%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22498604d400d1e5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22922910%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2252428ff2ae55d5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22922918%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22922918%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222a020d0f-aadd-4ebb-a371-0fb702e00f12%22%7D%5D%7D%5D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa592e2df206b4c58ac43b2bfc0229214674884c269259fa2bb3367febd107d0

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yu9DqEE9L13lUPMxCD0nrL4cDq%2F6Pk2eF6sM462sh5Eop17%2FnwD1iNYXhpZN4oVHSfaA9WUlTUEe%2FDD9QwbEC98vYd2sJh%2BS51ZWDm9YzGYanJ6H9%2FgRe6DcwjnE2dzuETex7Ylb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.npr.org
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c5e70258c72a1fe-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=822
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.npr.org
date
Fri, 12 May 2023 00:10:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		28 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4d44ce603f3babef5821caac946cf4de1677e77d7aab1a34abf22cb400d616cd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 12 May 2023 00:10:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.39; 96.9.249.39; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4e0c1e20-8cb1-403f-8845-b4c2b6d40192
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.npr.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ 		402 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 11:21:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
46117
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127184
x-xss-protection
0
server
cafe
etag
3263738860219486170
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 10 May 2024 11:21:43 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		776 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.npr.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b596fe810c4f72890a9ad86e49766ff6d95fb028c99cced6b6ac41cc751d514d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
369
x-xss-protection
0
expires
Fri, 12 May 2023 00:10:20 GMT
iu3
s.amazon-adsystem.com/ Frame FE56
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&dcc=t
303 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&dcc=t
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
138162efb093edf8eab272590910f1aecd2826bfc315571a96aa8621434eabf1
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
303
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 12 May 2023 00:10:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
28090G1AJS2SYSXZF0T8

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 12 May 2023 00:10:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K31WQ7JC8AE2G7VBPX2H
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 23:18:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3102
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 12 May 2023 00:18:38 GMT
e1cef1f0-495f-4973-ba1c-880786e73a66-web.js
e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app/ 		324 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app/e1cef1f0-495f-4973-ba1c-880786e73a66-web.js
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.d2237d2851c94422b7ff.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad2bab50682f07841d18365d073b29e98f82fdd16b326df0a8e652014aa66360

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
e1cef1f0-495f-4973-ba1c-880786e73a66
age
0
x-guploader-uploadid
ADPycdv8bmLTSNkrq0k7s6gBl0-8sfcLkY72zKlsjGEorrX1TpQoh7mrdY80csPfDjCeqUtZv8LMu7WQqKKy-bRE9hkRLw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Tue, 25 Apr 2023 00:16:27 GMT
server
cloudflare
etag
W/"8929b70230906411c40c2e5955037734"
vary
Accept-Encoding
x-goog-generation
1682381787329285
content-type
application/javascript
x-goog-hash
crc32c=wyVrgQ==, md5=iSm3AjCQZBHEDC5ZVQN3NA==
cache-control
public, max-age=900
x-goog-stored-content-length
97384
timing-allow-origin
*
cf-ray
7c5e70264c48d15f-BUF
expires
Fri, 12 May 2023 00:25:20 GMT
now
www.npr.org/proxy/stationasset/v3/streams/4fcf713000354d86bd124529c1c1f01f/programs/ 		307 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.npr.org/proxy/stationasset/v3/streams/4fcf713000354d86bd124529c1c1f01f/programs/now
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.d2237d2851c94422b7ff.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
534ce5d895034be276359de48b3117ff74d0464bc637d3353477e4deef5c52d8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires
Fri, 12 May 2023 00:10:20 GMT
strict-transport-security
max-age=15724800; includeSubDomains
date
Fri, 12 May 2023 00:10:20 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
x-served-by
pod-www-render-nginx-787647677d-j7j82
content-type
application/json
access-control-allow-origin
https://www.npr.org
cache-control
no-cache
access-control-allow-credentials
true
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="467736_1749903243_302872450_809_9496_44_0";dur=1
content-length
307
x-xss-protection
1; mode=block
x-npr-trace-id
renFWstzbve
wdet_fm.png
media.npr.org/images/stations/nprone_logos/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/images/stations/nprone_logos/wdet_fm.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:487::1155 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
89ffa34d4c487944f08e6aebf891d4d5e227c7097027caa8fb1e6cf1429a434c
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 12 May 2023 00:10:20 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
22355
x-xss-protection
1; mode=block
x-served-by
prod-web-10
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Nov 2014 17:19:08 GMT
server
Apache/2.4.25 (Debian)
etag
"5753-5071fc70b535f"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 May 2023 00:10:20 GMT
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.piano.io
URL: https://cdn.piano.io/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:595::268b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 00:10:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Oct 2022 14:05:13 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5959
Expires
Fri, 12 May 2023 01:10:20 GMT
execute
c2.piano.io/xbuilder/experience/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=9ENxKQ58pu
Requested by
Host: cdn.piano.io
URL: https://cdn.piano.io/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe6d62deb9f2a9f9f55b91e39b05c6d2232ede0da5057c6a837edf8aa99d25dd
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
8ygk2994hd
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.npr.org
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7c5e70263c6fd157-BUF
2b5d0c3d6f690371f38881623967d2f7.svg
bundles.npr.org/dist/bundles/ 		20 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bundles.npr.org/dist/bundles/2b5d0c3d6f690371f38881623967d2f7.svg
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/persistent_large-css-90c6727d4f9ef64cfc6c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:7a3::1155 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a4602edc276bf5381a6864accfca91ab3e4deb6f20933a7eee16e40fa54747be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bundles.npr.org/dist/bundles/persistent_large-css-90c6727d4f9ef64cfc6c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
gzip
last-modified
Fri, 05 May 2023 14:53:37 GMT
server
AkamaiNetStorage
etag
"2b5d0c3d6f690371f38881623967d2f7:1683298417.266887"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=384638
accept-ranges
bytes
timing-allow-origin
*
content-length
1022
expires
Tue, 16 May 2023 11:00:58 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaf920acbc1c357a25eb4e07e035cdb789b4320595efe7eb75ce52056b9e04c7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb0cc8c8b53c9eb87848b8462db7041ea1ae4a577d2e16c3a5c3366b3422435

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e056da2afa5ff02d79253e434d016ddfad3877fffd41a3fccc73aac7893e2ea6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
gtm.js
www.googletagmanager.com/ 		157 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSR2B4H&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVD397M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b9aa79a47e0f4ae61b5383f2159d810f05ee4aac2908acd44362be6a08b264b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
55734
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 May 2023 00:10:20 GMT
gtm.js
www.googletagmanager.com/ 		197 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHZ4W3X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVD397M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e10cd0f7d269b9f3209ba276ecdafb114ecade970310b245f97f3152cd86ea5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
71778
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 May 2023 00:10:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 12 May 2023 00:10:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
5kAzfQJmbQaCjTNxSAK23Cz5pu2hXKrH0tVVuHh2632uY9Z6p9f+3hG2JZgYHQuIPhKi7UbjHPRK/0nm1WNQug==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:b200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 11:15:05 GMT
content-encoding
gzip
via
1.1 ca0fc43bc87ea655f66615a99ef77b4e.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
PHL51-P1
age
46515
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
1XRsBtqUb3qm3SrBZiAj-XuhMR-9xpehMbb2PeGLs0u4AkZl2tQThQ==
expires
Fri, 12 May 2023 11:15:05 GMT
ping.min.js
cdn.pdst.fm/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 23:59:12 GMT
content-encoding
gzip
age
668
x-guploader-uploadid
ADPycdsT8Jjlisv5fiv8mJxMlitP8ZgVv4O7FCcEnZZxowZ0bg6Y9xYWhd7bpxsu1N9mFjcqpdCnR2HpqP2-ty8mSFbZGVe-p43o
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5774
last-modified
Fri, 28 May 2021 20:34:03 GMT
server
UploadServer
etag
"d001d1c9f5a942fa5524eeacb047e819"
vary
Accept-Encoding
x-goog-generation
1622234043862937
x-goog-hash
crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5774
accept-ranges
bytes
content-type
application/javascript;
expires
Fri, 12 May 2023 00:59:12 GMT
js
www.googletagmanager.com/gtag/ 		187 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XK44GJHVBE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVD397M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
47a9b61e329a09288ce73d02b94bd0d194dcfe30faf71a3d175b352af4970fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70341
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 May 2023 00:10:20 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=17691522&ns__t=1683850220524&ns_c=UTF-8&c8=Here%27s%20what%27s%20in%20Virginia%27s%20secret%20execution%20files%20%3A%20NPR&c7=https%3A%2F%2Fwww.npr.org%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=17691522&ns__t=1683850220524&ns_c=UTF-8&c8=Here%27s%20what%27s%20in%20Virginia%27s%20secret%20execution%20files%20%3A%20NPR&c7=https%3A%2F%2Fwww.npr.org%...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=17691522&ns__t=1683850220524&ns_c=UTF-8&c8=Here%27s%20what%27s%20in%20Virginia%27s%20secret%20execution%20files%20%3A%20NPR&c7=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&c9=
Protocol
H2
Server
18.238.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-53.phl51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
PHL51-P1
x-amz-cf-id
LLfvmVWu0J9vMr-XmMyLGscT_Ic5AzTBNKzsSOXCH_AAl__VpRJG4g==
x-cache
Miss from cloudfront

Redirect headers

date
Fri, 12 May 2023 00:10:20 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=17691522&ns__t=1683850220524&ns_c=UTF-8&c8=Here%27s%20what%27s%20in%20Virginia%27s%20secret%20execution%20files%20%3A%20NPR&c7=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&c9=
content-length
0
x-amz-cf-id
XK3TQG9TAaQIwbF3b0hzBnUsnNnOA99bTiSHR5keQJZ6J-jNF4HWcg==
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/17691522/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
18.238.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-53.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:00:14 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
607
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
ng_1yH-QF7QUIh3TitmntSWB5FrgBPttao8jwCavd_AM4M9QIV8s9A==

Redirect headers

date
Fri, 12 May 2023 00:10:20 GMT
via
1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
PHL51-P1
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
w_hNR-zToztPCosn8fy_eO706GVzSUMVD73JuSCd8bYkl6kSVPNVkQ==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1026724461&t=pageview&_s=1&dl=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&dp=%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&ul=en-us&de=UTF-8&dt=Here%27s%20what%27s%20in%20Virginia%27s%20secret%20execution%20files%20%3A%20NPR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIhAAAAACgAI~&jid=723457652&gjid=2020437291&cid=1792873626.1683850220&tid=UA-5828686-4&_gid=1632309654.1683850220&_r=1&_slc=1&cd26=not%20active%20-%20collapsed&cd1=1174343605&cd2=p1150%2C1001%2C1002%2C1003%2C1070&cd3=investigations&cd4=1150&cd5=morning%20edition&cd6=3%2C1001%2C1002%2C1003%2C1070%2C1150%2C191676894%2C213438897%2C434975886%2C1150790731%2C1175376307%2C1175395312&cd7=executions%2Cvirginia%20department%20of%20corrections&cd8=chiara%20eisner&cd9=null&cd10=2023051105&cd11=1&cd12=direct&cd13=www.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&cd14=wdet&cd15=no%20favorite%20set%20-%20wdet&cd18=20230512&cd22=virginia%20hid%20execution%20files%20from%20the%20public.%20here%26%23039%3Bs%20what%20they%20don%26%23039%3Bt%20want%20you%20to%20see&cd23=portrait&cd24=traditional&cd39=1&cd40=358&cd43=false&cd44=false&cd51=gmt&z=70616557
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.npr.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		589 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=9ENxKQ58pu
Requested by
Host: cdn.piano.io
URL: https://cdn.piano.io/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8f3cc4a165a2c633c817365d64955a965e900c1644eb8660f6c9914f7d14e17
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M85riurncIb
pragma
no-cache
wn
prod-dash-10-0-133-214
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.002
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c5e70277c73d15f-BUF
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 1ABE 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b18438d193090838d3eebba712af41ae3fbe52bc89d8ad7f53f1241ea1bc491e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=730
cf-cache-status
HIT
cf-ray
7c5e70277b6dd14f-BUF
content-encoding
br
content-type
text/html;charset=UTF-8
date
Fri, 12 May 2023 00:10:20 GMT
expires
Fri, 12 May 2023 00:22:30 GMT
last-modified
Fri, 12 May 2023 00:07:30 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.002
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-124-225
x-forwarded-https
on
x-request-id
Mi0riurXXBs
x-xss-protection
0
cx.js
cdn.cxense.com/ 		103 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:595::268b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a11d62109f30ddb0d4b4f74e8b340ccc50a471ea1e5a888a5f17631c31cf9545

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 00:10:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Apr 2023 13:31:47 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34188
Expires
Fri, 12 May 2023 01:10:20 GMT
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by
Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
application/json
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
server
Google Frontend
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by
Express
access-control-allow-methods
GET, POST
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
5f8492cba8b27383c787917168b88e4b
function-execution-id
mybzbvejyn5q
access-control-allow-headers
Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.npr.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-length
22
content-type
text/html; charset=utf-8
date
Fri, 12 May 2023 00:10:20 GMT
etag
W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id
cfrp7damhia1
server
Google Frontend
x-cloud-trace-context
e635f3a19194aca8ea9d6d6ef3c98759
x-powered-by
Express
pxid
e1cef1f0-495f-4973-ba1c-880786e73a66.prmutv.co/v2.0/ 		46 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e1cef1f0-495f-4973-ba1c-880786e73a66.prmutv.co/v2.0/pxid?k=12730e07-f09d-4a69-93da-99b43983b663
Requested by
Host: e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
URL: https://e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app/e1cef1f0-495f-4973-ba1c-880786e73a66-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
de6743f507a86878617b378a3aea7c74416a28b4834a301271b582e89434c21a

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.npr.org
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
URL: https://e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app/e1cef1f0-495f-4973-ba1c-880786e73a66-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:20 GMT
AN-X-Request-Uuid
854317ce-e9ac-4623-a393-d15d7daf00c7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.npr.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
96.9.249.39; 96.9.249.39; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
e1cef1f0-495f-4973-ba1c-880786e73a66-models.bin
cdn.permutive.com/models/v2/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/e1cef1f0-495f-4973-ba1c-880786e73a66-models.bin
Requested by
Host: e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
URL: https://e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app/e1cef1f0-495f-4973-ba1c-880786e73a66-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ac1d014be6868369f75355b67fc701f2272a372b60a2eb679a00e78676b94d7

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
e1cef1f0-495f-4973-ba1c-880786e73a66
age
0
x-guploader-uploadid
ADPycdtyG7HZTjdwYGn1i_rrAvOQjMN3sM9F3mNBT6BBGS3DgxX1zpb_HSWF34ej-2HgFYrqHyRWsoyWo34pEYF9IyesdjROjtKN
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
4877
last-modified
Thu, 11 May 2023 06:00:49 GMT
server
cloudflare
etag
"5e88ff6fff9b4be39b3968ee46055222"
vary
Accept-Encoding
x-goog-generation
1683784849065809
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=McClmQ==, md5=Xoj/b/+bS+ObOWjuRgVSIg==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
4877
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c5e7027aaca541f-YYZ
expires
Thu, 11 May 2023 23:36:54 GMT
geoip
api.permutive.com/v2.0/ 		282 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=12730e07-f09d-4a69-93da-99b43983b663
Requested by
Host: e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
URL: https://e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app/e1cef1f0-495f-4973-ba1c-880786e73a66-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2ee46859435664a3d7dc374970512bf46030795f7d434a2b1d94637255485041

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.npr.org
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-5828686-4&cid=1792873626.1683850220&jid=723457652&gjid=2020437291&_gid=1632309654.1683850220&_u=aGBAAEIgAAAAACgAI~&z=387118217
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 12 May 2023 00:10:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.npr.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
351f8ffc-5eec-4740-adce-346c239cda78
https://www.npr.org/ 		71 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.npr.org/351f8ffc-5eec-4740-adce-346c239cda78
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bb7572b232bd7e8ca3679462ec41986421d1e002ed84f710ad166ca604f2ba7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
72876
Content-Type
a656a258-58a6-44e9-97f9-26bf400b66dd
https://www.npr.org/ 		71 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.npr.org/a656a258-58a6-44e9-97f9-26bf400b66dd
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bb7572b232bd7e8ca3679462ec41986421d1e002ed84f710ad166ca604f2ba7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
72876
Content-Type
pr
s.amazon-adsystem.com/v3/ Frame FFB3 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
658575ee6263bc52bc7d311899d2ecdeea85795169385045efaa7f5c7aa13ad0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1285
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 12 May 2023 00:10:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
655R343PCC1W0D6X4QQ5
collect
analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-XK44GJHVBE&gtm=45je35a0&_p=1026724461&_gaz=1&cid=1792873626.1683850220&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683850220&sct=1&seg=0&dl=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&dt=Here%27s%20what%27s%20in%20Virginia%27s%20secret%20execution%20files%20%3A%20NPR&uid=&en=page_view&_fv=1&_ss=1&ep.parents=3%2C1001%2C1002%2C1003%2C1070%2C1150%2C191676894%2C213438897%2C434975886%2C1150790731%2C1175376307%2C1175395312&ep.dacs_story=false&ep.page_type=1&ep.localized_station=358%20%7C%20wdet&ep.topics=p1150%2C1001%2C1002%2C1003%2C1070&ep.story_id=1174343605&ep.byline=chiara%20eisner&ep.publish_date=2023051105&ep.title=virginia%20hid%20execution%20files%20from%20the%20public.%20here%26%23039%3Bs%20what%20they%20don%26%23039%3Bt%20want%20you%20to%20see&ep.content_partner_organization=1%20%7C%20npr&ep.program=morning%20edition&ep.logged_in_session=false&ep.player_state=not%20active%20-%20collapsed&ep.screen_type=traditional&ep.screen_orientation=portrait&ep.category=page_view&up.user_timezone=gmt
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XK44GJHVBE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.npr.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XK44GJHVBE&cid=1792873626.1683850220&gtm=45je35a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XK44GJHVBE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.npr.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E34C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=72682
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 12 May 2023 00:10:20 GMT
expires
Fri, 12 May 2023 20:21:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame EB9C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
844
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7c5e70283dd0a1ec-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 May 2023 00:10:20 GMT
expires
Fri, 12 May 2023 04:10:20 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8E17 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
64090
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 12 May 2023 00:10:20 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 May 2023 06:21:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
390, 108215
X-Served-By
cache-lga13626-LGA, cache-yyz4543-YYZ
X-Timer
S1683850221.842364,VS0,VE0
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSR2B4H&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-115.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 20:06:41 GMT
Content-Encoding
gzip
Via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PHL51-P1
Age
14620
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
98MoZoTFKVc4BTOaWUR5-Nfe04V-KuLgQgIe1qt_bPCFcqQwlsZEww==
scevent.min.js
sc-static.net/ 		31 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-247.phl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
399a9be759ccc540081d3e7ed57c028c7ed63545952b616c25abac351881f7b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
gzip
via
1.1 aa68d5eaf078dffca4154e55039dbb84.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL50-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
13611
x-amz-cf-id
ObhNu1ikahvLKpFBdUFL6OnIUYounCPG5lLXgzl1-WRmUdb9wVzn7Q==
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF8PBLJC77U9H3ERNJCG&lib=ttq
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.150.190 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-77-150-190.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bfa00d3205cb2506bde08477160990fd7d2c33462848984d37608b0211d64312

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-request-id
1dc15481.16f56871
date
Fri, 12 May 2023 00:10:21 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-77-103-190.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time
53,104.77.103.190
server-timing
cdn-cache; desc=MISS, edge; dur=40, origin; dur=13, inner; dur=3
content-length
1544
pragma
no-cache
server
nginx
x-tt-logid
20230512001020FA8DAC51E29B4E45B5A2
x-cache-remote
TCP_MISS from a23-220-105-81.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
13,23.220.105.81
x-tt-trace-host
01b747defea15395f6d6f166d376ab40574428637888d9b505ccdf2300575b10e6db1bc06d3717f573ec1b29fc34fae5b128c86e85c82e65e9e700dd73cd713685fcb58fb915956720d2b721bd8ccc9b5f458fead57177d0ceab2ab6bed6e131660ce8543b07fbad9065c8db524a3ce9ec
expires
Fri, 12 May 2023 00:10:21 GMT
1621557368158968
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1621557368158968?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
29edf254e820e898520a27dd8c7e55affddc8c7be729db412dac7549910f0b1b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 12 May 2023 00:10:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88048
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
xn6c9qkd8uTCDRuiKzvvTjiAMRkBzkV8nq4Jd7omtwo3oMrmQe1DdzdeCfNSNHjpFFd7ShPuXxjnFRJhiYpq1A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=npr.org&p=%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&u=BnG_7LCtbKASDeq5BL&d=npr.org&g=18888&g0=investigations%2Cnews%2Chome%20page%20top%20stories%2Cinvestigations%2Claw%2Cnational%2Cmorning%20edition&g1=chiara%20eisner&n=1&f=00001&c=0&x=0&m=0&y=9742&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&b=2478&t=2b219DYrjeIBhgb9zBhVQkRxT_3o&V=139&i=Here%27s%20what%27s%20in%20Virginia%27s%20secret%20execution%20files%20%3A%20NPR&tz=0&sn=1&sv=DdoY38B9e07pBEWGH-B6ZDRrBuwZ53&sd=1&im=067b0fff&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.137.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-137-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 12 May 2023 00:10:20 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
ecm3
s.amazon-adsystem.com/ Frame FFB3
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=4ef20b62-6512-4e08-bb4e-dc21f482c3a4
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=4ef20b62-6512-4e08-bb4e-dc21f482c3a4
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
76Z17MAYNYV8A770PB6J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=4ef20b62-6512-4e08-bb4e-dc21f482c3a4
date
Fri, 12 May 2023 00:10:21 GMT
server
_
content-length
0
ecm3
s.amazon-adsystem.com/ Frame FFB3
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=CB5033A211F645E781D9BE26BE718709&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=CB5033A211F645E781D9BE26BE718709&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GT99XW534T6ZX5AAGMD6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 12 May 2023 00:10:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=CB5033A211F645E781D9BE26BE718709&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 11 May 2023 00:10:20 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 1ABE 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
6832
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 08 May 2023 01:57:14 GMT
wn
prod-dash-10-0-91-103
server
cloudflare
etag
W/"26850-1683511034000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
7c5e70288b8bd14f-BUF
expires
Fri, 12 May 2023 02:10:20 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 1ABE 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
887029
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3MhGdAncAdC5%2FHH1dSLUiHshj5ABFyo78Wl%2F9G5dzGShZIQEo5LOun2jPAPSImZGtJAnDUH0yKDrezao9sNJfrJtk%2BGqHr5QXeOR4gYZ%2BXuPw3I%2BNYgOhd3VvByHA6HgFY2eQVldvJ26OIX%2BdsDfZZZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c5e7028fb9bd14f-BUF
expires
Wed, 01 May 2024 00:10:20 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 1ABE 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
15672187
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bM2eY8uA%2FkhkOwzi8ctJgVq5gn8uHL8PlF5vZ11%2FjDgIGDwVj5SICRqgdYf8ybqm%2FhfqdlTmblTquLynFaWvaPYHA%2F7QdB1raGK0CsSRSjS3h6BW7oj%2FqBDer%2BJuof99hDR%2FecK5myXZmyN5WblMNMh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c5e7028fb9cd14f-BUF
expires
Wed, 01 May 2024 00:10:20 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1ABE 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
15342334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dszUb6wekSQv5%2FXKIfzWNa%2Fz1TTi%2B7%2BJaPk7TwZzBhJssdpx6bAN1Mq3KPxC6fVh2juOH5wQSIRkT0W%2FnoI8avgqyq8syXWivLar0fNZlgUJw7E4YbxGdQUD0O1UhDvjVgXe%2BbuXWSvmGvJ8t3zpK82C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c5e7028fb9dd14f-BUF
expires
Wed, 01 May 2024 00:10:20 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1ABE 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
15342334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGuNCtL8Szbirw9cTtRq9HZv6Uk3OAGASY1twrkQGWC5l%2FNAfd2NP2IOT5dFs9YG3Sd%2BGiGZ94l8Z8u2uFTDXmxOvvhVCmJiBI9LmxoaX3sEOA5iokNYLfCSZByRCFEWoOy5tSsBUCvRva5aGyRT%2F3br"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c5e7028fb9ed14f-BUF
expires
Wed, 01 May 2024 00:10:20 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1ABE 		825 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
17056961
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SArDAlhZ6CybOkLYKCuTV%2BZ99g2ZYuK0sHk8AoxUAgbUzFjW%2Bi8MymdsmfHophE0P7YC7sk0BTseXeCRnFyDWaui%2FUTMPU1lAsCvOqgN53LfuSIWni2Q75B4rJ%2F%2FId7ojQHeJfMtiHShtzm93Kvg5vv9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c5e7028fb9fd14f-BUF
expires
Wed, 01 May 2024 00:10:20 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1ABE 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
15669450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fhv70vYdOJvXCBRZYyBn83OA%2BQ9Hvc1rNDSMqnCI0hEE1PXRODLSmh0uzur7LTjqwgHoYYsh0suX2y3%2FbLDD77AqLVvPwTfdQTxR0VpjYp11dzwf85PgkwmwMa5LaVfKO5s0EpQtdwIMedgZXh2Lt%2BSi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c5e7028fba0d14f-BUF
expires
Wed, 01 May 2024 00:10:20 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 1ABE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12192425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1O1uqtiSaCcucfgj1JcM9KMhNbhdpfecs3oZRAO4CA1kROuHjQqBrgwQXnSU%2BawaYrMN95x6vZ8suDhvxscAx7l6lIxjZYzGa%2FBdaPlKfs1fKIIU82m3Gly50i5OdlOMc43VHnkl1V%2FEuBiHSFjdyh%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c5e70292ba6d14f-BUF
expires
Wed, 01 May 2024 00:10:20 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 1ABE 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
15669450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FEeO5Cs9y072nnRTH8gGYm3xf3NV7EJOyngK6d7gFkbWa9pwmj0CUSOhl%2BsUin1ybOaoLNPJn39isSaK1tt6JF9900f7g9tf3t3%2BF21WrOvsjMo15cey9v2ROhkpG4LibZxLwhwBw2t5DDAF0RrMIl%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c5e70292ba8d14f-BUF
expires
Wed, 01 May 2024 00:10:20 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 1ABE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
889300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mt6OPYjElsmzwhiOCfiKy7D%2FSWcO8FVkhSGx3j5JulFxB9o3J2cpJciDw3lMlhn3V8DBbiD1z8UVdEA9647kjzRYnWBwQRDVoUMyuv%2BpErRxVClAi0VcRfDbn5OyxzBB5NWuzKLryltCugjYGWztmCUp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c5e7028fba1d14f-BUF
expires
Wed, 01 May 2024 00:10:20 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 1ABE 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
18299729
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqFW71H2YOyDCopjbz%2FXzudp9%2FvWZ9XsKpIF0RJMkhf3QGrVTtUEU8pQLkHCFwxcTgvvjWqNVPbFlubhyN6swBwGnXb7mE%2Bqg5d8gaY%2FOLPDhcvonlJHnQKCVxUqS%2F3lzlLwK9crBujdiVVKBVhb49Ve"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c5e7028fba2d14f-BUF
expires
Wed, 01 May 2024 00:10:20 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 1ABE 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.174.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e78d23ae6e5e0f82394424866f999a7247b301cb7ccca0fe39ad303121be8061
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
1947
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 10 May 2023 20:04:42 GMT
wn
prod-dash-10-0-89-221
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=600224
x-optimized-by
_sam
cf-ray
7c5e70288b8cd14f-BUF
expires
Thu, 18 May 2023 22:54:04 GMT
newsletter-icon.svg
i.piano.io/managedservices/npr/ Frame 1ABE 		950 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.piano.io/managedservices/npr/newsletter-icon.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
870646ed369e60312f62ef62ad1993761074e08dac806c0b1e85fe34022473ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
via
1.1 bf49d89d8a3c52a5998a7b465717a00e.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
1947
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Feb 2023 20:30:05 GMT
server
cloudflare
etag
W/"0e01fa8e1622466ef4fe940a0ecfb7bf"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
7c5e702a4d1cd157-BUF
x-amz-cf-id
gclbdTX05amHF_ivzv4E0gJN0OvH2qH9dY5CzXyURolf5xhAO6JgVQ==
expires
Fri, 12 May 2023 04:10:21 GMT
css2
fonts.googleapis.com/ Frame 1ABE 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Source+Sans+Pro:wght@700&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50f28f2ab568648f4eeb61db88077a494063cf078ea47036a3690c6d363f0df6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 May 2023 00:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 22:53:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 May 2023 00:10:21 GMT
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5828686-4&cid=1792873626.1683850220&jid=723457652&_u=aGBAAEIgAAAAACgAI~&z=432477165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp1.html
cdn.cxense.com/ Frame 0B89 		684 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:595::268b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
379
Content-Type
text/html
Date
Fri, 12 May 2023 00:10:20 GMT
Expires
Mon, 22 May 2023 00:10:20 GMT
Last-Modified
Tue, 11 Jan 2022 07:21:04 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=12730e07-f09d-4a69-93da-99b43983b663
Requested by
Host: e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
URL: https://e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app/e1cef1f0-495f-4973-ba1c-880786e73a66-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
23f595bc4dddd13d1cacfde1f673c410b63e8d1ee782adec5e7ea471d6a5ece3

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 May 2023 00:10:20 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.npr.org
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
amzns2s
rtb.gumgum.com/usync/ Frame 5789 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.81.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-81-233.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f2a681b766700266a04ab111386aa2d2977b2234a4ee70fdfccfc88ec54c9c47

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 12 May 2023 00:10:21 GMT
etag
W/"0a39bc36c4d08444ea68bd0e8f35bb807"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 0524
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
a01007b0021d3bfc284716fe059a8ba2e7e66e8b15a5f2c31504eb4bab4c5395

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1859
Content-Type
text/html
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D7E0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=72682
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 12 May 2023 00:10:20 GMT
expires
Fri, 12 May 2023 20:21:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 8E17 		0
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:20 GMT
AN-X-Request-Uuid
fb68dd61-d079-4faf-a378-fa613ba3bd40
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
96.9.249.39; 96.9.249.39; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cx.js
cdn.cxense.com/ Frame 0B89 		103 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:595::268b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f9a14368257e7ae608b41966f9d8551e61390e593400e69013ea2e39ecd097a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 00:10:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Apr 2023 13:31:47 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34188
Expires
Fri, 12 May 2023 01:10:20 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E34C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72998933&p=162268&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
79b31979e78afd264dff492f14bc9edebb8801877e732be2b0a05db1d92f9a5b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 12 May 2023 00:10:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
448121793258601
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/448121793258601?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e346347af868086722530315141c352bdb4f8ec808e34d24b3a673842c05cbe6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 12 May 2023 00:10:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88013
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
LRiw3r+7Q+4CPk4kTAmVaw8bBRu5Jn7tbvsrL9HC/AgzZEVJlapg3IiRuUkR+ye+CNaiYDuKsJflEPB6q+ADBw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), hid=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1621557368158968&ev=PageView&dl=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&rl=&if=false&ts=1683850220979&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1683850220978.218158831&it=1683850220804&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 12 May 2023 00:10:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame D1F8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-...
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
c344e03bb210de8501279f148e719a190ed542e44aa51f147a4bb41bcdd167a1

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1889
Content-Type
text/html
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
0
Keep-Alive
timeout=1, max=499
Location
/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
i
tr.snapchat.com/cm/ Frame 89E7 		672 B
596 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=af8035d0-06ae-4a44-8fd1-e54332a4abd8&u_scsid=4dfd7bc5-e54b-4da7-930a-6b2c09d7a8c3&u_sclid=c05703ab-313a-4c7d-b81f-e46746c548ca
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html
date
Fri, 12 May 2023 00:10:21 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
9
af8035d0-06ae-4a44-8fd1-e54332a4abd8.js
tr.snapchat.com/config/org/ 		148 B
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/org/af8035d0-06ae-4a44-8fd1-e54332a4abd8.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
72e9187f1baca465ca1e164e76640284047c1508cc40a2e09d97a41261a5e28f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Origin
https://www.npr.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google, 1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.npr.org
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p
tr.snapchat.com/ 		68 B
505 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
server
API Gateway
content-type
text/html
access-control-allow-origin
https://www.npr.org
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
5
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
/
match.adsrvr.org/track/upb/ Frame C1EC
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=a8wczr9&ref=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&upid=6...
  • https://match.adsrvr.org/track/upb/?adv=a8wczr9&ref=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&upid=6...
878 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=a8wczr9&ref=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&upid=6lzlhnf&upv=1.1.0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
0a3ba917354f327813bab384836613984c56f44c39569d6d51a5f46a5faecc39

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Fri, 12 May 2023 00:10:21 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Fri, 12 May 2023 00:10:21 GMT
location
https://match.adsrvr.org/track/upb/?adv=a8wczr9&ref=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&upid=6lzlhnf&upv=1.1.0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
p1.js
p1cluster.cxense.com/ Frame 0B89 		45 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
d83266ddfdcea835f71c048d864ccb1c5656cb4225505a866415135afd78e989

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
last-modified
Sat, 12 Nov 2022 00:10:21 GMT
server
Jetty(9.4.28.v20200408)
etag
6zrx8vjn6lpd89y792rbzmm5
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
45
expires
Sun, 12 May 2024 00:10:21 GMT
segment
api.permutive.com/adv/v2/ 		30 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=12730e07-f09d-4a69-93da-99b43983b663
Requested by
Host: e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
URL: https://e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app/e1cef1f0-495f-4973-ba1c-880786e73a66-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 12 May 2023 00:10:21 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
content-type
application/json
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.npr.org
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		145 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4075704308911906&correlator=2188281864055034&eid=31072020&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&us_privacy=1YNN&iu_parts=6735%2Cn6735.NPR%2CNews_Investigations%2CNPRSecondary%2CNPRThird&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F3%2F2%2C%2F0%2F4%2F2&prev_iu_szs=300x250%7C300x600%2C320x50%7C300x250%7C1300x250%7C728x90%2C300x250%7C1300x250%7C728x90%2C300x250%7C1300x250&fluid=0%2Cheight%2C0%2C0&ifi=1&adks=757683764%2C1508195593%2C2496522924%2C3115402060&sfv=1-0-40&prev_scp=testserver%3Dfalse%26isPodcastEpisode%3Dfalse%26storyId%3D1174343605%26program%3DMorning_Edition%26agg%3D191676894%2C1150790731%2C434975886%26ad_location_name%3Dright_rail%26amznbid%3D2%26amznp%3D2%7Ctestserver%3Dfalse%26isPodcastEpisode%3Dfalse%26storyId%3D1174343605%26program%3DMorning_Edition%26agg%3D191676894%2C1150790731%2C434975886%26ad_location_name%3Dstory_centerstage%26amzniid%3DJCmvpYGhJhNn-oF4YDF6jEQAAAGIDUtTJgEAABP8AQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICC-VGtz%26amznp%3Dg96g3k%26amznsz%3D300x250%26amznbid%3D17139j4%26pwtverid%3D19%26pwtprofid%3D7835%26pwtpubid%3D162268%26pwtbst%3D1%26pwtplt%3Ddisplay%26pwtsz%3D728x90%26pwtecp%3D0.55%26pwtsid%3D207300a1fa01ffa%26pwtpid%3Dmediafuse%7Ctestserver%3Dfalse%26isPodcastEpisode%3Dfalse%26storyId%3D1174343605%26program%3DMorning_Edition%26agg%3D191676894%2C1150790731%2C434975886%26ad_location_name%3Dsecondary%26amzniid%3DJC9Z_KG8pnHLukQvCxgJsCgAAAGIDUtTJwEAABP8AQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAwPbqR%26amznp%3Dg96g3k%26amznsz%3D300x250%26amznbid%3D17139j4%26pwtverid%3D19%26pwtprofid%3D7835%26pwtpubid%3D162268%26pwtbst%3D1%26pwtplt%3Ddisplay%26pwtsz%3D300x250%26pwtecp%3D0.75%26pwtsid%3D2174c49f691ed9e%26pwtpid%3Dmediafuse%7Ctestserver%3Dfalse%26isPodcastEpisode%3Dfalse%26storyId%3D1174343605%26program%3DMorning_Edition%26agg%3D191676894%2C1150790731%2C434975886%26ad_location_name%3Dthird%26amzniid%3DJGHupPGbxZTcOgEvBUbCWXAAAAGIDUtTJwEAABP8AQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAeDMr0%26amznp%3Dg96g3k%26amznsz%3D300x250%26amznbid%3D17139j4&eri=1&cust_params=permutive%3D107958%252Crts%26prmtvvid%3D6dd9db78-4825-4c70-bf65-aefa9f108e21%26prmtvwid%3De1cef1f0-495f-4973-ba1c-880786e73a66%26prmtvsdk%3Dweb&sc=1&cookie_enabled=1&abxe=1&dt=1683850221103&lmt=1683850221&dlt=1683850217674&idt=2877&adxs=1133%2C166%2C483%2C166&adys=168%2C1970%2C3582%2C6675&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&frm=20&vis=1&psz=335x292%7C933x0%7C933x250%7C933x0&msz=300x250%7C300x0%7C933x250%7C300x0&fws=0%2C128%2C4%2C128&ohw=0%2C0%2C933%2C0&ga_vid=1792873626.1683850220&ga_sid=1683850221&ga_hid=1026724461&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a74b6e51b9490f0b2992457e40a143f17d5547ae2ce83881c67552bfc022d00a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28135
x-xss-protection
0
google-lineitem-id
6295254190,6158334201,6158332248,6169345598
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432016238,138413743750,138413743729,138423238302
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.npr.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6060fb572db4a4a2c4caf55f22d0509334496b21ad08de02caaf3e68f772655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11369
x-xss-protection
0
container.html
9945223d3cb69ecf699a51dab0237bd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EA06 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9945223d3cb69ecf699a51dab0237bd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 00:10:21 GMT
expires
Sat, 11 May 2024 00:10:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.MWI2MzlmMWJmMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		257 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF8PBLJC77U9H3ERNJCG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.150.190 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-77-150-190.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5c8d3905b5c13d0c0e32c412ae45710365b71b1c9931b9c4ed44596e557be9d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-request-id
16f56919
date
Fri, 12 May 2023 00:10:21 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202305081131221FB30DDE104F7D910F15
vary
Accept-Encoding
x-cache
TCP_HIT from a104-77-103-190.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01863b753f094032c967dc9810fc0ebc4e8b50ab204875fddfc958bc358b89d29f35991f34113c7ae461c48e3608ed5e99a1595c2c1b517df48803b6f034a67296d23047a8869ba74a362650e98fe15a02774e55e35a000bd942b4684b6cc22432
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
69721
usersync
usersync.gumgum.com/ Frame 5789
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5585051093897204759
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5585051093897204759
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Fri, 12 May 2023 00:10:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.39; 96.9.249.39; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
48f1464f-ef43-4681-8de2-daa3050618ae
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=5585051093897204759
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 5789
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_1488d12f-431d-446d-8c7c-76352bf75401&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_1488d12f-431d-446d-8c7c-76352bf75401&gdpr=&gdpr_consent=&us_privacy=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=140b447e-d1e7-4df3-8414-2e5cb259ff26&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=d58e1f47-673d-43c0-9eb5-3d3092a2f42c&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=d58e1f47-673d-43c0-9eb5-3d3092a2f42c&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=d58e1f47-673d-43c0-9eb5-3d3092a2f42c&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 12 May 2023 00:10:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 5789
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-726727c3-2fec-5888-4b58-5e8c90b62167$ip$96.9.249.39
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-726727c3-2fec-5888-4b58-5e8c90b62167$ip$96.9.249.39
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-726727c3-2fec-5888-4b58-5e8c90b62167$ip$96.9.249.39
Date
Fri, 12 May 2023 00:10:21 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 5789
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_1488d12f-431d-446d-8c7c-76352bf75401&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=tUErNNrmnF3IeDQjI0fy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHV2FKRLSJZHHE3LOIYZUSZKEKFVESMDGPE
  • https://usersync.gumgum.com/usersync?b=zem&i=tUErNNrmnF3IeDQjI0fy
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=tUErNNrmnF3IeDQjI0fy
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=tUErNNrmnF3IeDQjI0fy
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 5789
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=SLUa04RHlEfB&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=SLUa04RHlEfB&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=SLUa04RHlEfB&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-b9f9f4b7f-hkthr
expires
-1
sync
t.adx.opera.com/pub/ Frame 5789
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28JnjMRgFnSPb5bZmnOsA7kpRNnlM7ibGMSgt1KDCZD821L4fDeVqRIVieByrmQT8y%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_1488d12f-431d-446d-8c7c-76352bf75401&obuid=ENC(JnjMRgFnSPb5bZmnOsA7kpRNnlM7ibGMSgt1KDCZD821L4fDeVqRIVieByrmQT8y)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&initiator=$initiator
0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&initiator=$initiator
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:22 GMT
server
nginx
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&initiator=$initiator
Date
Fri, 12 May 2023 00:10:21 GMT
X-TraceId
7cfef9829bdafcd802a20b659e5a78ac
Content-Length
0
usersync
usersync.gumgum.com/ Frame 5789
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=e5692b72-b18f-4f36-903b-344ef4b15587
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=e5692b72-b18f-4f36-903b-344ef4b15587
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 12 May 2023 00:10:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=e5692b72-b18f-4f36-903b-344ef4b15587
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 5789
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Ao4Gym1E2pet60MJjNUc5iE6VvELhRDfIeLc~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-Ao4Gym1E2pet60MJjNUc5iE6VvELhRDfIeLc~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 12 May 2023 00:10:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-Ao4Gym1E2pet60MJjNUc5iE6VvELhRDfIeLc~A
content-length
0
usersync
usersync.gumgum.com/ Frame 5789
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=38da2c82-a184-4f05-ba5c-0b96ac861902
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=38da2c82-a184-4f05-ba5c-0b96ac861902
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=38da2c82-a184-4f05-ba5c-0b96ac861902
Date
Fri, 12 May 2023 00:10:21 GMT
Connection
keep-alive
X-CI-RTID
088a1310-c9d3-4f76-aa4c-62852bf7b7eb
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 5789
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=4D3C4260A3D4496388DD53B7B232A07F
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=4D3C4260A3D4496388DD53B7B232A07F
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 12 May 2023 00:10:21 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
508267325
location
https://usersync.gumgum.com/usersync?b=snc&i=4D3C4260A3D4496388DD53B7B232A07F
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 5789
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_9f53e7dca3a940a1a1cfb
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_9f53e7dca3a940a1a1cfb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_9f53e7dca3a940a1a1cfb
date
Fri, 12 May 2023 00:10:21 GMT
content-type
image/gif
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 5789
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=2641623b-1cfe-498f-95da-322c21926ada
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=2641623b-1cfe-498f-95da-322c21926ada
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=2641623b-1cfe-498f-95da-322c21926ada
access-control-allow-origin
*
date
Fri, 12 May 2023 00:10:21 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 5789
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8500728873333680786
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8500728873333680786
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 May 2023 00:10:22 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8500728873333680786
date
Fri, 12 May 2023 00:10:21 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 5789 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_1488d12f-431d-446d-8c7c-76352bf75401
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QJPC9AZYV3B4YAR3YN13
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 55DF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
170 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZF2D7QAJan2HowBa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2480
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 12 May 2023 00:10:21 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
9438
x-served-by
cache-yyz4532-YYZ
x-timer
S1683850221.364310,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 12 May 2023 00:10:21 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZF2D7QAJan2HowBa
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4532-YYZ
x-timer
S1683850221.309124,VS0,VE21
Pug
image2.pubmatic.com/AdServer/ Frame 5DCD
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314639533267504
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314639533267504
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:06:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 12 May 2023 00:10:21 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314639533267504
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
s.amazon-adsystem.com/ Frame 5812 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
HGRAJ68JQ7TK8J3K3EYT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E34C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=A_G8pimpQsiCM4DVm9d-nQ%3D%3D&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=A_G8pimpQsiCM4DVm9d-nQ%3D%3D&gdpr=0&gdpr_consent=&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=72681
accept-ranges
bytes
content-length
5554
expires
Fri, 12 May 2023 20:21:42 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame E34C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=03F1BCA6-29A9-42C8-8233-80D59BD77E9D
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=03F1BCA6-29A9-42C8-8233-80D59BD77E9D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=eb740e63-58b5-4b30-a391-d996413c50ea%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&ttd_puid=eb740e63-58b5-4b30-a391-d996413c50ea%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&ttd_puid=eb740e63-58b5-4b30-a391-d996413c50ea%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&ttd_puid=eb740e63-58b5-4b30-a391-d996413c50ea%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
xuid
eb2.3lift.com/ Frame E34C
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 12 May 2023 00:10:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Fri, 12 May 2023 00:10:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame E34C
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=040f6da3-3151-4ed9-bfc6-2c2c015f28c5
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=040f6da3-3151-4ed9-bfc6-2c2c015f28c5
Protocol
H2
Server
34.193.215.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-215-195.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Fri, 12 May 2023 00:10:21 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=040f6da3-3151-4ed9-bfc6-2c2c015f28c5
date
Fri, 12 May 2023 00:10:21 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame E34C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDNGMUJDQTYtMjlBOS00MkM4LTgyMzMtODBENTlCRDc3RTlE&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDNGMUJDQTYtMjlBOS00MkM4LTgyMzMtODBENTlCRDc3RTlE&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:10:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E34C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIALGw0mvkrLX-kmXf9VoHY&google_cver=1
42 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIALGw0mvkrLX-kmXf9VoHY&google_cver=1
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:06:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIALGw0mvkrLX-kmXf9VoHY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E34C
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CB5033A211F645E781D9BE26BE718709
42 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CB5033A211F645E781D9BE26BE718709
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:10:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 12 May 2023 00:10:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CB5033A211F645E781D9BE26BE718709
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 11 May 2023 00:10:21 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E34C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4010939127404796361&gdpr=0&gdpr_consent=&us_privacy=
1 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4010939127404796361&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 12 May 2023 00:10:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4010939127404796361&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 12 May 2023 00:10:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame E34C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=
42 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:10:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame E34C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.sFTDM9E2uWvcEh.5yksBsu61mXLx4A-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.sFTDM9E2uWvcEh.5yksBsu61mXLx4A-~A&gdpr=0
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.sFTDM9E2uWvcEh.5yksBsu61mXLx4A-~A&gdpr=0
date
Fri, 12 May 2023 00:10:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
03F1BCA6-29A9-42C8-8233-80D59BD77E9D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E34C 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/03F1BCA6-29A9-42C8-8233-80D59BD77E9D?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:6422:e7b:c10:ea7a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448121793258601&ev=PageView&dl=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&rl=&if=false&ts=1683850221175&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1683850220978.218158831&it=1683850220804&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 12 May 2023 00:10:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
user-sync
sync.adkernel.com/ Frame 8824 		21 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
43e96d451b13a80f769c106908376c94b31beb9aac6566498c5c60f0059ca4f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
21
Date
Fri, 12 May 2023 00:10:21 GMT
Pragma
no-cache
Server
nginx
e9d4ff858b5e32317e843f5ed11b2659.gif
cs.iqzone.com/ Frame 436F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=u_1488d12f-431d-446d-8c7c-76352bf75401&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 12 May 2023 00:10:24 GMT
Server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E2BF 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=72681
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 12 May 2023 00:10:21 GMT
expires
Fri, 12 May 2023 20:21:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 32CF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=3ec4d4ee-9729-4f72-97e5-82f58aca8f39
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=3ec4d4ee-9729-4f72-97e5-82f58aca8f39
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Fri, 12 May 2023 00:10:21 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=3ec4d4ee-9729-4f72-97e5-82f58aca8f39
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 73D8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=bb75645d-83ed-4500-8bc7-011a248e5d45&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=bb75645d-83ed-4500-8bc7-011a248e5d45&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
Fri, 12 May 2023 00:10:20 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master ord-pixel-x19 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=bb75645d-83ed-4500-8bc7-011a248e5d45&gdpr=&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 1679
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZF2D7QAJWfGa1gAp
  • https://usersync.gumgum.com/usersync?b=atm&i=ZF2D7QAJWfGa1gAp&gdpr=&gdpr_consent=&_test=ZF2D7QAJWfGa1gAp
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZF2D7QAJWfGa1gAp&gdpr=&gdpr_consent=&_test=ZF2D7QAJWfGa1gAp
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 12 May 2023 00:10:21 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZF2D7QAJWfGa1gAp&gdpr=&gdpr_consent=&_test=ZF2D7QAJWfGa1gAp
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yyz4532-YYZ
x-timer
S1683850221.364506,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 25A6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8xNDg4ZDEyZi00MzFkLTQ0NmQtOGM3Yy03NjM1MmJmNzU0MDE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8xNDg4ZDEyZi00MzFkLTQ0NmQtOGM3Yy03NjM1MmJmNzU0MDE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8xNDg4ZDEyZi00MzFkLTQ0NmQtOGM3Yy03NjM1MmJmNzU0MDE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 00:10:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
435
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 00:10:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8xNDg4ZDEyZi00MzFkLTQ0NmQtOGM3Yy03NjM1MmJmNzU0MDE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 63B4
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZF2D7cCo8XYAALq-F7AAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZF2D7cCo8XYAALq-F7AAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 12 May 2023 00:10:21 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZF2D7cCo8XYAALq-F7AAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad293.dc4p.scaleout.jp
X-SO-IP
96.9.249.39
X-SO-Key
ZF2D7cCo8XYAALq-F7AAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.39","key":"ZF2D7cCo8XYAALq-F7AAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad293"}
X-SO-LB-Hostname
m-tgng18.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad293
rum
dsum-sec.casalemedia.com/ Frame 0524
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&expiration=1686442221&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&expiration=1686442221&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&expiration=1686442221&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 0524
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZF2D7ZSUASbTp5SQYa1uOwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFp7MmOW3G3GN9jR52f2cuo&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFp7MmOW3G3GN9jR52f2cuo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFp7MmOW3G3GN9jR52f2cuo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 0524
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFcs7-Lq9ZYmhhhiKNVTHDI&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFcs7-Lq9ZYmhhhiKNVTHDI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFcs7-Lq9ZYmhhhiKNVTHDI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0524 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
65KQFGR9WQ4G46SAXAV8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0524
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZF2D7ZSUASbTp5SQYa1uOgAA%26074&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=9b7f42eb-aec6-45f5-8952-32eb8ea1c97f-tuctb57096d
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=9b7f42eb-aec6-45f5-8952-32eb8ea1c97f-tuctb57096d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=9b7f42eb-aec6-45f5-8952-32eb8ea1c97f-tuctb57096d
date
Fri, 12 May 2023 00:10:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
39892
crum
dsum-sec.casalemedia.com/ Frame 0524
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5585051093897204759
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5585051093897204759
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 12 May 2023 00:10:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.39; 96.9.249.39; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
584d2700-bb20-416f-9d2b-258d1de1f889
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5585051093897204759
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
113
match.deepintent.com/usersync/ Frame 0524 		0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 12 May 2023 00:10:20 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0524
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
2600:1f18:4e9:5a02:6422:e7b:c10:ea7a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB
date
Fri, 12 May 2023 00:10:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame 0524 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZF2D7ZSUASbTp5SQYa1uOgAAAEoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6GQXWHHK3D5GXCABDSK7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame D1F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZF2D7ZSUASbTp5SQYa1uOwAAAEoAAAAB&gdpr_consent=&us_privacy=1YNN&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZF2D7ZSUASbTp5SQYa1uOwAAAEoAAAAB&gdpr_consent=&us_privacy=1YNN&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAF3v4KlwGltx8acCVveiwE&google_cver=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAF3v4KlwGltx8acCVveiwE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAF3v4KlwGltx8acCVveiwE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D1F8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&us_privacy=1YNN
  • https://cm.g.doubleclick.net/pixel?us_privacy=1YNN&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZF2D7ZSUASbTp5SQYa1uOwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENelQuOK8GkOtUouvw-vpEY&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENelQuOK8GkOtUouvw-vpEY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENelQuOK8GkOtUouvw-vpEY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D1F8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale?us_privacy=1YNN
  • https://match.adsrvr.org/track/cmb/casale?us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&expiration=1686442221&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&expiration=1686442221&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&expiration=1686442221&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame D1F8 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1YNN&gdpr=&gdpr_consent=&id=ZF2D7ZSUASbTp5SQYa1uOwAAAEoAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RBFMT4QPJKSYRH4N44SY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D1F8
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=1YNN&gdpr=&gdpr_consent=&id=ZF2D7ZSUASbTp5SQYa1uOwAA%26074&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=0812bbd6-e5b9-48db-b1fb-afde6bbd835d-tuctb57096d
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=0812bbd6-e5b9-48db-b1fb-afde6bbd835d-tuctb57096d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=0812bbd6-e5b9-48db-b1fb-afde6bbd835d-tuctb57096d
date
Fri, 12 May 2023 00:10:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
39892
rum
dsum-sec.casalemedia.com/ Frame D1F8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Cvt7qwT8K6sR-nysCfZj9wv8Kv0RrXuuWqzPBAE2
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Cvt7qwT8K6sR-nysCfZj9wv8Kv0RrXuuWqzPBAE2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Cvt7qwT8K6sR-nysCfZj9wv8Kv0RrXuuWqzPBAE2
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame D1F8 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.4.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-4-30.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
crum
dsum-sec.casalemedia.com/ Frame D1F8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5c3d645d-83ed-4300-9acf-6d2d0e9de5b1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5c3d645d-83ed-4300-9acf-6d2d0e9de5b1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 12 May 2023 00:10:21 GMT
Server
MT3 851 9bd98ae master ord-pixel-x5 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5c3d645d-83ed-4300-9acf-6d2d0e9de5b1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 May 2023 00:10:20 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame D1F8 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZF2D7ZSUASbTp5SQYa1uOwAA%26074=&us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
24140
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c5e702b2a9954a3-YYZ
content-length
43
expires
Sat, 13 May 2023 00:10:21 GMT
usersync
usersync.gumgum.com/ Frame E6C9
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_1488d12f-431d-446d-8c7c-76352bf75401&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=3f815e86-e251-4c0b-9350-f7846f377bf0
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=3f815e86-e251-4c0b-9350-f7846f377bf0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=3f815e86-e251-4c0b-9350-f7846f377bf0
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usermatchredir
ssum-sec.casalemedia.com/ Frame 31C3 		43 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
0
Keep-Alive
timeout=1, max=497
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 185F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=o6QV0QJdLztL1mof1p62&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=o6QV0QJdLztL1mof1p62&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 12 May 2023 00:10:21 GMT Fri, 12 May 2023 00:10:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=o6QV0QJdLztL1mof1p62&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 402A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 May 2023 00:10:21 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 May 2023 00:10:21 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
rep.gif
comcluster.cxense.com/Repo/ Frame 0B89 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.21&typ=pgv&rnd=lhjsy0ys797r8zm7&sid=4730272259874493122&loc=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&new=1&arf=0&ltm=1683850220818&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lhjsy1qo38kaszha&ckp=lhjsy0ysu886rxu0&glb=&cp_userState=anon&cst=6zrx8vjn6lpd89y792rbzmm5
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Fri, 12 May 2023 00:10:21 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		101 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lhjsy0ysu886rxu0%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%226zrx8vjn6lpd89y792rbzmm5%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%226zrx8vjn6lpd89y792rbzmm5%22%7D%5D%2C%22siteId%22%3A%224730272259874493122%22%2C%22location%22%3A%22https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
cdc0f17acec6d7a576fce6a0b816b96407a98172baf6c9fba82fb76b27cf7e51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:21 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
101
expires
Mon, 26 Jul 1997 05:00:00 GMT
scevent.min.js
sc-static.net/ Frame 89E7 		31 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=af8035d0-06ae-4a44-8fd1-e54332a4abd8&u_scsid=4dfd7bc5-e54b-4da7-930a-6b2c09d7a8c3&u_sclid=c05703ab-313a-4c7d-b81f-e46746c548ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-247.phl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
399a9be759ccc540081d3e7ed57c028c7ed63545952b616c25abac351881f7b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tr.snapchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 08:18:56 GMT
content-encoding
gzip
via
1.1 aa68d5eaf078dffca4154e55039dbb84.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL50-C1
age
57085
etag
0d6e407936704bd380072f5891d28b0e
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=86400, max-age=600
access-control-allow-headers
Content-Type
content-length
13611
x-amz-cf-id
0fPVYnBaItbz0KKBgSgE1y8VD6yHnWu0AtfG0obdOxlRndxyIoCLXA==
identify_738b3.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.150.190 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-77-150-190.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-request-id
16f56984
date
Fri, 12 May 2023 00:10:21 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202305081131231FB30DDE104F7D910F29
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-77-103-190.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01863b753f094032c967dc9810fc0ebc4e8b50ab204875fddfc958bc358b89d29f35991f34113c7ae461c48e3608ed5e9943801ae14008fda742941c7076968121848d2c38707cb5320ddf9788a42cab156b85c8a24e3c51b1820d8989c2397411
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=8
content-length
30854
pixel
analytics.tiktok.com/api/v2/ 		0
697 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.150.190 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-77-150-190.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1a8f50af.16f569a7
date
Fri, 12 May 2023 00:10:21 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-77-103-190.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time
37,104.77.103.190
server-timing
cdn-cache; desc=MISS, edge; dur=10, origin; dur=34, inner; dur=25
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230512001021FE1A09A7D588C001648A
x-cache-remote
TCP_MISS from a23-59-251-103.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
34,23.59.251.103
x-tt-trace-host
01b747defea15395f6d6f166d376ab40574428637888d9b505ccdf2300575b10e69bce528ed022809f753e9bc7b61d895a935011d67b2c2218da7b6956417ccaea518dceffeb0fbf1c494a1cc1513b5d8baf55650e052d00743ff3b546b62ad3b6db131aa7269549673674d4783fbcb122
expires
Fri, 12 May 2023 00:10:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 May 2023 00:10:21 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame C1EC 		487 B
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=a8wczr9&ref=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&upid=6lzlhnf&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-115.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 11 May 2023 18:24:44 GMT
Via
1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PHL51-P1
Age
20738
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
dzfg6zB0zsrw4_0tM_xalnXdxPI36EaaXf3lL4FgNwwN904ZTCqeoQ==
p
tr.snapchat.com/cm/ Frame DC68
Redirect Chain
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1683850221405&u_scsid=1603ec2d-2077-471a-9d4d-7d4121c33f8e&u_sclid=10aead5a-7461-4d90-af02-0194ed92ba84
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1683750848451%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://tr.snapchat.com/cm/p?rand=1683750848451&pnid=140&pcid=eb740e63-58b5-4b30-a391-d996413c50ea
0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/p?rand=1683750848451&pnid=140&pcid=eb740e63-58b5-4b30-a391-d996413c50ea
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://tr.snapchat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Fri, 12 May 2023 00:10:21 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
10

Redirect headers

accept-ch
Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 12 May 2023 00:10:21 GMT
location
https://tr.snapchat.com/cm/p?rand=1683750848451&pnid=140&pcid=eb740e63-58b5-4b30-a391-d996413c50ea
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security
max-age=31536000
via
1.1 google
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 1ABE 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Source+Sans+Pro:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 17:08:08 GMT
x-content-type-options
nosniff
age
25333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 May 2024 17:08:08 GMT
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 1ABE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
6832
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2177
last-modified
Wed, 10 May 2023 20:04:42 GMT
wn
prod-dash-10-0-80-175
server
cloudflare
etag
W/"2177-1683749082000"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
7c5e702c581cd15b-BUF
expires
Fri, 12 May 2023 02:10:21 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 1ABE 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Source+Sans+Pro:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 17:29:16 GMT
x-content-type-options
nosniff
age
196865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 May 2024 17:29:16 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 1ABE 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Source+Sans+Pro:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 12:53:43 GMT
x-content-type-options
nosniff
age
40598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 May 2024 12:53:43 GMT
usync.js
eus.rubiconproject.com/ Frame 402A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e8495c16f73bcb970266652190f05104151434693bb7135179c12ea2db950ba1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 00:10:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2023 11:02:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=39152
Connection
keep-alive
Content-Length
10020
Expires
Fri, 12 May 2023 11:02:53 GMT
/
www.facebook.com/tr/ Frame ACA4 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.npr.org
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.npr.org
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 00:10:21 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sync
ups.analytics.yahoo.com/ups/55953/ Frame 05D5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=b35ceeb4-8c5c-4065-9533-21dd50719f5d&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-crZR1klE2uIHOWvC9xysd7rpQXDensQ-~A&gdpr=0
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&_origin=0&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
0
date
Fri, 12 May 2023 00:10:21 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.57
strict-transport-security
max-age=31536000

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
267
content-type
text/html
date
Fri, 12 May 2023 00:10:21 GMT
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&_origin=0&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
tap.php
pixel.rubiconproject.com/ Frame 0DDD
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b35ceeb4-8c5c-4065-9533-21dd50719f5d&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=&expires=30
42 B
894 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
29af2665c43893332e84c235bac366c1
content-length
42

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
289
content-type
text/html
date
Fri, 12 May 2023 00:10:21 GMT
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=&expires=30
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
setuid
ib.adnxs.com/ Frame 006E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=b35ceeb4-8c5c-4065-9533-21dd50719f5d
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5585051093897204759&ttd_tdid=b35ceeb4-8c5c-4065-9533-21dd50719f5d
  • https://ib.adnxs.com/setuid?entity=82&code=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/setuid?entity=82&code=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

AN-X-Request-Uuid
9ae7995d-503f-4d6b-91f0-809119a1a2e1
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 12 May 2023 00:10:21 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
96.9.249.39; 96.9.249.39; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
231
content-type
text/html
date
Fri, 12 May 2023 00:10:21 GMT
location
https://ib.adnxs.com/setuid?entity=82&code=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=12730e07-f09d-4a69-93da-99b43983b663
Requested by
Host: e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
URL: https://e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app/e1cef1f0-495f-4973-ba1c-880786e73a66-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e4630c2c02a0b51aa90a24a4df46e2be7bd4b1891e4bc6e3ce1fae514b55fcfb

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.npr.org
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D0D8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
28477
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 16:15:44 GMT
expires
Fri, 10 May 2024 16:15:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 878B 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e102857342ad296d1beae9bd5a8696e84da6be5cd1beaa395da4181ddf03335f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2M_PU3-HL4VL-BW4Pli-LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-2M_PU3-HL4VL-BW4Pli-LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 00:10:21 GMT
expires
Fri, 12 May 2023 00:10:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
khaos.jpg
token.rubiconproject.com/ Frame 402A 		284 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1YNN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
pagead2.googlesyndication.com/bg/ Frame D0D8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 05:53:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
65797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14670
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 May 2024 05:53:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 878B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305090101&jk=4075704308911906&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
/
www.facebook.com/tr/ Frame FEA9 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.npr.org
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.npr.org
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 00:10:21 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
view
securepubads.g.doubleclick.net/pcs/ Frame 4050 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw7R0oKV2mwxGoxH5B94Go7ZRF_LIaNBRHoa4mA3AAj9E32Thn0uI9-HDNNNz4S5bvgS049Y885JYQFanucLyIBqhb_7rThg8mbayM8H-tkhjrhmnRvF5g6NBXdVYdw_I1ljcrCY6QnEL3dPRgkqkl18JHlcvFAMvG26SH8doe4-vGEzUNip9iOJBZybhRqfx5f1Ox7EVq0SGU6bLJHFh6n_1L6ADNK1TCcjMqxHmAhtL7rlqnV-oJ4WQY09erMxA74d2wySG1rXY2XQSdqxzzPrpOS9_wNL2yMNSlMjVLPHGb8T8zxkcGyYrceYFGrdhSguYtMxjs&sai=AMfl-YQ67GeTYZee5-YamOPx0dboQATb8zpfgDyDyzq3aS6KDOj1O8lugweeEzFq1wyVImpSxXkXdGCsN6DIwJ0x3_JWnLzkjdOwoYJsjlH-J_2BQOdOugHT1Yy6MZMcnHgFjfR0kPsMtWqhhHZR49CN&sig=Cg0ArKJSzIo006gD1OzoEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 4050 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:17:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
14001
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 20:17:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 4050 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 20:17:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
13999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 20:17:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4050 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 00:10:21 GMT
moatad.js
z.moatads.com/nprcw392401/ Frame 4050 		0
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nprcw392401/moatad.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.129.187 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-187.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
date
Fri, 12 May 2023 00:10:21 GMT
last-modified
Thu, 14 May 2020 20:15:16 GMT
server
AmazonS3
x-amz-request-id
1D956EA829CFC743
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
application/x-javascript
cache-control
max-age=56268
accept-ranges
bytes
content-length
0
x-amz-id-2
ewprS67HvkQxeezpAsyX2iTS49GG53KFPLdAHmHX8bkuqq2CV7Bq+KpOqgBx+a4Be9a403PhQkE=
10816416886488531199
tpc.googlesyndication.com/simgad/ Frame 4050 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10816416886488531199
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331687e90da30a4d28e7b211f90de82c06d9b1c2eb5a46b733eb44bf0e8ce3b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 09:00:44 GMT
x-content-type-options
nosniff
age
54577
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126611
x-xss-protection
0
last-modified
Fri, 05 May 2023 19:55:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 10 May 2024 09:00:44 GMT
grumi.js
rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/ Frame 8361 		839 KB
251 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:5a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
387b1c9ab969f54d1665b7268d166fe9fe7d042247290694284e5fb14752fcc2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 23:14:59 GMT
x-amz-version-id
nXs5Dgx9E.cUJIw38iegf3v8hemSz_Ue
content-encoding
br
last-modified
Thu, 11 May 2023 22:54:56 GMT
server
AmazonS3
via
1.1 33529157e9445af08b5b7d15e72166ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
etag
W/"9572321ebc98bbde36f376a36ab42265"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
3323
x-amz-cf-id
JUJfoyWfGKIhhMXZ-RNxYWvII0xY4Z7Tv-3EUMXOyRVubdTPAmWgyQ==
usersync
usersync.gumgum.com/ Frame 402A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1YNN&khaos=LHJSY2GP-1S-LAY
  • https://usersync.gumgum.com/usersync?b=mag&i=LHJSY2GP-1S-LAY&us_privacy=1YNN
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LHJSY2GP-1S-LAY&us_privacy=1YNN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LHJSY2GP-1S-LAY&us_privacy=1YNN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
truncated
/ Frame 4050 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28299f72288d828f81b6ded06da21a4af58766b12b8f79e47807cf1b6c2128b0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 8361 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcSbvUknBHi83dMMGiMXiT9x3_zVootgyhZAZeHHyD9Mu-vnHccXUXNnsPZ2cuM1NO5kw2mkxaLdSVMzhEZ3SvF12Hwq0xuPbtJsW5QebTjtE7nVgvgyYbx4X2BBXisoApCnFztpUznyBgXhdftzCHET1yhjdeoMNgyZ8NNMA7RMxjzcm5D04RqdRpGQiTUWytmyj608fOwfv_4tZAEJcYbI5MM1YQbkRwv1SCV7bvCzk1mCk4vEVbO5fRYmTfs07pEt6qQkQTscSoVq68Im3IRLwJNE10QjxTYhlcSLNzEWv-eq9CGgtQkuLL2q64TlNNukvCpKm_p663&sai=AMfl-YQnJtp7KzHXlZkKn-p8UWiQOwP1YFFhN6Q-fV57dKl0pzffZa65RKLeLfDwHOILLJfHTXoebsyc_2k5fMimf8ceLWC5R1qnlW081UzvUrYWBOtvLZ3dBmtO2r4hKBPL5HgmeXfMj3btXMbl4Lqd&sig=Cg0ArKJSzLrGYqC2LH70EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init
gw.geoedge.be/api/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:b000:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 12 May 2023 00:10:22 GMT
via
1.1 1d4079b9c92abe0dba6581682966e934.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
content-length
0
x-amz-cf-id
iUfm2K-YmDYnet2F_MbXlHe6is3rysYQtoHEHTHSgYlvMhCib8dZnw==
x-cache
Miss from cloudfront
wt
t.pubmatic.com/ 		17 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wt?pubid=162268&purl=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&tst=1683850222&iid=39988468-006d-4d04-ac31-92527bbbdc81&bidid=124ce7063c2fdf&origbidid=124ce7063c2fdf&pid=7835&pdvid=19&slot=ad-backstage-News_Investigations&au=%2F6735%2Fn6735.NPR%2FNews_Investigations&pn=mediafuse&bc=mediafuse&en=0.55&eg=0.55&kgpv=%5E%2F6735%2Fn6735.NPR.*%40.*%40%5E(300x250%7C300x600%7C728x90%7C970x250)&piid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.92 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:22 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.npr.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
rd_log
nym1-ib.adnxs.com/ Frame 8361 		0
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&e=wqT_3QK_Dug_BwAAAwDWAAUBCOyH9qIGEMi-pqevsprDNBgAKjYJXfksz4O76j8RT_y9uWRx4T8ZAAAAoHA9GkAhTw0SACkRJNgxAAAA4FG49j8wg8LBDTjCSkDMFUgCUI-2z8wBWI_HowFgAGiHtscBeOX7BYABAYoBA1VTRJIBAQbgmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgMjIzNTYzMCwgMCk7ARQsaScsIDgyMDQ5MzYsERQsZycsIDIwODQzMzIyFRUAcwEVHDgzOTcwOTM4FRYwcicsIDQyOTEyMDI3MQUW8LySAqkFIUY0TGVDQWpidDlJYUVJLTJ6OHdCR0FBZ2o4ZWpBVEFCT0FCQUFFak1GVkNEd3NFTldBQmdfX19fX3c5b0FIQUJlQUdBQVFHSUFRR1FBUUdZQVFHZ0FRS29BUUt3QVFDNUFRZUpHNTJFdS1vX3dRRUhpUnVkaEx2cVA4a0JBQUFBZ0NaSDZUX1pBUUFBQUFBQUFQQV80QUdJNWZRRDlRRUFBRUJBbUFJQW9BSUV0UUlBQUFBQXZRSUEBLPC2d0FJQnlBSUIwQUlCMkFJQjRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJcU1yQ29RQWhnQ0xRQUFBQUNpQXc0STFLLTRLeEFFR0FFdGRhdVlPcUlERXdqMXQ1c3JFQW9ZQVMwME9Vb19NZ04xYm11aUF3NElpb3lzS2hBTEdBSXRBQUFBQUxvRENVNVpUVEk2TmpFNE11QUR3ai1BQklYYTBBcUlCTDdiMEFxUUJBQ1lCQUxCQkFBAbsFAQR5UQWNCQEITkVFCQkoQ0FHa0RZQkFEeEIJEQUBQGlBV21NSmdGLXBxMGh3R3BCETsUUEFfc1FVBSQFAQhNRUYFCAUBBERKBSgcT0Q1MU9jXzAuKAAETmsVKMg4RF9nQmRPTUJmQUZ1cGI0Q2ZnRjdybUlBWUlHQTFWVFJJZ0dBSkFHQVpnR0FLRUdBQUEFAixDRUNvQmdTeUJpUUoFEQkBAFIJBwUBAFoFBgkBAGgJBwEB8DxDNEJncklCd0RnQndYb0J3RHhCd0FBQUtDWm1ia18tQWVjMVFqNEI1YmRDUGdIbV8wSZoCmQEhYUJLYkJ3Oq0CLElfSG93RWdBQ2dBTTEVVEFoQU9nbE9XVTB5T2pZeE9ESkF3ajkVpQg4RDkdpQBCHaUAQh2lBEJwAasJAQRCeAkIIZ1BaABrNZzwlThEOC7YAgDgAqjCXeoCemh0dHBzOi8vd3d3Lm5wci5vcmcvMjAyMy8wNS8xMS8xMTc0MzQzNjA1L3ZpcmdpbmlhLWhpZC1leGVjdXRpb24tZmlsZXMtZnJvbS10aGUtcHVibGljLWhlcmVzLXdoYXQtdGhleS1kb250LXdhbnQteW91LXRvLXNl8gIRCgZBRFZfSUQSB409HPICEgoGQ1BHARQACJEpARUIBUNQARQECTKRKDzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOEBAKBUlPAWEAB42yAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDoLgu4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIECzk2LjkuMjQ5LjM5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEv9G7IsgEANIEDjI3NjQjTllNMjo2MTgy2gQCCAHgBAHwBI-2z8wBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBcOCCvoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0AaYCtoGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB-X7BdIHDQkRKAEmCNoHBgFddBgA4AcA6gcCCADwB9G38QWKCAIQAJUIAACAP5gIAQ..&s=1de834fbefc2dade57178408a875d30ca14ce5c7&bdref=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se,https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:22 GMT
AN-X-Request-Uuid
e69d33f2-216a-4118-b6f6-d5a1c1221e36
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
96.9.249.39; 96.9.249.39; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
4b389487-5621-4072-9603-9ad7320a84b7.jpg
crcdn01.adnxs-simple.com/creative/p/2764/2023/3/31/45206354/ Frame 8361 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/2764/2023/3/31/45206354/4b389487-5621-4072-9603-9ad7320a84b7.jpg
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
5aeb8e5bfb5613efe674f9376728ae30ec25ed8f7a58e5fbbea328ac1c52fe56

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 00:10:22 GMT
Last-Modified
Fri, 31 Mar 2023 20:58:22 GMT
Server
nginx/1.21.3
x-amz-request-id
cc17feee-2858-4649-a84a-28f85463b488
ETag
"e2e5b7fc8a5151438eca240e0ccab8d4"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Clv-Request-Id
cc17feee-2858-4649-a84a-28f85463b488
Cache-Control
max-age=3888000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56947
X-Clv-S3-Version
2.5
Expires
Mon, 26 Jun 2023 00:10:22 GMT
trk.js
cdn.adnxs.com/v/s/232/ Frame 8361 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires
Thu, 25 Apr 2024 08:42:19 GMT
Date
Fri, 12 May 2023 00:10:21 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1351683
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27631
X-Served-By
cache-lga21975-LGA, cache-yyz4520-YYZ
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
X-Timer
S1683850222.994942,VS0,VE0
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
13, 382601
it
nym1-ib.adnxs.com/ Frame 8361 		0
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.npr.org%252F2023%252F05%252F11%252F1174343605%252Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&e=wqT_3QKoDOgoBgAAAwDWAAUBCOyH9qIGEMi-pqevsprDNBgAKjYJXfksz4O76j8RT_y9uWRx4T8ZAAAAoHA9GkAhTw0SACkRJNgxAAAA4FG49j8wg8LBDTjCSkDMFUgCUI-2z8wBWI_HowFgAGiHtscBeOX7BYABAYoBA1VTRJIBAQbgmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgMjIzNTYzMCwgMCk7ARQsaScsIDgyMDQ5MzYsERQsZycsIDIwODQzMzIyFRUAcwEVHDgzOTcwOTM4FRYwcicsIDQyOTEyMDI3MQUW8LySAqkFIUY0TGVDQWpidDlJYUVJLTJ6OHdCR0FBZ2o4ZWpBVEFCT0FCQUFFak1GVkNEd3NFTldBQmdfX19fX3c5b0FIQUJlQUdBQVFHSUFRR1FBUUdZQVFHZ0FRS29BUUt3QVFDNUFRZUpHNTJFdS1vX3dRRUhpUnVkaEx2cVA4a0JBQUFBZ0NaSDZUX1pBUUFBQUFBQUFQQV80QUdJNWZRRDlRRUFBRUJBbUFJQW9BSUV0UUlBQUFBQXZRSUEBLPC2d0FJQnlBSUIwQUlCMkFJQjRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJcU1yQ29RQWhnQ0xRQUFBQUNpQXc0STFLLTRLeEFFR0FFdGRhdVlPcUlERXdqMXQ1c3JFQW9ZQVMwME9Vb19NZ04xYm11aUF3NElpb3lzS2hBTEdBSXRBQUFBQUxvRENVNVpUVEk2TmpFNE11QUR3ai1BQklYYTBBcUlCTDdiMEFxUUJBQ1lCQUxCQkFBAbsFAQR5UQWNCQEITkVFCQkoQ0FHa0RZQkFEeEIJEQUBQGlBV21NSmdGLXBxMGh3R3BCETsUUEFfc1FVBSQFAQhNRUYFCAUBBERKBSgcT0Q1MU9jXzAuKAAETmsVKMg4RF9nQmRPTUJmQUZ1cGI0Q2ZnRjdybUlBWUlHQTFWVFJJZ0dBSkFHQVpnR0FLRUdBQUEFAixDRUNvQmdTeUJpUUoFEQkBAFIJBwUBAFoFBgkBAGgJBwEB8DxDNEJncklCd0RnQndYb0J3RHhCd0FBQUtDWm1ia18tQWVjMVFqNEI1YmRDUGdIbV8wSZoCmQEhYUJLYkJ3Oq0CLElfSG93RWdBQ2dBTTEVVEFoQU9nbE9XVTB5T2pZeE9ESkF3ajkVpQg4RDkdpQBCHaUAQh2lBEJwAasJAQRCeAkIIZ1BaABrNZz0dQE4RDgu2AIA4AKowl3qAnpodHRwczovL3d3dy5ucHIub3JnLzIwMjMvMDUvMTEvMTE3NDM0MzYwNS92aXJnaW5pYS1oaWQtZXhlY3V0aW9uLWZpbGVzLWZyb20tdGhlLXB1YmxpYy1oZXJlcy13aGF0LXRoZXktZG9udC13YW50LXlvdS10by1zZYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA6C4LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAs5Ni45LjI0OS4zOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABL_RuyLIBADSBA4yNzY0I05ZTTI6NjE4MtoEAggB4AQB8ASPts_MAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBcOCCvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AaYCtoGFgoQAAAAAAAAAAUXAQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfl-wXSBw0JASIBAQEmDNoHBggFCWzgBwDqBwIIAPAH0bfxBYoIAhAAlQgAAIA_mAgB&s=57f2f531b21f4a6210f1fc68c31afa93d49e0f6c
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:22 GMT
AN-X-Request-Uuid
c8eb59fa-8ace-4fbc-9bd8-d09a410f61e3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
96.9.249.39; 96.9.249.39; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame 8361 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=33298606&t=2
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
AN-X-Request-Uuid
321c5c8b-b6c3-4415-abfc-a5afa2975cee
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
96.9.249.39; 96.9.249.39; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8361 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 00:10:21 GMT
moatad.js
z.moatads.com/nprcw392401/ Frame 8361 		0
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nprcw392401/moatad.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.129.187 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-187.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
date
Fri, 12 May 2023 00:10:21 GMT
last-modified
Thu, 14 May 2020 20:15:16 GMT
server
AmazonS3
x-amz-request-id
1D956EA829CFC743
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
application/x-javascript
cache-control
max-age=56268
accept-ranges
bytes
content-length
0
x-amz-id-2
ewprS67HvkQxeezpAsyX2iTS49GG53KFPLdAHmHX8bkuqq2CV7Bq+KpOqgBx+a4Be9a403PhQkE=
async_usersync
ib.adnxs.com/ Frame 8E17 		0
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:21 GMT
AN-X-Request-Uuid
579734ae-2a7f-4593-8345-32995cf79e68
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
96.9.249.39; 96.9.249.39; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4050 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrm4ubJxjFfzg-QNg5UjuOxjFHu8UQc9N4jln3u_-SBf95zxXxszXe6THU5j3e30Q_Ib-b_0cixPoK2oHisFkc72cIF_znbco6td_ygOR8bsT3BrU_a-t7xsjPxBq2MvVq239_FXxfyY4gP9qYEfchiqhsBsvUhjDSOEUQFNtm-xpXmDUzYD0UeOiyG8DZCOyhhLxdowssZvmSq67g_ApjUyOXTHIrY_1elcxbVNAIlSci-bgflfNW--sgJ2SEgvrhRbLWS14zpbKyURbYWTeJf0NF1AEnWpnMvScIKFSNGHE9yEMaxnHIWmKUCTPwuuS4bask5MJD3bc&sai=AMfl-YRdGHS9IoDijxEaNmxxUrobv9zPDAy5T132MbjLN7AS8XgzD2wPN-AKIZzAmdA2vq_6yN8ABHlFjbOjrIC7JVw5mtVMhRzOumsxbPLa8pcEk8a--WN51qaLyoudB09M6c01Mmp3lA7Se2TWjv0U&sig=Cg0ArKJSzEbBQIuHjTtTEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 00:10:22 GMT
setuid
px.ads.linkedin.com/ Frame 402A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1YNN
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHJSY2GP-1S-LAY&us_privacy=1YNN
0
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHJSY2GP-1S-LAY&us_privacy=1YNN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: DB0B0F1D4C774C2495A0F300B017E613 Ref B: NYCEDGE1716 Ref C: 2023-05-12T00:10:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX7c+5Zq/PZH/sKKB4+ww==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHJSY2GP-1S-LAY&us_privacy=1YNN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 402A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNN
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/T3pJGGSSp-m8zMF2ZgOKeQ?csrc=&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-SR3eYsBE2oLbYsQbtOG65QT5JJ.pR0.gx5sg9Q--~A
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-SR3eYsBE2oLbYsQbtOG65QT5JJ.pR0.gx5sg9Q--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
314e432eb2d967cf733b82bdbbe35231
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 12 May 2023 00:10:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-SR3eYsBE2oLbYsQbtOG65QT5JJ.pR0.gx5sg9Q--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 402A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNN
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhKU1kyR1AtMVMtTEFZ&us_privacy=1YNN
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENrKPGfIi6HamciyLyZvmXM&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKU1kyR1AtMVMtTEFZ&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKU1kyR1AtMVMtTEFZ&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhKU1kyR1AtMVMtTEFZ&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 402A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFbOaRtKMYy9Opbw1qB5_nw&google_cver=1
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFbOaRtKMYy9Opbw1qB5_nw&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFbOaRtKMYy9Opbw1qB5_nw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 402A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1YNN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4PS4NNZGSQHQ1KJGFE0G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 402A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YNN
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XuLPysEERwebxGgruR-N3g&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XuLPysEERwebxGgruR-N3g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XuLPysEERwebxGgruR-N3g
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8CW5ZPKYZVVT99SMENQF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XuLPysEERwebxGgruR-N3g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 402A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=&expires=30
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cfe0192b-8a95-4e2e-8976-5e399dc2ca88&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 402A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNN
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTU2YmRjNTUyMWYyYjAxNDIyZGFjNGFkYzk4MjgwYTZiM2E0Mzc2ZA&us_privacy=1YNN
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTU2YmRjNTUyMWYyYjAxNDIyZGFjNGFkYzk4MjgwYTZiM2E0Mzc2ZA&us_privacy=1YNN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTU2YmRjNTUyMWYyYjAxNDIyZGFjNGFkYzk4MjgwYTZiM2E0Mzc2ZA&us_privacy=1YNN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generate_204
tpc.googlesyndication.com/ Frame D0D8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tmXI5w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=12730e07-f09d-4a69-93da-99b43983b663
Requested by
Host: e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
URL: https://e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app/e1cef1f0-495f-4973-ba1c-880786e73a66-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 12 May 2023 00:10:22 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ Frame 8361 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58142e9384fa4fb99620006f5b78d3ca1ea6dc4e7399593030634543875875c3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
vevent
nym1-ib.adnxs.com/ Frame 8361 		0
945 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&e=wqT_3QKoDOgoBgAAAwDWAAUBCOyH9qIGEMi-pqevsprDNBgAKjYJXfksz4O76j8RT_y9uWRx4T8ZAAAAoHA9GkAhTw0SACkRJNgxAAAA4FG49j8wg8LBDTjCSkDMFUgCUI-2z8wBWI_HowFgAGiHtscBeOX7BYABAYoBA1VTRJIBAQbgmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgMjIzNTYzMCwgMCk7ARQsaScsIDgyMDQ5MzYsERQsZycsIDIwODQzMzIyFRUAcwEVHDgzOTcwOTM4FRYwcicsIDQyOTEyMDI3MQUW8LySAqkFIUY0TGVDQWpidDlJYUVJLTJ6OHdCR0FBZ2o4ZWpBVEFCT0FCQUFFak1GVkNEd3NFTldBQmdfX19fX3c5b0FIQUJlQUdBQVFHSUFRR1FBUUdZQVFHZ0FRS29BUUt3QVFDNUFRZUpHNTJFdS1vX3dRRUhpUnVkaEx2cVA4a0JBQUFBZ0NaSDZUX1pBUUFBQUFBQUFQQV80QUdJNWZRRDlRRUFBRUJBbUFJQW9BSUV0UUlBQUFBQXZRSUEBLPC2d0FJQnlBSUIwQUlCMkFJQjRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJcU1yQ29RQWhnQ0xRQUFBQUNpQXc0STFLLTRLeEFFR0FFdGRhdVlPcUlERXdqMXQ1c3JFQW9ZQVMwME9Vb19NZ04xYm11aUF3NElpb3lzS2hBTEdBSXRBQUFBQUxvRENVNVpUVEk2TmpFNE11QUR3ai1BQklYYTBBcUlCTDdiMEFxUUJBQ1lCQUxCQkFBAbsFAQR5UQWNCQEITkVFCQkoQ0FHa0RZQkFEeEIJEQUBQGlBV21NSmdGLXBxMGh3R3BCETsUUEFfc1FVBSQFAQhNRUYFCAUBBERKBSgcT0Q1MU9jXzAuKAAETmsVKMg4RF9nQmRPTUJmQUZ1cGI0Q2ZnRjdybUlBWUlHQTFWVFJJZ0dBSkFHQVpnR0FLRUdBQUEFAixDRUNvQmdTeUJpUUoFEQkBAFIJBwUBAFoFBgkBAGgJBwEB8DxDNEJncklCd0RnQndYb0J3RHhCd0FBQUtDWm1ia18tQWVjMVFqNEI1YmRDUGdIbV8wSZoCmQEhYUJLYkJ3Oq0CLElfSG93RWdBQ2dBTTEVVEFoQU9nbE9XVTB5T2pZeE9ESkF3ajkVpQg4RDkdpQBCHaUAQh2lBEJwAasJAQRCeAkIIZ1BaABrNZz0dQE4RDgu2AIA4AKowl3qAnpodHRwczovL3d3dy5ucHIub3JnLzIwMjMvMDUvMTEvMTE3NDM0MzYwNS92aXJnaW5pYS1oaWQtZXhlY3V0aW9uLWZpbGVzLWZyb20tdGhlLXB1YmxpYy1oZXJlcy13aGF0LXRoZXktZG9udC13YW50LXlvdS10by1zZYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA6C4LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAs5Ni45LjI0OS4zOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABL_RuyLIBADSBA4yNzY0I05ZTTI6NjE4MtoEAggB4AQB8ASPts_MAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBcOCCvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AaYCtoGFgoQAAAAAAAAAAUXAQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfl-wXSBw0JASIBAQEmDNoHBggFCWzgBwDqBwIIAPAH0bfxBYoIAhAAlQgAAIA_mAgB&s=57f2f531b21f4a6210f1fc68c31afa93d49e0f6c&type=nv&nvt=5&jm=1003&px=269&py=2011&bw=728&bh=90&sid=4010583911478203212&vd=ct~0|rr~0&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28336387&sw=1600&sh=1200&pw=1600&ph=10540&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:22 GMT
AN-X-Request-Uuid
de8a21c4-d5c4-4cea-b4f4-0ee9b068ff7a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.npr.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
96.9.249.39; 96.9.249.39; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8361 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGKWFfax_jFpI8f7BWQM8yJ6cevENr1ZLH42bVoNGKRYA618jlNRrDNQT-0KRDbjqPjcq88izekiZ7hhd4mrRk-Vtz59xjx7zVhOX4sy_kKra54aeQFNUaCJ_Ki80blr8LPG-MPNUwrCnT92uAzCrnEa1AOCzZOBwtYyWjWy5WOkCceYTKp2UMvD16DqJnZVeiu6ETyglaZSEe2mUZ_lkdQfmFcizQg_GDckyh7fi_YGWnhFfK9PSg11usG10n6UMnzRT6U29hZBQVRkBkN4nWx5Mmp3RjXR16rJd3yfZP7a2-3i40gemWOLUOLpfHdvmfZibnDuMNslDiYzs&sai=AMfl-YS9o4EH9GSb-2E186ij_hv-an-sHKehja5CKPgmQ1PKbA2qrXzcAU5BrS2hqdmzv1n_im2Vmv_2S5dx8u9U3u2kR07_QcGMrPcrpbD57J6zzkcuhPmmrQsCCyFFODBalfVB_VCVRlE2_vez4oYe&sig=Cg0ArKJSzB905Q7Q4htREAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 00:10:22 GMT
truncated
/ Frame 8361 		374 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7c26fcb00fc4f21f1fef7c31d7b2eb0566a15a8178bc570fe125dcb3f441b06

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
popup.html
rumcdn.geoedge.be/rbu/ 		40 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/rbu/popup.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:5a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c49dfa0ae8e2171953d6b2d8b20754dbcda8304c48a360239ed74d3780c4b3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 23:14:58 GMT
x-amz-version-id
wkUkGXEt4NivAGaLbTPFPanfdqFPV76d
content-encoding
br
via
1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
3325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Apr 2023 10:46:48 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1682592407/ctime:1682592407/gid:497/gname:jenkins/md5:df26962aa6f2be2f54ccdb7a04136d92/mode:33188/mtime:1682592407/uid:498/uname:jenkins
etag
W/"df26962aa6f2be2f54ccdb7a04136d92"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
x-amz-cf-id
MmuPZLNbm0_Mg4fXaU_DPXRoc4MhlD1L3cEOSYGCB3sVdzR7WidJ2Q==
css2
fonts.googleapis.com/ 		7 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 May 2023 00:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 22:40:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 May 2023 00:10:22 GMT
truncated
/ 		665 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d103df41045bc8e9538ed05d79fdd7750af623fa8dd55fdc3b74d90d6ba20a0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52c854815f543b120f9314bf012a95ff9902edef46b232928855005edd9cf67c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.npr.org%2F&domain=www.npr.org&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.npr.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.npr.org
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 12 May 2023 00:10:22 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
603146
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a000034M61LAAS&gdpr=0&src=pbjs&ver=6.29.3
  • https://lexicon.33across.com/v1/envelope?pid=0015a000034M61LAAS&gdpr=0&src=pbjs&ver=6.29.3&b=1&g=IMaKFfiO8EMPZh95tzTOzpmW%2FvOTTktbf6fHHwgcE9Y%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a000034M61LAAS&gdpr=0&src=pbjs&ver=6.29.3&b=1&g=IMaKFfiO8EMPZh95tzTOzpmW%2FvOTTktbf6fHHwgcE9Y%3D
Protocol
H2
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:22 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.npr.org
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 12 May 2023 00:10:22 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.npr.org
location
https://lexicon.33across.com/v1/envelope?pid=0015a000034M61LAAS&gdpr=0&src=pbjs&ver=6.29.3&b=1&g=IMaKFfiO8EMPZh95tzTOzpmW%2FvOTTktbf6fHHwgcE9Y%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.npr.org%2F&domain=www.npr.org&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=rMKLTHxuMGZ6dkJuRjVpdDlxUEhxdDhtOGE4bjZVcHlsYXBGVlFaVDZPb000Q016bkZ6TFJsSU0zRkpCWGtiY1poc0ZCeWI0T01LZWhXTEFoODEwZk9vN28zWmVTYjQ3cUd3SXU0QzNETTlDaUk0bEd4a2tpMU9VQzRTM3...
330 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=rMKLTHxuMGZ6dkJuRjVpdDlxUEhxdDhtOGE4bjZVcHlsYXBGVlFaVDZPb000Q016bkZ6TFJsSU0zRkpCWGtiY1poc0ZCeWI0T01LZWhXTEFoODEwZk9vN28zWmVTYjQ3cUd3SXU0QzNETTlDaUk0bEd4a2tpMU9VQzRTM3A0Mng5ZUZWM0JVaXhPNWV4cnhiVjgzRSs2TmlidTVYbFE1MDVVT3FPYng0LzBVSy9HVFRYSGNmdHhabzR1akFhRExuUFBMVUp2SHRxekR4OThnRUdtQTJ5YVk1WGVQekpINXgwVjd6Y0tBRWtDZnhjWjAwPXw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a59967f9b40a2e697a54edebefa0450bab8eeec4aa0648df01adc04d256bf561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1894347
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=rMKLTHxuMGZ6dkJuRjVpdDlxUEhxdDhtOGE4bjZVcHlsYXBGVlFaVDZPb000Q016bkZ6TFJsSU0zRkpCWGtiY1poc0ZCeWI0T01LZWhXTEFoODEwZk9vN28zWmVTYjQ3cUd3SXU0QzNETTlDaUk0bEd4a2tpMU9VQzRTM3A0Mng5ZUZWM0JVaXhPNWV4cnhiVjgzRSs2TmlidTVYbFE1MDVVT3FPYng0LzBVSy9HVFRYSGNmdHhabzR1akFhRExuUFBMVUp2SHRxekR4OThnRUdtQTJ5YVk1WGVQekpINXgwVjd6Y0tBRWtDZnhjWjAwPXw&cppv=2
access-control-allow-origin
https://www.npr.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
616120
content-length
0
expires
0
429.json
id5-sync.com/g/v2/ 		600 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/429.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
bb7a965c3a7853ffa5f13e2e41ec77dfb9ac1cc622bb77c4d2ae837c880be9cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 May 2023 00:10:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.npr.org
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		75 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.249.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-249-254.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab678723774de69e40877f127ac1092ff893e2e0dd8cf750d70202d4755f5f12

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:22 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.npr.org
cache-control
no-cache
x-server
10.40.34.242
access-control-allow-credentials
true
content-length
75
expires
0
rid
match.adsrvr.org/track/ 		108 B
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
03f0805031f46b94777bb6dfa47f7ced2742fcd4829b8f2599113ea031eabd13

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 May 2023 00:10:22 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.npr.org
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 11 Jun 2023 00:10:22 GMT
wl
t.pubmatic.com/ 		17 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=162268
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.92 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:22 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.npr.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305090101&jk=4075704308911906&bg=!jY6ljtrNAAYldGN0BXQ7ADkAdvg8Wr7sDSRGeiJpNLypiWoQjgcMuFUgropZ2EKOthWjK_yqxqMU3p7NRAnSzcHNizKTz1KIxRoCAAAB4lIAAAACaAEHCgDStwmZBpSsNV7OBzgvd73H_eCHkQnwDPYsxs031gltNJnT4cBA1EQq4DlSN_ZEtFvdNNLkD2LdcvPgSzBOsrR3yZUhQhBvPYSnI_gHM69or4stujRDnzVJKZ9dj4e8496HUNWrHaKtpfBL5zkoJPgtldqA_Jr4bD4ySa7sszr7ldRJWVJl76xgz8h23OBmRzsis1rFvEitgpNVx2dMIMdrDbfoaFF1PEnjHm6V78XH5qGvznWA6pRjmUSfsamqQQW9Xr7tsTS64WBTuC7aol1P_MZ6mQKcX4svDiXxPbBycCoUIych9m3ILenyWu7d0UDcnUz3isrK5JjQ2aUoCmV0oN1f0OpFSXBYLejlB9RxkROIKVmu0gNX9z4zz6Clh20nakkmliU4H3oowB_0eEsh1PlVhlJPFxQELB0Zr2bmvspvIFk53ZjtN08ZveNOzxydlqPtE_cBD8_5c8dCdagvALwh-KOyU2hjLT9WhOuven5IpjNc0t2gk7c_80nsmPsMAmMGjDIrDsVYk8lkbBOveH1gMEiNJ1VYtTw0qXY6X4KDY9wkFKpo1b3lrTL6Yq3vEVIcdr9rY3D9aFOfM8-D58jqVKfPGmMo98yaJscAxb-4CFdu5CqF35OcmxLkz4YAufRN2uiXy3tzSvULpgGPgs_abLv1Lqbs9fpmvXlK2COq4uQES-t5um8diCWWAtdsiuDtDqWazgyTKlcnveXdht1hu5EuedFUASRzssc2NPIpGyoJNbu9jMs7gnXjZzrw-JMRuk_N2USvwIBNVq8EvURQPqem4HGXNApFU830uPrdYB5wcmy2Qn4uXzCCraUQl4vLpJ8DixRjs3LdIZh5nIc3gmIh6ohCm-6HTOOvo8vWxsxYqAFdk_YEer7p2rnkN5IwNFhCXYabi08Gse6z32JFXOfRaHe14r-rlaOceicu1FTJVdSLX4n72mKPj0Fdst_hDNK8dxykYqPeeZqYhMopTJJLq2ja87K7Fal1K4SPgBNR87VBs_vPXXPdrJY254nSgLjH-4lEgpZkI00NpSqVfrbToUyalX_195XSeInQjMmTllAMO0zIVsAtm6f5Wo29es3Tf-HSTmlhTdekRJpSyxNXcaTC9xFAp2CpBbSChYz_ZTXEfkVAUTgUyKSurjtdLgamsc2r9Rk5KVlFcD0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=rMKLTHxuMGZ6dkJuRjVpdDlxUEhxdDhtOGE4bjZVcHlsYXBGVlFaVDZPb000Q016bkZ6TFJsSU0zRkpCWGtiY1poc0ZCeWI0T01LZWhXTEFoODEwZk9vN28zWmVTYjQ3cUd3SXU0QzNETTlDaUk0bEd4a2tpMU9VQzRTM3A0Mng5ZUZWM0JVaXhPNWV4cnhiVjgzRSs2TmlidTVYbFE1MDVVT3FPYng0LzBVSy9HVFRYSGNmdHhabzR1akFhRExuUFBMVUp2SHRxekR4OThnRUdtQTJ5YVk1WGVQekpINXgwVjd6Y0tBRWtDZnhjWjAwPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 12 May 2023 00:10:22 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
456070
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 4050 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRl6PNEk_Xspm132WMND54zAOAgCoZNrDW3dm7-KMc5TrpefbjurULIj9COu_VQDDQ2uhJYGMBXUT0Lva-0CBzaaLNRSinXQEPhqfKJnVIgAUPO49a&sig=Cg0ArKJSzMl5llHo1zOtEAE&id=lidar2&mcvt=1001&p=168,1133,768,1433&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=757683764&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683850221764&rpt=229&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame E34C 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162268&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=12730e07-f09d-4a69-93da-99b43983b663
Requested by
Host: e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
URL: https://e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app/e1cef1f0-495f-4973-ba1c-880786e73a66-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
0cbc21cc443b6442605b72eada218eaab2f2d75461daf082a6c95e1ec3a39ce7

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 May 2023 00:10:23 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.npr.org
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		64 B
399 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=9ENxKQ58pu&tbc=%7Bkpex%7DPuQo1JLhkZ0W2G4gez9YNBnfP5_JRAplBwRT5NFlu3mg8Hoq5HfmETc3Me5lzgiD&user_provider=piano_id_lite&user_token=&callApiJsonp=true&callback=jsonp9491
Requested by
Host: cdn.piano.io
URL: https://cdn.piano.io/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20f6b512a3e6cb09c6ae329b9f44a5a8a5a4c2be8ef8f52d79a4fddc062825c9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:23 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
MISS
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mb5riur4MrE
wn
prod-dash-10-0-124-225
last-modified
Fri, 12 May 2023 00:10:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-time
0.003
cache-control
public, max-age=86400
cf-ray
7c5e7039a9acd15b-BUF
expires
Sat, 13 May 2023 00:10:23 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D7E0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31608721&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
227128c533d5b0e5270fbf245535cd2e1e6743c0eb9186297b194756a94f516a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 12 May 2023 00:10:22 GMT
content-length
1713
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 2661
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCUEEwN0l1d2dBQUNGVm1vd0x0QQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABPA07IuwgAACFVmowLtA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABPA07IuwgAACFVmowLtA&pid=558502&do=add&gd...
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABPA07IuwgAACFVmowLtA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_syn...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABPA07IuwgAACFVmowLtA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=8500728873333680786&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABPA07IuwgAACFVmowLtA&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABPA07IuwgAACFVmowLtA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:06:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 12 May 2023 00:10:25 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABPA07IuwgAACFVmowLtA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame E55E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bb75645d-83ed-4500-8bc7-011a248e5d45&gdpr=0&gdpr_consent=
42 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bb75645d-83ed-4500-8bc7-011a248e5d45&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:10:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 12 May 2023 00:10:24 GMT
Expires
Fri, 12 May 2023 00:10:23 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master ord-pixel-x57 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bb75645d-83ed-4500-8bc7-011a248e5d45&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame A463
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=64354240-f059-11ed-9a84-e9c9e824e41f
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=64354240-f059-11ed-9a84-e9c9e824e41f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:10:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Fri, 12 May 2023 00:10:24 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=64354240-f059-11ed-9a84-e9c9e824e41f
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-8
Pug
simage2.pubmatic.com/AdServer/ Frame 7F6E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5585051093897204759&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5585051093897204759&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:10:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
84a4395d-26bd-4c13-97d6-ed752d5eb6d1
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 12 May 2023 00:10:24 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5585051093897204759&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
96.9.249.39; 96.9.249.39; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame D4E2 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID03F1BCA6-29A9-42C8-8233-80D59BD77E9D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 12 May 2023 00:10:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SPYNVW878RNAV5ZCD6C2
sd
us-u.openx.net/w/1.0/ Frame D7E0 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame D7E0 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.233.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-233-243.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 00:10:24 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame D7E0 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.161.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-161-130.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 12 May 2023 00:10:23 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame D7E0 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.86.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-86-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 00:10:24 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
645c2770-f059-11ed-a440-023a4874ecab
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-03cd3739fb45e33c7
Pug
simage2.pubmatic.com/AdServer/ Frame D7E0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=38da2c82-a184-4f05-ba5c-0b96ac861902&gdpr=0&gdpr_consent=
1 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=38da2c82-a184-4f05-ba5c-0b96ac861902&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 12 May 2023 00:10:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=38da2c82-a184-4f05-ba5c-0b96ac861902&gdpr=0&gdpr_consent=
Date
Fri, 12 May 2023 00:10:24 GMT
Connection
keep-alive
X-CI-RTID
f56ae0d3-0305-407f-99a5-873a357d33c3
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame D7E0
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=37ca4854493113ee&is_secure=true&networkId=17100&version=1&nuid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHYVuvaU_-tQM18iIfAAAAAAA&expiration=1683936624&nuid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&...
42 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHYVuvaU_-tQM18iIfAAAAAAA&expiration=1683936624&nuid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:10:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:24 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHYVuvaU_-tQM18iIfAAAAAAA&expiration=1683936624&nuid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame E2BF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41359339&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
12e0ccb3881593e593d94d70b81b9794b15d0f6c329b0b00df9de7764a932f64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 12 May 2023 00:10:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame F227
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WJCDGlaX0xpDkYQdW52bRlmX0kxDxoMfCMebNgaO
42 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WJCDGlaX0xpDkYQdW52bRlmX0kxDxoMfCMebNgaO
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:10:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 12 May 2023 00:10:24 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WJCDGlaX0xpDkYQdW52bRlmX0kxDxoMfCMebNgaO
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
image2.pubmatic.com/AdServer/ Frame EEAF
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_9f53e7dca3a940a1a1cfb
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_9f53e7dca3a940a1a1cfb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:10:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Fri, 12 May 2023 00:10:24 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_9f53e7dca3a940a1a1cfb
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
usersync.aspx
dis.criteo.com/dis/ Frame C377 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 00:10:24 GMT
expires
Fri, 12 May 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
406086
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8684
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0FrJhKvE1PXgmA5&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0FrJhKvE1PXgmA5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:10:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 12 May 2023 00:10:24 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0FrJhKvE1PXgmA5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-036ce2552879161b4@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 3C8C
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
42 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:10:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 12 May 2023 00:10:22 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame 5A03 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=03F1BCA6-29A9-42C8-8233-80D59BD77E9D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 May 2023 00:10:24 GMT
Expires
0
Pragma
no-cache
db_sync
px.ads.linkedin.com/ Frame E2BF
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
  • https://idsync.rlcdn.com/1000.gif?memo=CPy7KxIwCiwIARCFpQoaJDAzRjFCQ0E2LTI5QTktNDJDOC04MjMzLTgwRDU5QkQ3N0U5RBAAGg0I8If2ogYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=dfe086b87c0d1e4576aa02effaed472f715963c3759ace4a6497733c23942869791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=dfe086b87c0d1e4576aa02effaed472f715963c3759ace4a6497733c23942869791426b5417dce21&rand=05453285
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=dfe086b87c0d1e4576aa02effaed472f715963c3759ace4a6497733c23942869791426b5417dce21&rand=05453285&expected_cookie=94d66d61-6361-4bfc-b6fb-3f79399310db
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=dfe086b87c0d1e4576aa02effaed472f715963c3759ace4a6497733c23942869791426b5417dce21&rand=05453285&expected_cookie=94d66d61-6361-4bfc-b6fb-3f79399310db
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:24 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A7562B7693854B33956DED264EF7B08E Ref B: NYCEDGE1716 Ref C: 2023-05-12T00:10:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX7c+6Blp09QUJN3AHQ/w==

Redirect headers

date
Fri, 12 May 2023 00:10:24 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B809E6D0F8F84991817777818389FE95 Ref B: NYCEDGE1716 Ref C: 2023-05-12T00:10:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
/db_sync?pid=10339&puuid=dfe086b87c0d1e4576aa02effaed472f715963c3759ace4a6497733c23942869791426b5417dce21&rand=05453285&expected_cookie=94d66d61-6361-4bfc-b6fb-3f79399310db
x-li-proto
http/2
content-length
0
x-li-uuid
AAX7c+6AHKuokguw1LOn8g==
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D/gdpr=0/ Frame E2BF 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=03F1BCA6-29A9-42C8-8233-80D59BD77E9D/gdpr=0/gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.54.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-54-87.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.5.239
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame E2BF 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:24 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
/
bpi.rtactivate.com/tag/ Frame E2BF 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=03F1BCA6-29A9-42C8-8233-80D59BD77E9D&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.243.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-243-74.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:24 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame E2BF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=d58e1f47-673d-43c0-9eb5-3d3092a2f42c&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=d58e1f47-673d-43c0-9eb5-3d3092a2f42c&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=debaf0e6-4083-41dd-9a65-90fbca33492d&ssp=pubmatic&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d58e1f47-673d-43c0-9eb5-3d3092a2f42c&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d58e1f47-673d-43c0-9eb5-3d3092a2f42c&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 12 May 2023 00:10:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d58e1f47-673d-43c0-9eb5-3d3092a2f42c&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 12 May 2023 00:10:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame E2BF
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=6c792d18-465e-4d16-97e8-9a0002930b3c-645d83f0-5553&gdpr=0&gdpr_consent=
42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=6c792d18-465e-4d16-97e8-9a0002930b3c-645d83f0-5553&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:10:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:23 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=6c792d18-465e-4d16-97e8-9a0002930b3c-645d83f0-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame E2BF
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_102876CBD_8D98B488&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
38.98.69.175 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-366854976; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 12 May 2023 00:10:23 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-366854976; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Fri, 12 May 2023 00:10:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame E2BF 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.4.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-4-30.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:24 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E2BF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6620998075383522498
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6620998075383522498
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_pm-db5_n-simpli.fi&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 00:10:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 00:10:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6620998075383522498
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
SPug
simage4.pubmatic.com/AdServer/ Frame D7E0 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:10:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame E2BF 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:06:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=12730e07-f09d-4a69-93da-99b43983b663
Requested by
Host: e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
URL: https://e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app/e1cef1f0-495f-4973-ba1c-880786e73a66-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
a295737c5622418a54c822f6e08c3c21d01b08a5654da76e65ceab62e9e7d28f

Request headers

Referer
https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 May 2023 00:10:27 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.npr.org
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 boolean| credentialless object| OneTrustStub function| OptanonWrapper function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| apstag object| permutive object| dataLayer number| _sf_startpt object| NPR object| Modernizr object| html5 string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| SVGLoader object| webpackJsonp function| _ object| pdl object| tp string| BOOMR_API_key object| BOOMR object| __otccpaooLocation object| Optanon object| OneTrust function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG object| googletag boolean| apstagLOADED object| apscustom object| _aps object| google_tag_manager object| google_tag_data object| webpackChunkStripeJSouter function| noop function| Stripe function| setNptTechAdblockerCookie object| script boolean| NPR_OptanonWrapper function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq object| optimizely number| startTime number| duration object| BlockAdBlock object| blockAdBlock object| _bmrEvents number| BOOMR_onload object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| jQuery function| $ function| Waypoint function| Mousetrap object| MobileNative object| webpackJsonpjwplayer function| jwplayer function| Swipe function| SwipeIE object| PWT string| GoogleAnalyticsObject function| ga object| grumi function| ___tp string| waypointContextKey object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key object| msgData object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| ggeac object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData function| fbq function| _fbq object| _sf_async_config function| pdst undefined| google_measure_js_timing object| headertag object| recaptcha object| PianoESPConfig object| cX function| cxCCE_callQueueExecute object| cxTest function| snaptr object| r string| TiktokAnalyticsObject object| ttq object| ari object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| ttd_dom_ready function| TTDUniversalPixelApi object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| slotElement undefined| cXJsonpCB1 object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| GoogleGcLKhOms number| lnt_z function| rbuPopUp object| google_image_requests

197 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
.npr.org/ Name: ak_bmsc
Value: B59D5DB57D8EF8E49FEB1404118A5F1E~000000000000000000000000000000~YAAQi2dNaNP8FASIAQAAoUhLDRPSZRmC5Ezc++G5yCh2khxKb/84EgOl/uIlOYTkWZWQ3j4W97N89sNx3//koMtiWZDqeLbopiK4Yq0p+fZF4KVKZDyNbVczcglKDnxnzvK7mgIFFBFfJpuuvdLMfLLbL8IiTldyG1pGWs9BEMx78tustZKhSxyszw+CPwaP+pm0qrkgiJItbbKJQmStQxzHYT77FpWmEOOw2mXT4xpvsbTZmuDp925UUVnoib6+X4zG4IZkdcHR/kFvfPICqgc+BOkeyERm0XsgQ3YHi7TJZfCbw6wGt2bO8eAXeAvjKkMtQbQKmajum3k2iwm0N7XRSYfIYoYVUBqCtskkMSdCGni4y/tAcT0d37ypf8Y4tvG+Auf3psVYpcmLEw==
.piano.io/ Name: __cf_bm
Value: rLfD7nZp5Ooem1Vwd.7yhHtiFz65vjs6Jxfv0BVh2ho-1683850218-0-AX25Kc6qHgeU0NpcUNANbRWyl6NLKIWwkpwuyUfgJez5Y8mVrzocAK50SryihXaVWaLvRbLLfuRknylnrFXE/HM=
www.npr.org/ Name: usprivacy
Value: 1YNN
.npr.org/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Fri+May+12+2023+00%3A10%3A18+GMT%2B0000+(GMT)&version=6.39.0&hosts=&consentId=b8ea3005-aff3-4d58-8df9-da347f92ce96&interactionCount=0&landingPath=https%3A%2F%2Fwww.npr.org%2F2023%2F05%2F11%2F1174343605%2Fvirginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se&groups=C0001%3A1%2CBG30%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.npr.org/ Name: optimizelyEndUserId
Value: oeu1683850219022r0.511812068967398
.www.npr.org/ Name: RT
Value: "z=1&dm=www.npr.org&si=112438a7-6981-46eb-b2c8-913b4cb766e7&ss=lhjsxyp0&sl=1&tt=1x8&bcn=%2F%2F68794905.akstat.io%2F&ld=1xb"
www.npr.org/ Name: __adblocker
Value: false
.npr.org/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIBYB2AZgAYATFwECArAE4AHFw4dxPAIwiQAXyA
.npr.org/ Name: _pprv
Value: eyJjb25zZW50Ijp7IjAiOnsibW9kZSI6Im9wdC1pbiJ9LCIxIjp7Im1vZGUiOiJvcHQtaW4ifSwiMiI6eyJtb2RlIjoib3B0LWluIn0sIjMiOnsibW9kZSI6Im9wdC1pbiJ9LCI0Ijp7Im1vZGUiOiJvcHQtaW4ifSwiNSI6eyJtb2RlIjoib3B0LWluIn0sIjYiOnsibW9kZSI6Im9wdC1pbiJ9LCI3Ijp7Im1vZGUiOiJvcHQtaW4ifX19
.imrworldwide.com/ Name: IMRID
Value: 61bee750-f059-11ed-89ca-93bd74f961d6
www.npr.org/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.npr.org/ Name: _pubcid
Value: 2a020d0f-aadd-4ebb-a371-0fb702e00f12
m.stripe.com/ Name: m
Value: 1e83bf00-8ba1-43eb-9bd2-03197d1e8e795aef2e
.www.npr.org/ Name: __stripe_mid
Value: 087ff55d-af9e-4650-a6fe-31b2953955f041392b
.www.npr.org/ Name: __stripe_sid
Value: b9dc42ee-2249-404c-a8e7-3d1d6660c7d43a8b83
.npr.org/ Name: _gid
Value: GA1.2.1632309654.1683850220
.npr.org/ Name: _pcid
Value: %7B%22browserId%22%3A%22lhjsy0ysu886rxu0%22%7D
.npr.org/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
www.npr.org/ Name: __pnahc
Value: 0
.npr.org/ Name: bm_sv
Value: 6467E7E24009AA80186B6B9ABD5048C5~YAAQi2dNaPv8FASIAQAA0FNLDRMNBV6a8YmDEg+5H/BAS5X1Ey+iQTOKIkDoOGSApkq2diS8CkGg142rjMniSBLYOObUUfXST/RLKIrFJZzx6mB63/fl9ko7UKr/tzjPDJNSN12xzS5KP6L46nMZuEFL4uSqgxmiA4iIeNdGoF1qRvGhiihoss63lIga6pmtvlIHrzNwLnXX0ijwptFeYNVqhFmEQ2/EnaRcJeqi+NPa49lyB7S5IZKuW7JK~1
.npr.org/ Name: _gat
Value: 1
.npr.org/ Name: __tbc
Value: %7Bkpex%7DPuQo1JLhkZ0W2G4gez9YNBnfP5_JRAplBwRT5NFlu3mg8Hoq5HfmETc3Me5lzgiD
.npr.org/ Name: __pat
Value: -14400000
.npr.org/ Name: __pvi
Value: eyJpZCI6InYtbGhqc3kwejEydDN4eDBhdSIsImRvbWFpbiI6Ii5ucHIub3JnIiwidGltZSI6MTY4Mzg1MDIyMDYxNH0%3D
.npr.org/ Name: xbc
Value: %7Bkpex%7DFyIEWFPnH2-kcilzdhaXP1MVdpkk-8TivOJuKOhCgC5bKM1KP1KXYRBLEPq-u_MMT48lAn-jXaiLh85vdGygbgzH38-aLhEsnceKicxd1LB_TvFr4MWXcPO_UVioa9iN4S2rf-E_Z1YUuCoFOtu4pQ2IcwUgKIl8BNU-Se5Y_BSoj4ZiDUOZHr2OtUbPnvSMX-xgo98A5a1tX6C5EOAptibEHM3mFXHIbyZpnqppKRkLsU5_nvru5jshGTlMpYvs2k1e2ji5Ilg_PdJmHZoigw
www.npr.org/ Name: __pdst
Value: 04204ad91f7b4bdb96d4e00d6ffe4060
.amazon-adsystem.com/ Name: ad-id
Value: AzA5EaGWfkk5gZkwWMk898Q
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.scorecardresearch.com/ Name: UID
Value: 163143da09daaa24bf3b0571683850220
.npr.org/ Name: permutive-id
Value: 8cd2b093-fce0-4c79-baea-c1eeff2b3385
.adnxs.com/ Name: icu
Value: ChkIlOuIARAKGAEgASgBMOyH9qIGOAFAAUgBEOyH9qIGGAA.
.adnxs.com/ Name: uuid2
Value: 5585051093897204759
.npr.org/ Name: _ga_XK44GJHVBE
Value: GS1.1.1683850220.1.0.1683850220.60.0.0
.npr.org/ Name: _ga
Value: GA1.1.1792873626.1683850220
.npr.org/ Name: _gcl_au
Value: 1.1.2061569230.1683850221
.npr.org/ Name: _cb
Value: BnG_7LCtbKASDeq5BL
.npr.org/ Name: _chartbeat2
Value: .1683850220839.1683850220839.1.DdoY38B9e07pBEWGH-B6ZDRrBuwZ53.1
.npr.org/ Name: _cb_svref
Value: null
.e1cef1f0-495f-4973-ba1c-880786e73a66.prmutv.co/ Name: pxid
Value: b425ef7c-584a-4505-bbad-8c9afc7e4b25
.npr.org/ Name: cX_P
Value: lhjsy0ysu886rxu0
.npr.org/ Name: _fbp
Value: fb.1.1683850220978.218158831
.npr.org/ Name: _scid
Value: fb705c50-c0f1-4ada-a319-18b868960b96
.npr.org/ Name: _scid_r
Value: fb705c50-c0f1-4ada-a319-18b868960b96
.casalemedia.com/ Name: CMPS
Value: 074
.casalemedia.com/ Name: CMPRO
Value: 074
.simpli.fi/ Name: suid
Value: CB5033A211F645E781D9BE26BE718709
.tiktok.com/ Name: _ttp
Value: 2PfZi8C8CjVwMhvFgqcwe2wFO5E
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 03F1BCA6-29A9-42C8-8233-80D59BD77E9D
.gumgum.com/ Name: vst
Value: u_1488d12f-431d-446d-8c7c-76352bf75401
.casalemedia.com/ Name: CMID
Value: ZF2D7ZSUASbTp5SQYa1uOwAA
.csync.loopme.me/ Name: viewer_token
Value: 4ef20b62-6512-4e08-bb4e-dc21f482c3a4
.tapad.com/ Name: TapAd_TS
Value: 1683850221285
.tapad.com/ Name: TapAd_DID
Value: eb740e63-58b5-4b30-a391-d996413c50ea
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjQ3MDY0MTO2NDU2NjIzNzUwEeIz1A3x8w_O9Cn1jwow8QUAeL--jCQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFsYWpgZGRobGgIAPpNpGMQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjQ3MDY0MTO2NDU2NjIzNzUwEeIz1A3x8w_O9Cn1jwow8QUAeL--jCQAAAA
.npr.org/ Name: _tt_enable_cookie
Value: 1
.contextweb.com/ Name: V
Value: SLUa04RHlEfB
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: dcf07822d15f7de8
.mathtag.com/ Name: uuid
Value: bb75645d-83ed-4500-8bc7-011a248e5d45
.technoratimedia.com/ Name: tads_uidp_44
Value: LHJGZ0BI-13-ARS0
.technoratimedia.com/ Name: tads_uidp_77
Value: kjLjfC3DALRnff5mZTovruoNNs2NVGu5YfYRygo__Yk
.technoratimedia.com/ Name: tads_uidp_88
Value: 3502820358521618799776
.technoratimedia.com/ Name: tads_uidp_45
Value: 2605819C-6965-4598-9FBD-F37893A8F011
.technoratimedia.com/ Name: tads_uidp_46
Value: 5476913674570917224
.technoratimedia.com/ Name: tads_uidp_79
Value: a57c2d5b-b612-4b16-8c61-35b48f898750
.technoratimedia.com/ Name: tads_uidp_48
Value: f78dead7-dfc8-4fc8-a683-52caaff4fe6d
.technoratimedia.com/ Name: tads_uidp_37
Value: 87b7619c-4a23-30e2-bd0b-c1136fc7e487
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAMsEVoh5O13QMaXuOdAAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: 2de7239a-d05a-4f0d-8271-50c8b79fac7d
.technoratimedia.com/ Name: tads_uidp_80
Value: y-8rFubhhE2uE8hrpIf.YzJf_E_VlhcJoT~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZF01Xpzh9Y0EeHy5TG.41QAA&3876
.technoratimedia.com/ Name: tads_uidp_50
Value: 6bd9c1fc-e988-4fc9-adbd-d901693837f5
.technoratimedia.com/ Name: tads_uidp_61
Value: 212160540752716
.technoratimedia.com/ Name: tads_uidp_62
Value: 3268317106573330000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: ftH-bdThBVid8SF9FwF1UW_qc8eVIqjl
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-b98db577-8fef-481c-8f68-8eb1f7cc22f0-005
.technoratimedia.com/ Name: tads_uid
Value: 4D3C4260A3D4496388DD53B7B232A07F
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230331092801+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.deepintent.com/ Name: CDIUSER
Value: di_9f53e7dca3a940a1a1cfb
.npr.org/ Name: _ttp
Value: -sJ-rkTlDyM8w7eb7vU_x9p0YV2
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZF2D7QAJWfGa1gAp
.admanmedia.com/ Name: admtr
Value: 3f815e86-e251-4c0b-9350-f7846f377bf0
.admanmedia.com/ Name: ac_r
Value: CS71
.cxense.com/ Name: gckp
Value: 236p9zf1lu7kr1l2flu1z24a6t
.bidswitch.net/ Name: tuuid
Value: d58e1f47-673d-43c0-9eb5-3d3092a2f42c
.bidswitch.net/ Name: c
Value: 1683850221
.bidswitch.net/ Name: tuuid_lu
Value: 1683850221
.taboola.com/ Name: t_gid
Value: 9b7f42eb-aec6-45f5-8952-32eb8ea1c97f-tuctb57096d
.outbrain.com/ Name: obuid
Value: abdb7051-3f24-48df-86ff-d0b7337ce660
.3lift.com/ Name: tluid
Value: 3273349132911417766259
.adsrvr.org/ Name: TDID
Value: cfe0192b-8a95-4e2e-8976-5e399dc2ca88
.zemanta.com/ Name: zuid
Value: tUErNNrmnF3IeDQjI0fy
.openx.net/ Name: i
Value: c1f8b05b-301d-4897-ad96-ec4b58c6673c|1683850221
.quantserve.com/ Name: mc
Value: 645d83ed-52c59-873d2-b5afc
.yahoo.com/ Name: A3
Value: d=AQABBO2DXWQCEG41OKzPuL820RLjR548jxAFEgEBAQHVXmRnZNxH0iMA_eMAAA&S=AQAAAsq6mslxioxmcUitF5sXHkQ
.ipredictive.com/ Name: cu
Value: 38da2c82-a184-4f05-ba5c-0b96ac861902|1683850221356
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-726727c3-2fec-5888-4b58-5e8c90b62167.cEW6BF6r72EunQtlWMUnZLaAXR8%2FpYbxGx5UNWWZR60
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Acmcnwy_sWIhLWF6MkLYhZ2AJ-Sc.v2%2BVtDougevrx0uqH3che02xhQc5niDRQhaqp5ZboRM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Acmcnwy_sWIhLWF6MkLYhZ2AJ-Sc.v2%2BVtDougevrx0uqH3che02xhQc5niDRQhaqp5ZboRM
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-970314639533267504
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:CB5033A211F645E781D9BE26BE718709&KRTB&23486-uid:CB5033A211F645E781D9BE26BE718709&KRTB&23489-uid:CB5033A211F645E781D9BE26BE718709
.thrtle.com/ Name: mc
Value: eyJpZCI6IjA0MGY2ZGEzLTMxNTEtNGVkOS1iZmM2LTJjMmMwMTVmMjhjNSIsImwiOjE2ODM4NTAyMjE0MDEsInQiOjF9
.npr.org/ Name: cX_G
Value: cx%3Acrh9i0poebe92r3kate6rwh9a%3Aa3z0ka2kisiy
.doubleclick.net/ Name: IDE
Value: AHWqTUkvi4G-fIWVITDaVw9-Z5LAA8j__okS0K8gyuBOfM3uQ7ua_6lLExp28e2YwIw
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-cfe0192b-8a95-4e2e-8976-5e399dc2ca88&KRTB&22918-cfe0192b-8a95-4e2e-8976-5e399dc2ca88&KRTB&23031-cfe0192b-8a95-4e2e-8976-5e399dc2ca88
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GwRHAIAgEwIqYOQjeYLoRlSosPnm6ry2n18gtyCpxdEo0LllMG789Zxx1vMp4osFMz1V8KkNsCkAAAAA=
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEIALGw0mvkrLX-kmXf9VoHY&KRTB&22987-CAESEIALGw0mvkrLX-kmXf9VoHY&KRTB&23025-CAESEIALGw0mvkrLX-kmXf9VoHY&KRTB&23386-CAESEIALGw0mvkrLX-kmXf9VoHY
.creativecdn.com/ Name: u
Value: o6QV0QJdLztL1mof1p62
.creativecdn.com/ Name: ts
Value: 1683850221
.turn.com/ Name: uid
Value: 4010939127404796361
.360yield.com/ Name: tuuid
Value: 2641623b-1cfe-498f-95da-322c21926ada
.360yield.com/ Name: tuuid_lu
Value: 1683850221
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~2blc:1769~2blc"
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!3168
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4010939127404796361&KRTB&23150-4010939127404796361
.npr.org/ Name: _sctr
Value: 1%7C1683849600000
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.npr.org/ Name: __gads
Value: ID=a85f6ca1e9475817:T=1683850221:S=ALNI_MaoeCqOSe7RRsVt-XyLCs7g7JnQJA
.npr.org/ Name: __gpi
Value: UID=00000bf0c2cb88aa:T=1683850221:RT=1683850221:S=ALNI_MbpKgd5C6QpG9xislYEk78QOPjDdA
ads.avct.cloud/ Name: uuid
Value: 140b447e-d1e7-4df3-8414-2e5cb259ff26
.bluekai.com/ Name: bku
Value: ikG99mteUVxX0O/i
.bluekai.com/ Name: bkpa
Value: KJhz0f2uQp9z9mY7iVBg4hc36FBDWQ/AGz3dBkL/XzxYKAAbTBBfnQfmllNqwySfOqpqlpI1y0W6hW7o8GUipYRFc27+tlgMfeYbylL/UhfCHyxD9KNl4kl18+FmKQkbRp87OwE3g4wgRCex4ggSihTHDvm7354ZXFLycHOm8OmyfYboVUS3TGMUGkDLMUAohYA+/08aOOlymoaH2XdlcEk0WsNUYzUwxMqo1bbjSmnrfIPNpk3QhurFzLDRyqp1p33oPWWvtoJvJmZHd9y93PHngx==
.socdm.com/ Name: SOC
Value: ZF2D7cCo8XYAALq-F7AAAAAA
.rubiconproject.com/ Name: khaos
Value: LHJSY2GP-1S-LAY
.adnxs.com/ Name: anj
Value: dTM7k!M4/rE:2jUF']wIg2E?$x67Gc!EKw)0I[7jU:yvvIR*7bZ(G4W+GA[S/`0_'VaYozq@:?^W-CFA+M%GF/XE%[B%+)GHC'($=sJSA.gLHHXs6>Jn-:52
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjaqrbv6aHpOxAFEhUKBmNhc2FsZRILCIC7-e_poek7EAUSFAoFdGFwYWQSCwiAzbXx6aHpOxAFEhkKCnJpZ2h0bWVkaWESCwi2zdTy6aHpOxAFEhYKB3J1Ymljb24SCwiop-H26aHpOxAFGAEgBCgCMgsIgMW4noCi6TsQBTgBWgV0YXBhZGAC
.smartadserver.com/ Name: pid
Value: 8500728873333680786
.adx.opera.com/ Name: UID
Value: OPUfef01a78f6124fa7ac1fdd81e246bf4f
.linkedin.com/ Name: bcookie
Value: "v=2&d65806ba-801a-46bb-8237-5a2048713089"
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2568:u=1:x=1:i=1683850222:t=1683936622:v=2:sig=AQGG07Xrte4mWynxNfpsI2EU0pQZAJYX"
.rubiconproject.com/ Name: audit
Value: 1|19Fcied+xiVaUkjMTemB4zgTQfX+mgYqm/+5ZySuAbl+xL8LlrcUaKpOoraODnueNnpsHEQjYECM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLsSNdST6Hq9qmSVAmf/0v0Fl5tOhobNHZIhcUW4riH9auFd30aCfi0Gjgh0ef9QhZZbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3UtrIMK0N/SGQ==
www.npr.org/ Name: _lr_retry_request
Value: true
www.npr.org/ Name: _lr_env_src_ats
Value: false
www.npr.org/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22cfe0192b-8a95-4e2e-8976-5e399dc2ca88%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-04-12T00%3A10%3A22%22%7D
.33across.com/ Name: check
Value: true
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 6039b9d9fb750202ba37d1d904de4af7
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDMwtkyyTLFMSzI3NTAyMEpKNDZPMUyxNDBJSTVJTDNnAIKU2OZ3IBoKAFUcCxM%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIiW1%2BB6SgAAAaoQIz"
.npr.org/ Name: panoramaId_expiry
Value: 1683936622843
.npr.org/ Name: _cc_id
Value: 6039b9d9fb750202ba37d1d904de4af7
.id5-sync.com/ Name: id5
Value: fa88193b-5fcd-70de-95d9-a5d08d22879d#1683850222994#1
.npr.org/ Name: cto_bundle
Value: cQl5d19CcXZKSERQbCUyRldjJTJCS2g1aVZWSFBWdlBVOGJjMUtUUnBzMHU0ZVhSejI2aXE2dWRFbU0wY2llRkg5OGZWZUJQUiUyQnBGYkRpMktuM3JBREgyY1VFSFV5JTJCTkZndjI4ZHNXbU1RMDhVTlhkY2tzJTNE
.npr.org/ Name: cto_bidid
Value: INITfV95NE1EdDE5aDJDZUVUc1ZCeDV3c1M3cUl1WjJROEFFT3pvT3NpbVdDRGVlUU05R1I2RnNSa2pKZEtPc2ltRTRIM3BHWWF4UHhucWl2N3VieEZxbE43ZyUzRCUzRA
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:bb75645d-83ed-4500-8bc7-011a248e5d45&KRTB&16736-uid:bb75645d-83ed-4500-8bc7-011a248e5d45&KRTB&23019-uid:bb75645d-83ed-4500-8bc7-011a248e5d45&KRTB&23114-uid:bb75645d-83ed-4500-8bc7-011a248e5d45
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-38da2c82-a184-4f05-ba5c-0b96ac861902&KRTB&23011-38da2c82-a184-4f05-ba5c-0b96ac861902&KRTB&23355-38da2c82-a184-4f05-ba5c-0b96ac861902
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5585051093897204759&KRTB&23339-5585051093897204759
.bfmio.com/ Name: __187_cid
Value: 03F1BCA6-29A9-42C8-8233-80D59BD77E9D
.bfmio.com/ Name: __io_cid
Value: 403381465ea3337d3b133429a9262d3770596a8c
.adgrx.com/ Name: ADGRX_UID
Value: 64354240-f059-11ed-9a84-e9c9e824e41f
.kargo.com/ Name: ktcid
Value: 8a494499-e3ec-0f52-5690-4afab53cbcc5
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 37ca4854493113ee
.bidr.io/ Name: bito
Value: AABPA07IuwgAACFVmowLtA
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-64354240-f059-11ed-9a84-e9c9e824e41f&KRTB&23275-64354240-f059-11ed-9a84-e9c9e824e41f
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHYVuvaU_-tQM18iIfAAAAAAA&KRTB&22713-AAAHYVuvaU_-tQM18iIfAAAAAAA&KRTB&22715-AAAHYVuvaU_-tQM18iIfAAAAAAA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1685059200%3A256_255_263_262_201_261_260_259_258%7C1684454400%3A253_248%7C1684886400%3A257
.pubmatic.com/ Name: SyncRTB3
Value: 1684713600%3A63%7C1685145600%3A35%7C1685059200%3A48_56_165_21_166_249_220_46_250_55_5_71_3_7_8_231_178_22_13_54_104%7C1684454400%3A223_2_15
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1kj7|7dN.0.AABPA07IuwgAACFVmowLtA|7bq.0.1
.quantserve.com/ Name: d
Value: EKYBEgH8KPijC_vLEA
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220230512%22%2C%22142%22%3A%2220230512%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-WJCDGlaX0xpDkYQdW52bRlmX0kxDxoMfCMebNgaO&KRTB&19420-WJCDGlaX0xpDkYQdW52bRlmX0kxDxoMfCMebNgaO&KRTB&22979-WJCDGlaX0xpDkYQdW52bRlmX0kxDxoMfCMebNgaO&KRTB&23462-WJCDGlaX0xpDkYQdW52bRlmX0kxDxoMfCMebNgaO
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_9f53e7dca3a940a1a1cfb
.sitescout.com/ Name: ssi
Value: 6c792d18-465e-4d16-97e8-9a0002930b3c#1683850224491
.adform.net/ Name: C
Value: 1
.mxptint.net/ Name: mxpim
Value: R33645_102876CBD_8D98B488.1.0000000000000000645D83F0
.rlcdn.com/ Name: rlas3
Value: YONn57aWCDtWyUuik1J5+srBfQC+mSjvHqV8RJAGOLg=
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY4Mzg1MDIyNDUyMn0
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33645_102876CBD_8D98B488&KRTB&23092-R33645_102876CBD_8D98B488
.adform.net/ Name: uid
Value: 6620998075383522498
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-03F1BCA6-29A9-42C8-8233-80D59BD77E9D&KRTB&23413-03F1BCA6-29A9-42C8-8233-80D59BD77E9D&KRTB&23479-03F1BCA6-29A9-42C8-8233-80D59BD77E9D
.w55c.net/ Name: wfivefivec
Value: 0FrJhKvE1PXgmA5
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-6c792d18-465e-4d16-97e8-9a0002930b3c-645d83f0-5553&KRTB&23418-6c792d18-465e-4d16-97e8-9a0002930b3c-645d83f0-5553
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6620998075383522498&KRTB&23263-6620998075383522498&KRTB&23481-6620998075383522498
.rlcdn.com/ Name: pxrc
Value: CPCH9qIGEgUI6AcQABIFCOhHEAA=
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:0FrJhKvE1PXgmA5&KRTB&23421-uid:0FrJhKvE1PXgmA5
.mfadsrvr.com/ Name: tuuid
Value: debaf0e6-4083-41dd-9a65-90fbca33492d
.mfadsrvr.com/ Name: c
Value: 1683850224
.mfadsrvr.com/ Name: tuuid_lu
Value: 1683850224
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1683850224
.pippio.com/ Name: did
Value: LU9bJYVre2NY4CwO
.pippio.com/ Name: didts
Value: 1683850224
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CPCH9qIGEgYIgr0rEAA=
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-d58e1f47-673d-43c0-9eb5-3d3092a2f42c
.linkedin.com/ Name: li_sugr
Value: 94d66d61-6361-4bfc-b6fb-3f79399310db
.smartadserver.com/ Name: csync
Value: 127:AABPA07IuwgAACFVmowLtA
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABPA07IuwgAACFVmowLtA
.pubmatic.com/ Name: PugT
Value: 1683849984
.pubmatic.com/ Name: SPugT
Value: 1683849986

7 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTNSJUEDD6I3&templateVariantId=OTV7WURJHVULK&offerId=fakeOfferId&experienceId=EX67L8R2DS3Q&iframeId=offer_9c21707ab9a0d13d6f7b-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org(Line 97)
Message:
Blocked autofocusing on a <input> element in a cross-origin subframe.
network error URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&initiator=$initiator
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.npr.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
javascript warning URL: https://www.npr.org/2023/05/11/1174343605/virginia-hid-execution-files-from-the-public-heres-what-they-dont-want-you-to-se
Message:
The resource https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

68794905.akstat.io
9945223d3cb69ecf699a51dab0237bd6.safeframe.googlesyndication.com
a11107397707.cdn.optimizely.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.pubmatic.com
adservice.google.com
analytics.google.com
analytics.tiktok.com
api.npr.org
api.permutive.com
api.rlcdn.com
api.www.documentcloud.org
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bpi.rtactivate.com
bundles.npr.org
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
cdn.adnxs.com
cdn.cookielaw.org
cdn.cxense.com
cdn.indexww.com
cdn.optimizely.com
cdn.pdst.fm
cdn.permutive.com
cdn.piano.io
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
comcluster.cxense.com
connect.facebook.net
crb.kargo.com
crcdn01.adnxs-simple.com
creativecdn.com
cs.admanmedia.com
cs.iqzone.com
csync.loopme.me
dis.criteo.com
dsum-sec.casalemedia.com
e1cef1f0-495f-4973-ba1c-880786e73a66.edge.permutive.app
e1cef1f0-495f-4973-ba1c-880786e73a66.prmutv.co
eb2.3lift.com
embed.documentcloud.org
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
gum.criteo.com
gw.geoedge.be
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.piano.io
ib.adnxs.com
id.crwdcntrl.net
id.cxense.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js-sec.indexww.com
js.adsrvr.org
js.stripe.com
legacy.npr.org
lexicon.33across.com
logx.optimizely.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
media.npr.org
mug.criteo.com
nym1-ib.adnxs.com
organization.api.npr.org
p.rfihub.com
p1cluster.cxense.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
q.stripe.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rumcdn.geoedge.be
s.amazon-adsystem.com
s.go-mpulse.net
s3.documentcloud.org
sb.scorecardresearch.com
sc-static.net
secure-assets.rubiconproject.com
secure-us.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static-assets.npr.org
static.chartbeat.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adkernel.com
sync.bfmio.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.pubmatic.com
tg.socdm.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.snapchat.com
um.simpli.fi
ups.analytics.yahoo.com
us-central1-adaptive-growth.cloudfunctions.net
us-u.openx.net
usersync.gumgum.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npr.org
www.npttech.com
x.bidswitch.net
z.moatads.com
api.rlcdn.com
104.18.11.47
104.18.25.185
104.19.149.54
104.36.115.111
104.77.150.190
107.178.254.65
124.146.215.43
13.224.207.247
141.226.224.48
141.95.33.111
142.250.65.194
145.40.89.32
151.101.128.176
151.101.130.49
151.101.193.108
162.248.18.37
173.231.178.116
174.137.133.32
18.238.12.115
18.238.12.225
18.238.4.53
18.238.8.230
184.29.128.199
184.29.128.213
184.29.129.187
185.167.164.49
185.184.8.90
192.40.39.223
198.148.27.140
199.187.193.179
199.187.193.182
199.38.167.131
2001:4860:4802:32::181
2001:4860:4802:36::178
2001:4860:4802:36::36
207.198.113.93
216.200.232.253
216.35.221.71
23.192.24.31
23.192.31.127
23.192.32.8
23.66.229.147
2600:1400:d:595::268b
2600:141b:13:6ac::11a6
2600:141b:13:78e::11a6
2600:141b:13:79b::13b8
2600:141b:13:7a3::1155
2600:141b:f000:487::1155
2600:141b:f000:4a0::1155
2600:1901:0:8344::
2600:1f18:4e9:5a02:6422:e7b:c10:ea7a
2600:9000:25c8:5a00:4:b37b:9440:93a1
2600:9000:25c8:b000:10:43f:4352:ad61
2600:9000:25c8:b200:18:1fcd:351:7bc1
2600:9000:25c8:e00:17:1d53:f700:93a1
2603:c020:400d:3000:67b7:1059:7283:c690
2606:4700:10::6816:3ad5
2606:4700:10::ac43:c91
2606:4700:4400::6812:2b9e
2606:4700::6810:2a41
2606:4700::6811:180e
2606:4700::6811:b7b1
2606:4700::6812:1af
2606:4700::6813:bb61
2606:4700:e4::ac40:aa20
2606:ae80:1451:17::1400
2607:f8b0:4004:c1b::9b
2607:f8b0:4006:806::200a
2607:f8b0:4006:809::2004
2607:f8b0:4006:80f::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:822::2001
2607:f8b0:4006:823::2001
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2008
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:4cb8:1820:80ca:50f7
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.134.172.54
3.217.144.211
3.225.4.30
3.229.81.233
3.230.49.253
3.81.178.203
34.102.163.6
34.107.254.252
34.111.113.62
34.171.234.26
34.193.215.195
34.200.54.87
34.200.65.202
34.208.115.43
34.225.243.74
34.237.249.254
34.98.64.218
35.172.99.217
35.190.43.134
35.190.60.146
35.207.24.140
35.211.178.172
35.214.153.92
35.241.9.51
35.244.142.80
38.91.45.7
38.98.69.175
44.209.137.140
52.223.22.214
52.223.40.198
52.46.155.104
52.73.81.183
52.95.118.179
54.146.9.250
54.187.159.182
54.194.86.208
54.209.161.130
54.224.41.210
54.225.103.173
54.84.233.243
64.74.236.31
68.67.160.186
68.67.179.155
68.67.179.166
69.173.151.100
70.42.32.31
74.119.119.139
74.119.119.150
8.2.111.13
8.28.7.81
8.28.7.83
8.28.7.84
8.28.7.92
80.77.87.163
82.145.213.8
00f142b983b09c0f5c06945aa3a61bcd34982161c0504c91b2ec5cd500cf1c3f
03f0805031f46b94777bb6dfa47f7ced2742fcd4829b8f2599113ea031eabd13
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a3ba917354f327813bab384836613984c56f44c39569d6d51a5f46a5faecc39
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca615b12424fc2a925831a1151e5270a48ff54f89acd00ce10c02f7114694d2
0cbc21cc443b6442605b72eada218eaab2f2d75461daf082a6c95e1ec3a39ce7
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0dd1e49600584510a5c52ba9c899c29c26e9fae674deeea59a7059c4650c14c1
0e9c4efbf23439cb9f4dc22b5f36b6ced619f8c81bce299eeeeacfb377d38975
0eb0cc8c8b53c9eb87848b8462db7041ea1ae4a577d2e16c3a5c3366b3422435
0f0a76d016777d7da8886e7a315c567cc4775625a8cd19e1a130b9f63511fa3e
12e0ccb3881593e593d94d70b81b9794b15d0f6c329b0b00df9de7764a932f64
138162efb093edf8eab272590910f1aecd2826bfc315571a96aa8621434eabf1
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
16ab56bb6d9dcf2840347dab10701dd876a0d55b7d726ee65ccd15c1314b616a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
194770ceb65932caf6b0559b3efaaafa0e49277ab21c12207e2d87ac596c3c92
195181727ea14f0bcdb964905bf243aff4eed91c722c5c6a5c57488c61812218
1ac1d014be6868369f75355b67fc701f2272a372b60a2eb679a00e78676b94d7
1af8ce1e16a862b7a82ea2835feac4774b1ac55cbc03f8ca1e563043acd2296c
1bb7572b232bd7e8ca3679462ec41986421d1e002ed84f710ad166ca604f2ba7
203a2c3a6529e474db0ac571f8f9868fcb08096513d779f8a9c71eafd8062588
20c172ecf13ad582bc7309a373b31a04d62c6c3e009e420271cc5c05f8cd1bf0
20e6a8cb49b71922bfe3ee576430a68e47670af478be680c8f97131aa89a308c
20f6b512a3e6cb09c6ae329b9f44a5a8a5a4c2be8ef8f52d79a4fddc062825c9
227128c533d5b0e5270fbf245535cd2e1e6743c0eb9186297b194756a94f516a
22ef7307726985e3a8e86d41b86990f7c48c5018aa57eb39a23814b92f15dbd6
2363775ae69c16cf10895c1f0ac1dc974e059403abd16796b9c63bd32bc0988d
23a1198790bf8dc8fee4786a0f701f663e4e9f5752f9deaa70ad6e68bccdce8d
23f595bc4dddd13d1cacfde1f673c410b63e8d1ee782adec5e7ea471d6a5ece3
24713d9602b5912dc8610cc4920378e39053cfaab46efc0e5b3ded9bed899475
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
28299f72288d828f81b6ded06da21a4af58766b12b8f79e47807cf1b6c2128b0
29edf254e820e898520a27dd8c7e55affddc8c7be729db412dac7549910f0b1b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5e286bb15b00e381cf69cabb0cc8ea0e78091d4fd544d61e5eee2ed6f6aeae
2ee46859435664a3d7dc374970512bf46030795f7d434a2b1d94637255485041
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
331687e90da30a4d28e7b211f90de82c06d9b1c2eb5a46b733eb44bf0e8ce3b4
331852fd9912583b03043c973d33d23b2711924f3731bd8bcd31b7000a6d4a60
353893c6dfd213c596c69a8955f505ab7a0d3324a7df583b489472c7e86cc512
361f0eb3651b2cd65fe34ef9e5f19f4dd707f1fc4b532e4a266d41215717d17c
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
387b1c9ab969f54d1665b7268d166fe9fe7d042247290694284e5fb14752fcc2
399a9be759ccc540081d3e7ed57c028c7ed63545952b616c25abac351881f7b9
3c49dfa0ae8e2171953d6b2d8b20754dbcda8304c48a360239ed74d3780c4b3e
3cc47bf26342bb1fa15f3655f9cdf1fcd676313d60f48f959b196d5e58abb441
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dce8bdec0e2d7fc1f93e9d24be027bde68f66527d5516a5a42564d6951ccdd7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4195f92d44315ac1fbb6ca162d8edb7df2a18ef07bc8e095507c8a52a15194ac
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
42ec977c258878fb47ecb040921c269b9ae2a74429d0844568303609a1cab52d
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43e96d451b13a80f769c106908376c94b31beb9aac6566498c5c60f0059ca4f1
466bab5da5ac2110d6e1b542d66e2f29606314e22f0870d64b78001e5ed0261c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a9b61e329a09288ce73d02b94bd0d194dcfe30faf71a3d175b352af4970fc4
47f9cbdf2bf8db793126b55147af7b213861d28b9e94d438b656e10061bea3ae
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b0d214f9c234a924f9303a2d9149948594be2b0387a410fd5541a72c43a84b2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d44ce603f3babef5821caac946cf4de1677e77d7aab1a34abf22cb400d616cd
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50f28f2ab568648f4eeb61db88077a494063cf078ea47036a3690c6d363f0df6
526af0d18923aab3c743f0a4150f50edeee909d4733ea097d4958dfeccad1627
52c854815f543b120f9314bf012a95ff9902edef46b232928855005edd9cf67c
534ce5d895034be276359de48b3117ff74d0464bc637d3353477e4deef5c52d8
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
55274b5eccbb145d96c31f4395d4d1d8ea783bfea7f1a3cc1aa4cb946a0ab5f4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b403bb290e6dff8563ef72b7d0436c9d75cff0f633a766d062431ecef8313c
57dee34477b101dd863b576a1ac614c9f285e558769b47b2aff2c100e2881266
58142e9384fa4fb99620006f5b78d3ca1ea6dc4e7399593030634543875875c3
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
5aeb8e5bfb5613efe674f9376728ae30ec25ed8f7a58e5fbbea328ac1c52fe56
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b
5c8d3905b5c13d0c0e32c412ae45710365b71b1c9931b9c4ed44596e557be9d9
5d103df41045bc8e9538ed05d79fdd7750af623fa8dd55fdc3b74d90d6ba20a0
5d9c1c742aac35a11e2f47ecc1b8b720c69647e630606368b2ae352cc758f27d
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
602187963620e652a6e7fe0fe349fc98d1d6951a9efcf0298c644c79675a074c
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
640ae5edaa96ef9ed6e2a4205debd81a6d785b88b689755843fa97238a5e2604
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
658575ee6263bc52bc7d311899d2ecdeea85795169385045efaa7f5c7aa13ad0
65e230b9c1ae8bdf74c5d20452f594351cf384eb295dbd59b64e71b735847250
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae2307935e6ecb8e1ab0a354e8893c3e76524fdb34a2adbf699947bbd926ff3
6c6ace8ca494bbaa48ca4462e46f0f9fd6c18060f78406c37020446011a7ee0f
6cda543524d4a103d7fcb7a11c85b15f25204e637d7baf218dbe6fb886453c17
6ed37e392b16dc80c3fe4470e3e48eb831b86dc84531de828b734190073d8062
6f0280925dc8b1ff2a60804fbf9ed4fa1b57255e8d1c06effb7ed778772309c5
6fba4c5b964dff7dcfba3a302ff78d58d632d50189605769fdd5dda96dfd247d
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72e9187f1baca465ca1e164e76640284047c1508cc40a2e09d97a41261a5e28f
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
73d975f8f4c0ce2cbca4d56543de540f7a10c24907ebdaddfaa5371ba84e1009
73e648861094dd784d862b00417d495e89b775ded1196f44cf9bd238675b07b7
74fc56f0c75c533f69e18fb155d4d3a46fa5cbb58dd81fbac71db76a66645c6d
759d606521bc4e22d8935f2c0b7c1b9dd3271753c6ff499a97a28d19976153d1
7808decd57931c7cbb70aca026b11abf6587307214588c32174043ca016304dd
79b31979e78afd264dff492f14bc9edebb8801877e732be2b0a05db1d92f9a5b
7a1c12d5f09aa87f7ebf272386861586358152d0af351f112f456cf770d52863
7a36447245b4088b0f21215e07ff6bd5801521fc542fb5c6026e61b071760576
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7f69e56d9811fa9a411b628f963d60727ec1100a583774f037ef5a81cffc4a3a
81430397badb5c924cfe57e75049039040b81eed2a033e57475ffc6c0d01bfd6
826c57348a6f162323dda2130f888219d675fcefb29f724a3d01a9fabf841aaf
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
85fb8a4562f4917f5764bd13b04a7b71b09680c7194cd017e9f40a0e04829634
868a6e0b1de3d5354170751a8f94464b40741e54ca97200d1ff0a49519d44aa9
870646ed369e60312f62ef62ad1993761074e08dac806c0b1e85fe34022473ad
8730f88f0ca82a89a4d57269d485c0f728069df2bb5b362394d491977daca2b7
87eafc724caa21b42a8a0488852e718a150bb80dc80c2ed86ceb7c7bd2d7a1ab
89ffa34d4c487944f08e6aebf891d4d5e227c7097027caa8fb1e6cf1429a434c
8b9aa79a47e0f4ae61b5383f2159d810f05ee4aac2908acd44362be6a08b264b
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8e10cd0f7d269b9f3209ba276ecdafb114ecade970310b245f97f3152cd86ea5
8fe18e5c207388c0eca318a5cf1c8cfd98e94575497ec1cec755537ce251762a
907ea9db8dcc37d39bafb708da0587f1d5d0a6062b38072f4a8a2c937f4488ff
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92047072731f67e0594f9e2b6adb9bea4fe99d9e55080c1a90b966b197f15bc5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
964f619d79d4ebc1522aa1780158dfe8457d5db1cef4dcc8d3aa25a254b381ad
965a2655ce64dfe9fee42b6e69cba58d714c23f00d46f10f3774637c82cc9784
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c6db46804e0ca353706750fb2f550844db3cd4ce5fcfa260de8f11906ebf6ac
9d58194f8dd3afcaff87c92757947fa69c7032a86ee4a34a718de1a76e8e03b9
9df8813296bb5309dc02af567d86b921296a7e55665f47983094b291b12724e3
9f195058493a01a281f2d262b43fe010473d8ef66860d77f8ee2261f34b0ab0f
a01007b0021d3bfc284716fe059a8ba2e7e66e8b15a5f2c31504eb4bab4c5395
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0936f9df1b4c7049ad1e276809285abcbf955ee30bedf624086704be55627a5
a11d62109f30ddb0d4b4f74e8b340ccc50a471ea1e5a888a5f17631c31cf9545
a1d685aace2f629301e7d5779989357ee2cffc61f81a605972bfa9003dc0f471
a1e32578c5dee120197d9f57470184cdf19f37c299b654ac8fa82d1d6cc8661f
a295737c5622418a54c822f6e08c3c21d01b08a5654da76e65ceab62e9e7d28f
a4602edc276bf5381a6864accfca91ab3e4deb6f20933a7eee16e40fa54747be
a48faa03a87b95518e2817d8306c508396132b37e539db394791ffba6eecc2bb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59967f9b40a2e697a54edebefa0450bab8eeec4aa0648df01adc04d256bf561
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a74b6e51b9490f0b2992457e40a143f17d5547ae2ce83881c67552bfc022d00a
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a92479c7d4ec68714a0e8ecbe13984b698a7a2b30cd61736ecb9472a5a027bd6
a95e7d0a3cb18909649c1c1cf3a03b867df399d7a68a95438700d0c250190ea5
aaf920acbc1c357a25eb4e07e035cdb789b4320595efe7eb75ce52056b9e04c7
ab678723774de69e40877f127ac1092ff893e2e0dd8cf750d70202d4755f5f12
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad2bab50682f07841d18365d073b29e98f82fdd16b326df0a8e652014aa66360
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af405f77a0f55a0cb65e56b82f45b7b11f5e7d3b7844bca53b7bd9d34dcdf33b
af72f6f8aec89faa50db5c5c8f5e29e9ea04955c873c59c174bad75b3fc25441
b02f5bbb01389d85596616f1bf5fb0122113f8bbc1ba5edaf300b77241a1def3
b047f1e3da013288c9bf2d1b15fac6f3d665c1864baae8c81fb48ee3a6f9e75c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18438d193090838d3eebba712af41ae3fbe52bc89d8ad7f53f1241ea1bc491e
b371c895a5881161a32ef477714929cd097a7c889cc4ea59038ea7ad8fa5a948
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b47fda20f5db9b11b7d9a8857e5342648875c9c511332b2a7ea80d527477ad37
b596fe810c4f72890a9ad86e49766ff6d95fb028c99cced6b6ac41cc751d514d
b764ce150169f8cb3de122209b93f8e73a0f31b7698bdaefad21703e1c3ea354
b7a86e9413e9320eb64d52828515bcde30ccde38da26badd525ef8e8170fe81f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb7a965c3a7853ffa5f13e2e41ec77dfb9ac1cc622bb77c4d2ae837c880be9cd
bd590f1358d2daf65865f5f32d51a3972fee0812b82c55bc22d1641dce4af3b0
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
bfa00d3205cb2506bde08477160990fd7d2c33462848984d37608b0211d64312
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c344e03bb210de8501279f148e719a190ed542e44aa51f147a4bb41bcdd167a1
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6e41b95cc960d2f92a9d8bdef50142f097f0477d03a96b9ec5615ca5c583f91
c90e782af8bb58958c6613744b251581cc85af4e74dd2b854a9481b29c3805e4
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de
c9cc850000ea176905f2f4ea82de7d5e5ef8ab93cf64461a6d91a733158f3cd1
ca86bb6aa731e5bc443d519ae7a793ba60918dedeb37aba45e47fd3d3a706ca1
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
ccd58a79f3d3a3d5efdebfeabee337687299d5fb4639c98473945eed036b61a8
cdc0f17acec6d7a576fce6a0b816b96407a98172baf6c9fba82fb76b27cf7e51
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d3c8c37ae73c3001f505645de9da73a6d67dd3ccbffb97dbb3e89289ff600b41
d761bfbed54ff398aa3320e53b8fa5005810bed14d349c7f4d9b137d435c7674
d7c26fcb00fc4f21f1fef7c31d7b2eb0566a15a8178bc570fe125dcb3f441b06
d83266ddfdcea835f71c048d864ccb1c5656cb4225505a866415135afd78e989
d8b64a59e71d5a31cca279801bd73fd7206af0af416ad03d41c9c8d2a265389f
d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f
d8f3cc4a165a2c633c817365d64955a965e900c1644eb8660f6c9914f7d14e17
dd2a355066b220462c40ceac06a68dcbd084677e1d7b28b986fcecde56776f59
de454389bce9d322350632e8de80f620f331e3f7aab9de50c24fbb090f4021b9
de6743f507a86878617b378a3aea7c74416a28b4834a301271b582e89434c21a
dec366ad7034dda578b6f098d455487176a8cee3160c75cbd1eba0d77ce0b01a
e056da2afa5ff02d79253e434d016ddfad3877fffd41a3fccc73aac7893e2ea6
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e102857342ad296d1beae9bd5a8696e84da6be5cd1beaa395da4181ddf03335f
e3234277035affe05246eb12cceb5c3ba40e1fc50c9e90c9e84e28452e0e9ece
e346347af868086722530315141c352bdb4f8ec808e34d24b3a673842c05cbe6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
e4630c2c02a0b51aa90a24a4df46e2be7bd4b1891e4bc6e3ce1fae514b55fcfb
e78d23ae6e5e0f82394424866f999a7247b301cb7ccca0fe39ad303121be8061
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8495c16f73bcb970266652190f05104151434693bb7135179c12ea2db950ba1
ec72861d01529c263bda4e010b7be752402122f1d92b8791a2ec6cb9fb85131c
ec7308df29f86d74aaf0ca6a024bb4f402c155169fe18bcd4ac6b2e9bd109c89
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff049e6709161aefb01e4913051076ef296be633b0b21f6b3c89756f36e5307
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f2a681b766700266a04ab111386aa2d2977b2234a4ee70fdfccfc88ec54c9c47
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f6060fb572db4a4a2c4caf55f22d0509334496b21ad08de02caaf3e68f772655
f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f706b55d047b48cadabd4fd6c3ad48a413cd96eb257f9faa0625fbdf93ab3d01
f837562dd6fbf32c3e7fb4d5512bd04e57ca34e1bbb3487b61851ce734767777
f8431b6878da29f1c8dd7eac6b019190d0274aade3b212a81d19e18048acb879
f8a7fdf18aab5015ecaa66b5c292f3ff993fe8a8ff346241902dc1db64af582e
f9640b6bc7993b8073d596c44fb5872dad2c50e87cf088eb461eddd1af3f3026
f9a14368257e7ae608b41966f9d8551e61390e593400e69013ea2e39ecd097a9
fa592e2df206b4c58ac43b2bfc0229214674884c269259fa2bb3367febd107d0
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fd0e391aa29b2d68f0382b95e93ef92288cffb43a9fb371360dc52f11fc1e548
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
fe130e8bf841c6bed02ef9f38e07d3abaff612f5cd1f3020ee43845be4c52d0a
fe6d62deb9f2a9f9f55b91e39b05c6d2232ede0da5057c6a837edf8aa99d25dd