urlscan.io logo urlscan.io
SecurityTrails logo

www.usatoday.com Open in urlscan Pro
151.101.194.62  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Submission: On September 19 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 97 IPs in 8 countries across 76 domains to perform 268 HTTP transactions. The main IP is 151.101.194.62, located in United States and belongs to FASTLY, US. The main domain is www.usatoday.com. The Cisco Umbrella rank of the primary domain is 13968.
TLS certificate: Issued by R3 on August 7th 2022. Valid for: 3 months.
This is the only time www.usatoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 151.101.194.62 54113 (FASTLY)
4 13.224.205.195 16509 (AMAZON-02)
5 2600:9000:20e... 16509 (AMAZON-02)
8 2607:f8b0:400... 15169 (GOOGLE)
2 151.101.65.194 54113 (FASTLY)
1 2606:2800:220... 15133 (EDGECAST)
24 151.101.65.44 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 199.232.194.217 54113 (FASTLY)
22 52.4.33.45 14618 (AMAZON-AES)
1 35.211.165.199 19527 (GOOGLE-2)
2 74.119.119.129 19750 (AS-CRITEO)
1 2 8.2.111.124 46636 (NATCOWEB)
2 5 68.67.179.155 29990 (ASN-APPNEX)
1 54.204.108.135 14618 (AMAZON-AES)
1 2602:803:c002... 26667 (RUBICONPR...)
1 69.166.1.15 27630 (AS-XFERNET)
1 3.89.234.15 14618 (AMAZON-AES)
1 192.35.249.142 11742 (SPOTX-IAD)
2 3.220.24.121 14618 (AMAZON-AES)
1 23.205.77.192 16625 (AKAMAI-AS)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 4 34.98.64.218 15169 (GOOGLE)
2 104.18.18.126 13335 (CLOUDFLAR...)
6 3.224.231.143 14618 (AMAZON-AES)
1 13.224.202.36 16509 (AMAZON-02)
3 12 18.154.227.100 16509 (AMAZON-02)
2 151.101.129.44 54113 (FASTLY)
1 13.224.214.52 16509 (AMAZON-02)
7 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.224.201.38 16509 (AMAZON-02)
5 151.101.130.133 54113 (FASTLY)
1 13.224.210.231 16509 (AMAZON-02)
4 2a03:2880:f03... 32934 (FACEBOOK)
1 142.251.40.130 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 54.152.100.45 14618 (AMAZON-AES)
1 35.186.249.72 15169 (GOOGLE)
2 2600:9000:20e... 16509 (AMAZON-02)
3 3.210.118.195 14618 (AMAZON-AES)
1 13.224.207.247 16509 (AMAZON-02)
1 13.224.205.31 16509 (AMAZON-02)
1 146.75.32.157 54113 (FASTLY)
1 13.224.214.10 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 34.194.161.83 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
2 35.227.211.136 15169 (GOOGLE)
2 72.21.195.65 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 52.46.155.104 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
4 35.190.43.134 15169 (GOOGLE)
6 2a03:2880:f13... 32934 (FACEBOOK)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 52.207.19.117 14618 (AMAZON-AES)
1 52.72.124.102 14618 (AMAZON-AES)
1 23.34.59.30 20940 (AKAMAI-ASN1)
9 10 35.211.178.172 19527 (GOOGLE-2)
2 2 3.135.132.32 16509 (AMAZON-02)
2 13 141.226.224.48 200478 (TABOOLA-AS)
1 35.211.20.91 19527 (GOOGLE-2)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2a00:1588:d80... 36040 (YOUTUBE)
13 2600:1f18:1ac... 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
3 209.54.180.72 16509 (AMAZON-02)
1 2620:100:a001::c 19750 (AS-CRITEO)
2 34.193.160.212 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
1 34.95.127.121 15169 (GOOGLE)
3 4 52.223.40.198 16509 (AMAZON-02)
1 1 69.173.151.100 26667 (RUBICONPR...)
2 3 142.250.80.34 15169 (GOOGLE)
1 8.28.7.83 62713 (AS-PUBMATIC)
1 2 23.92.190.69 10913 (INTERNAP-BLK)
1 2 198.148.27.139 19189 (PULSEPOINT)
1 199.187.193.192 47043 (SMARTADSE...)
1 18.214.193.123 14618 (AMAZON-AES)
1 1 74.119.119.150 19750 (AS-CRITEO)
9 9 141.95.98.64 16276 (OVH)
2 2 74.121.140.14 30419 (MEDIAMATH...)
1 1 8.28.7.81 62713 (AS-PUBMATIC)
2 6 69.166.1.12 27630 (AS-XFERNET)
1 1 107.178.246.49 15169 (GOOGLE)
2 2 50.57.31.206 19994 (RACKSPACE)
2 2 199.38.167.128 54312 (ROCKETFUEL)
1 1 35.207.24.140 15169 (GOOGLE)
1 52.223.22.214 16509 (AMAZON-02)
1 185.255.84.153 200271 (IGUANE-)
1 31.220.27.134 39572 (ADVANCEDH...)
1 1 44.196.211.13 14618 (AMAZON-AES)
1 2 96.46.183.20 7979 (SERVERS-COM)
1 82.145.213.8 39832 (NO-OPERA)
1 2a04:4e42::300 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 151.101.1.108 54113 (FASTLY)
1 23.200.168.248 16625 (AKAMAI-AS)
1 23.192.31.127 16625 (AKAMAI-AS)
1 1 8.2.111.121 46636 (NATCOWEB)
1 13.224.214.78 16509 (AMAZON-02)
1 1 185.167.164.49 198622 (ADFORM)
2 3 35.211.168.6 19527 (GOOGLE-2)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
268 97
26    151.101.194.62 (United States)

ASN54113 (FASTLY, US)
www.usatoday.com
user.usatoday.com
hlsmedia.gannett-cdn.com
www.gannett-cdn.com
cm.usatoday.com
4    13.224.205.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-205-195.phl50.r.cloudfront.net
c.amazon-adsystem.com
5    2600:9000:20ed:5400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    2607:f8b0:4006:81d::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    151.101.65.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    2606:2800:220:131d:1d30:1f1d:238b:1e56 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
24    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprnjmp.taboola.com
match.taboola.com
1    2607:f8b0:4006:820::2006 (Rockville, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2607:f8b0:4006:816::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    199.232.194.217 (United States)

ASN54113 (FASTLY, US)
static.scroll.com
22    52.4.33.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-33-45.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
1    35.211.165.199 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 199.165.211.35.bc.googleusercontent.com
grid.bidswitch.net
2    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
2    8.2.111.124 (United States)

ASN46636 (NATCOWEB, US)
colossusssp.com
5    68.67.179.155 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    54.204.108.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-108-135.compute-1.amazonaws.com
prebid-server.rubiconproject.com
1    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    3.89.234.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-234-15.compute-1.amazonaws.com
tlx.3lift.com
1    192.35.249.142 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
search.spotxchange.com
2    3.220.24.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-24-121.compute-1.amazonaws.com
ads.yieldmo.com
1    23.205.77.192 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-77-192.deploy.static.akamaitechnologies.com
a.teads.tv
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
gannett-d.openx.net
u.openx.net
2    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
6    3.224.231.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-231-143.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    13.224.202.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-202-36.phl50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
12    18.154.227.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-100.iad55.r.cloudfront.net
sb.scorecardresearch.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
1    13.224.214.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-52.phl50.r.cloudfront.net
ats.rlcdn.com
7    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:80b::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.224.201.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-201-38.phl50.r.cloudfront.net
cdn.parsely.com
5    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
consumer.krxd.net
1    13.224.210.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-210-231.phl50.r.cloudfront.net
z-na.associates-amazon.com
4    2a03:2880:f03a:1c:face:b00c:0:3 (Minneapolis, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
www.googleadservices.com
3    2607:f8b0:4006:80d::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
csi.gstatic.com
1    54.152.100.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-100-45.compute-1.amazonaws.com
resources.xg4ken.com
1    35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com
d.impactradius-event.com
2    2600:9000:20ed:7600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
3    3.210.118.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-118-195.compute-1.amazonaws.com
10870841.collect.igodigital.com
nova.collect.igodigital.com
1    13.224.207.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-207-247.phl50.r.cloudfront.net
sc-static.net
1    13.224.205.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-205-31.phl50.r.cloudfront.net
js.adsrvr.org
1    146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    13.224.214.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-10.phl50.r.cloudfront.net
geo.privacymanager.io
1    2607:f8b0:4006:809::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
retail.googleapis.com
1    34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com
p1.parsely.com
1    2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    35.227.211.136 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 136.211.227.35.bc.googleusercontent.com
gannett.sjv.io
2    72.21.195.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
assoc-na.associates-amazon.com
1    2607:f8b0:4006:816::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2607:f8b0:4006:81c::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2607:f8b0:4006:809::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
ffe23ab977ed4d082aa81c53cd0ea023.safeframe.googlesyndication.com
3    2607:f8b0:4006:81d::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:81e::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
4    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
6    2a03:2880:f13a:83:face:b00c:0:25de (Minneapolis, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:1f18:730:b140:d4dd:8728:eb33:a60d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    52.207.19.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-19-117.compute-1.amazonaws.com
rp4.liadm.com
1    52.72.124.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-124-102.compute-1.amazonaws.com
i.liadm.com
1    23.34.59.30 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-59-30.deploy.static.akamaitechnologies.com
sli.usatoday.com
10    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
us-east-sync.bidswitch.net
x.bidswitch.net
2    3.135.132.32 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-132-32.us-east-2.compute.amazonaws.com
sync-dmp.mobtrakk.com
13    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
us-trc-events.taboola.com
us-match.taboola.com
us-vid-events.taboola.com
sync.taboola.com
1    35.211.20.91 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 91.20.211.35.bc.googleusercontent.com
prod-use.perf-serving.com
1    2607:f8b0:4006:80c::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
redirector.gvt1.com
1    2a00:1588:d801::10 (Ukraine)

ASN36040 (YOUTUBE, US)
r3---sn-quxapm-3c2e.gvt1.com
13    2600:1f18:1aca:4281:e6aa:3af:c2cf:659f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    2607:f8b0:4006:809::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2607:f8b0:4006:81e::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    209.54.180.72 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
aax-us-east.amazon-adsystem.com
aax.amazon-adsystem.com
1    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    34.193.160.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-160-212.compute-1.amazonaws.com
beacon.krxd.net
3    2607:f8b0:4006:80f::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    34.95.127.121 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 121.127.95.34.bc.googleusercontent.com
www.ojrq.net
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
cm.g.doubleclick.net
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    23.92.190.69 (Katy, United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    199.187.193.192 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    18.214.193.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-193-123.compute-1.amazonaws.com
e1.emxdgt.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
9    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
2    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
2    199.38.167.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    185.255.84.153 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    44.196.211.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-211-13.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    23.200.168.248 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-168-248.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    23.192.31.127 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    8.2.111.121 (United States)

ASN46636 (NATCOWEB, US)
sync.colossusssp.com
1    13.224.214.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-78.phl50.r.cloudfront.net
api.intentiq.com
1    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    35.211.168.6 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 6.168.211.35.bc.googleusercontent.com
sofia.trustx.org
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
Apex Domain
Subdomains		 Transfer
39 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 996
trc.taboola.com — Cisco Umbrella Rank: 697
vidstat.taboola.com — Cisco Umbrella Rank: 2577
sync-t1.taboola.com — Cisco Umbrella Rank: 1309
us-trc-events.taboola.com — Cisco Umbrella Rank: 5910
images.taboola.com — Cisco Umbrella Rank: 1779
imprnjmp.taboola.com — Cisco Umbrella Rank: 7167
us-match.taboola.com — Cisco Umbrella Rank: 7165
us-vid-events.taboola.com — Cisco Umbrella Rank: 6770
sync.taboola.com — Cisco Umbrella Rank: 1037
match.taboola.com — Cisco Umbrella Rank: 2758
pips.taboola.com — Cisco Umbrella Rank: 1549
cds.taboola.com — Cisco Umbrella Rank: 1446
325 KB
24 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 575
pixel.adsafeprotected.com — Cisco Umbrella Rank: 616
dt.adsafeprotected.com — Cisco Umbrella Rank: 527
203 KB
23 usatoday.com
www.usatoday.com — Cisco Umbrella Rank: 13968
user.usatoday.com — Cisco Umbrella Rank: 20263
cm.usatoday.com — Cisco Umbrella Rank: 30532
sli.usatoday.com — Cisco Umbrella Rank: 24123
327 KB
22 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 858
3 KB
13 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
209 KB
12 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
9 KB
11 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 934
us-east-sync.bidswitch.net — Cisco Umbrella Rank: 1748
x.bidswitch.net — Cisco Umbrella Rank: 301
5 KB
10 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 6415
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
aax-us-east.amazon-adsystem.com — Cisco Umbrella Rank: 890
aax.amazon-adsystem.com — Cisco Umbrella Rank: 938
69 KB
9 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 463
14 KB
9 googlesyndication.com
ffe23ab977ed4d082aa81c53cd0ea023.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
104 KB
7 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1613
consumer.krxd.net — Cisco Umbrella Rank: 2122
beacon.krxd.net — Cisco Umbrella Rank: 513
96 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
7 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1504
sync.go.sonobi.com — Cisco Umbrella Rank: 1018
7 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
1 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
acdn.adnxs.com — Cisco Umbrella Rank: 611
4 KB
5 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1428
insight.adsrvr.org — Cisco Umbrella Rank: 624
match.adsrvr.org — Cisco Umbrella Rank: 342
7 KB
5 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3340
rp.liadm.com — Cisco Umbrella Rank: 1667
rp4.liadm.com — Cisco Umbrella Rank: 7652
i.liadm.com — Cisco Umbrella Rank: 604
15 KB
4 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 943
1 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
1 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
216 KB
4 openx.net
gannett-d.openx.net — Cisco Umbrella Rank: 12884
u.openx.net — Cisco Umbrella Rank: 650
1 KB
4 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 936
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
eus.rubiconproject.com — Cisco Umbrella Rank: 564
6 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
gum.criteo.com — Cisco Umbrella Rank: 406
dis.criteo.com — Cisco Umbrella Rank: 688
1 KB
4 gannett-cdn.com
hlsmedia.gannett-cdn.com — Cisco Umbrella Rank: 16546
www.gannett-cdn.com — Cisco Umbrella Rank: 7550
24 KB
3 trustx.org
sofia.trustx.org — Cisco Umbrella Rank: 4077
2 KB
3 igodigital.com
10870841.collect.igodigital.com — Cisco Umbrella Rank: 15527
nova.collect.igodigital.com — Cisco Umbrella Rank: 4821
3 KB
3 gstatic.com
www.gstatic.com
csi.gstatic.com
2 KB
3 associates-amazon.com
z-na.associates-amazon.com — Cisco Umbrella Rank: 7038
assoc-na.associates-amazon.com — Cisco Umbrella Rank: 3574
4 KB
3 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433
simage2.pubmatic.com — Cisco Umbrella Rank: 690
image6.pubmatic.com — Cisco Umbrella Rank: 648
334 B
3 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1619
sync.colossusssp.com — Cisco Umbrella Rank: 2085
1 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 424
retail.googleapis.com — Cisco Umbrella Rank: 10979
127 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 660
701 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2092
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1084
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
1013 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 524
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 877
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
88 KB
2 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 1829
r3---sn-quxapm-3c2e.gvt1.com
379 KB
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 15083
695 B
2 google.ca
www.google.ca — Cisco Umbrella Rank: 8529
655 B
2 sjv.io
gannett.sjv.io — Cisco Umbrella Rank: 14588
677 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2822
p1.parsely.com — Cisco Umbrella Rank: 2187
26 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3573
32 KB
2 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
880 B
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 658
263 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com — Cisco Umbrella Rank: 407
1006 B
2 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 714
analytics.twitter.com — Cisco Umbrella Rank: 538
30 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1310
93 KB
1 adform.net
c1.adform.net — Cisco Umbrella Rank: 637
484 B
1 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1659
680 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2930
464 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 694
252 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 4096
46 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1057
342 B
1 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 911
298 B
1 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 436
16 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1308
299 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 649
697 B
1 ojrq.net
www.ojrq.net — Cisco Umbrella Rank: 5573
448 B
1 perf-serving.com
prod-use.perf-serving.com — Cisco Umbrella Rank: 13286
192 B
1 t.co
t.co — Cisco Umbrella Rank: 489
337 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1400
595 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 613
15 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 917
8 KB
1 impactradius-event.com
d.impactradius-event.com — Cisco Umbrella Rank: 2854
16 KB
1 xg4ken.com
resources.xg4ken.com — Cisco Umbrella Rank: 4721
4 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
16 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
67 KB
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1358
110 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1270
363 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 485
953 B
1 scroll.com
static.scroll.com — Cisco Umbrella Rank: 5555
605 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
17 KB
268 76
Domain Requested by
22 c2shb.pubgw.yahoo.com www.usatoday.com
19 www.usatoday.com www.usatoday.com
13 dt.adsafeprotected.com www.usatoday.com
12 sb.scorecardresearch.com 3 redirects www.usatoday.com
cdn.taboola.com
10 cdn.taboola.com www.usatoday.com
cdn.taboola.com
9 id5-sync.com 9 redirects
8 x.bidswitch.net 7 redirects
8 trc.taboola.com cdn.taboola.com
8 securepubads.g.doubleclick.net www.usatoday.com
securepubads.g.doubleclick.net
www.googletagservices.com
7 www.google-analytics.com www.usatoday.com
www.google-analytics.com
www.googletagmanager.com
6 sync.go.sonobi.com 2 redirects
6 www.facebook.com www.usatoday.com
6 pixel.adsafeprotected.com static.adsafeprotected.com
www.usatoday.com
5 ib.adnxs.com 2 redirects www.usatoday.com
5 static.adsafeprotected.com www.usatoday.com
pixel.adsafeprotected.com
4 sync.taboola.com 2 redirects
4 tpc.googlesyndication.com www.usatoday.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 sync-t1.taboola.com www.usatoday.com
4 tr.snapchat.com sc-static.net
www.usatoday.com
4 connect.facebook.net www.usatoday.com
connect.facebook.net
4 cdn.krxd.net www.usatoday.com
cdn.krxd.net
4 c.amazon-adsystem.com www.usatoday.com
c.amazon-adsystem.com
3 sofia.trustx.org 2 redirects
3 match.adsrvr.org 3 redirects
3 cm.g.doubleclick.net 2 redirects
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
3 images.taboola.com www.usatoday.com
3 us-trc-events.taboola.com www.usatoday.com
3 www.google.com www.usatoday.com
tpc.googlesyndication.com
2 creativecdn.com 2 redirects
2 ads.betweendigital.com 1 redirects
2 u.openx.net 1 redirects
2 p.rfihub.com 2 redirects
2 uipglob.semasio.net 2 redirects
2 sync.mathtag.com 2 redirects
2 bh.contextweb.com 1 redirects
2 ce.lijit.com 1 redirects
2 beacon.krxd.net cdn.krxd.net
2 aax.amazon-adsystem.com www.usatoday.com
2 www.googletagservices.com www.usatoday.com
2 csi.gstatic.com imasdk.googleapis.com
2 sync-dmp.mobtrakk.com 2 redirects
2 us-east-sync.bidswitch.net 2 redirects
2 www.google.ca www.usatoday.com
2 ffe23ab977ed4d082aa81c53cd0ea023.safeframe.googlesyndication.com securepubads.g.doubleclick.net
www.usatoday.com
2 nova.collect.igodigital.com www.usatoday.com
2 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 assoc-na.associates-amazon.com z-na.associates-amazon.com
2 gannett.sjv.io d.impactradius-event.com
2 b-code.liadm.com www.usatoday.com
b-code.liadm.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 htlb.casalemedia.com www.usatoday.com
2 gannett-d.openx.net www.usatoday.com
2 ads.yieldmo.com www.usatoday.com
2 colossusssp.com 1 redirects www.usatoday.com
2 bidder.criteo.com www.usatoday.com
2 cm.usatoday.com www.usatoday.com
2 www.gannett-cdn.com www.usatoday.com
2 imasdk.googleapis.com www.usatoday.com
imasdk.googleapis.com
2 hlsmedia.gannett-cdn.com www.usatoday.com
2 confiant-integrations.global.ssl.fastly.net www.usatoday.com
confiant-integrations.global.ssl.fastly.net
1 c1.adform.net 1 redirects
1 api.intentiq.com
1 sync.colossusssp.com 1 redirects
1 eus.rubiconproject.com www.usatoday.com
1 js-sec.indexww.com www.usatoday.com
1 acdn.adnxs.com www.usatoday.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 t.adx.opera.com
1 sync.srv.stackadapt.com 1 redirects
1 s.uuidksinc.net
1 visitor.omnitagjs.com
1 eb2.3lift.com
1 match.taboola.com
1 rtb.mfadsrvr.com 1 redirects
1 pixel.tapad.com 1 redirects
1 image6.pubmatic.com 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com
1 rtb-csync.smartadserver.com
1 simage2.pubmatic.com
1 pixel.rubiconproject.com 1 redirects
1 insight.adsrvr.org js.adsrvr.org
1 www.ojrq.net
1 gum.criteo.com www.usatoday.com
1 aax-us-east.amazon-adsystem.com c.amazon-adsystem.com
1 us-vid-events.taboola.com www.usatoday.com
1 us-match.taboola.com vidstat.taboola.com
1 imprnjmp.taboola.com vidstat.taboola.com
1 r3---sn-quxapm-3c2e.gvt1.com www.usatoday.com
1 redirector.gvt1.com 1 redirects
1 prod-use.perf-serving.com www.usatoday.com
1 vidstat.taboola.com cdn.taboola.com
1 sli.usatoday.com www.usatoday.com
1 i.liadm.com b-code.liadm.com
1 rp4.liadm.com www.usatoday.com
1 rp.liadm.com 1 redirects
1 analytics.twitter.com www.usatoday.com
1 t.co www.usatoday.com
1 consumer.krxd.net cdn.krxd.net
1 adservice.google.com imasdk.googleapis.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net www.google-analytics.com
1 p1.parsely.com www.usatoday.com
1 retail.googleapis.com www.usatoday.com
1 geo.privacymanager.io ats.rlcdn.com
1 static.ads-twitter.com www.usatoday.com
1 js.adsrvr.org www.usatoday.com
1 sc-static.net www.usatoday.com
1 10870841.collect.igodigital.com www.usatoday.com
1 d.impactradius-event.com www.usatoday.com
1 resources.xg4ken.com www.usatoday.com
1 www.gstatic.com www.usatoday.com
1 www.googleadservices.com www.usatoday.com
1 z-na.associates-amazon.com www.usatoday.com
1 cdn.parsely.com www.usatoday.com
1 www.googletagmanager.com www.usatoday.com
1 ats.rlcdn.com www.usatoday.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 hbopenbid.pubmatic.com www.usatoday.com
1 a.teads.tv www.usatoday.com
1 search.spotxchange.com www.usatoday.com
1 tlx.3lift.com www.usatoday.com
1 apex.go.sonobi.com www.usatoday.com
1 fastlane.rubiconproject.com www.usatoday.com
1 prebid-server.rubiconproject.com www.usatoday.com
1 grid.bidswitch.net www.usatoday.com
1 static.scroll.com www.usatoday.com
1 s0.2mdn.net www.usatoday.com
1 platform.twitter.com www.usatoday.com
1 user.usatoday.com www.usatoday.com
268 132
Subject Issuer Validity Valid
usatoday.com
R3		 2022-08-07 -
2022-11-05		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.scroll.com
R3		 2022-08-25 -
2022-11-23		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2021-11-07 -
2022-11-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.yieldmo.com
Amazon		 2022-09-12 -
2023-10-12		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-21		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-30 -
2022-12-29		 a year crt.sh
assoc-na.associates-amazon.com
Amazon		 2022-06-18 -
2023-06-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-29 -
2022-09-27		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.xg4ken.com
Go Daddy Secure Certificate Authority - G2		 2021-09-17 -
2022-10-19		 a year crt.sh
*.impactradius-event.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-10 -
2023-01-06		 a year crt.sh
*.liadm.com
Amazon		 2022-01-31 -
2023-03-01		 a year crt.sh
*.collect.igodigital.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.sjv.io
Sectigo RSA Domain Validation Secure Server CA		 2022-03-23 -
2023-04-21		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-07		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.snap.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-08-16		 a year crt.sh
sli.usatoday.com
R3		 2022-08-11 -
2022-11-09		 3 months crt.sh
prod-use.perf-serving.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-22 -
2023-03-22		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
aax-us-east.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.ojrq.net
Sectigo RSA Domain Validation Secure Server CA		 2022-01-10 -
2023-01-07		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
uuidksinc.net
R3		 2022-09-16 -
2022-12-15		 3 months crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh

This page contains 28 frames:

Primary Page: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Frame ID: D904223A7FAA33FBA91E02EBDA1DBA73
Requests: 201 HTTP requests in this frame

Frame: https://cm.usatoday.com/nanobar/091322_USAT40th
Frame ID: A8016ACABD799E19C359C7DAF43B6AEA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.531.0_en.html
Frame ID: 738C99F7BEA63E9D45BAF5F5652A8E33
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 5E781818D1A0C986DDA3C84CA4E71A51
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_rbd_n-emx_ppt_n-vmg_an-db5_3lift&dcc=t
Frame ID: 645B36586DFDB4758124335D25C21188
Requests: 1 HTTP requests in this frame

Frame: https://ffe23ab977ed4d082aa81c53cd0ea023.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E9AF3DAEEDF7471A520987D2DF72CD93
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=83ed99d9-8377-45aa-ba76-e017d4d8e602&u_scsid=465d2b64-2690-4115-8644-71d6db0fa732&u_sclid=018276db-d139-4b3f-a40d-34e007103ed1
Frame ID: 614095A12A4C2A017722E6E59FBB65F9
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01aa?s=&cim=&ps=true&ls=true&duid=bf719b866c77--01gdbcjyccrc83hbd3x1vky1f6&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Frame ID: 820840545118F076E319D88065BDBAE3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C5845ED8352B327CDBD9FD0F588582C9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 70C5D8C4279C7727A1A31E2DAB5D55AB
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 0920E995B5EAB7E1ADDE4341831081D1
Requests: 1 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7dD8CFgORPa5NNEDZMgSRPa5NNEDZMgUAAAAGBvQHJGVzDme-jcut2viWa9FgsltLbC6TWznbjRyWwcKyMk6GQFI253Dm27jcqo1vuRYNJru1xOYyuZWz3chhGSwsK-NkCi_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs9BLZCxXCaDpGVyeZ4-uxu40HQ6fK57ve73u6s-D9Pf5HDeNX63X3P6W55_0ctj9EsGk8lesNwrhnvVxWV5ixymh1tieTk8RrfQ4fG6TG7B0ek5Ou0-v2IwWix3s8VgMNnLAQAAAODh____HwIAAAAgAgAAAEACAAAAgCKg4t9C4AIAAAAA4____18DwGRDIDrkQGi_3XR5Ocz-AAAAAAABAAAAIAEgQKgpAejgnjn5_________48ZoM-8kfn___-_UegBePABeBACAAC4GAITwZCMdoUeJyIYK2IEAAAAUImTqXs0qRMqi6r___9-K4ArAICAQatkvIos3UGJtzAAAICDsQV6WPx-s8Ou8btd9v________9v9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUDMdrMDgAAAODu____Xw-EZiPnzOKceSyzkcVjssx2G9NgNPKtHAvTarFaeA_JrCDWCCieuS9GWGa_76CgnJ4es8sgKrreFrvDafYc1AIZy2UySFoml-fpsxvEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWjSYrEajyWIyXI0mq9lysdttkKJVq9loMxiuZpPZbrcaDobL0QgnbDFaTSab5XC2XEwGw9FwNBoiTJhsK4trs1rLBoPJWjSzzNYK33K0lm18M4dvN1yubKa16PUxPSyTycTj2aJgQNReJE-LdKLZzBYOy265nFh2w-VgMFkshruRbbgZDRcOj2M2EUs0J4t0IrvsS7ORc2ZxzjyW2cjiMVlmu41pMBr5Vo6FabVYLfwNk21lcW1Wa9lgMFmLZpbZWuFbjtayjW_m8O2Gy5XNtBa9PqaHZTKZeDz7xmy2mQ2Gm-Fu35jNNrPBcDPc7Tt0hu_qcza6Dq6z-nqLTZdX78lg8R2kBtvPpPsthBHjuSg5CcfZtcHYsK4PkrPBYzAYdtraN3h4_X3Obvm78R6MilgiuEgnqs_D9Dc5nCeX228RS5Smi3Si15z-ludf9PIY_ZLBZLIXLPeK4V51cVneIofp4ZZYXg6P0S10eLwuk1twdHqOTrvPrxiMFsvdbDEYTPYSsURwukgnopfxdFH_0SFGy7lqNlesNnPFcLZKAAAAAAAAAABLmDJvAgAAAHAayGw0Ga3WeRDL1Wy5WC0XAIAAUvdHfewv-_9gb1fpaiNyKJkarLjxY4b6PEx_k8N5crn9VgYAEPhg3vyZINZqtawBAAAEsAEAAAK4dfMWiA7F_____8cBAADIyNEDAADQ7wMxqffAjV4r8BPgaLMY!&cmcv=&pix=undefined&cb=1663608388849&uv=3226&tms=1663608388849&abt=ecp_vC!inc_all_video_vA!scec11_vA!spa2_vA!t45!ufm_vE!ul118513-590_vB!vzr_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=ef98f7ce-5c79-4027-bfed-967da20a2e82&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: B28FC0E13DA2C0056BA333FAB722F948
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7dD8CFgORPa5NNEDZMgSRPa5NNEDZMgUAAAAGBvQHJGVzDme-jcut2viWa9FgsltLbC6TWznbjRyWwcKyMk6GQFI253Dm27jcqo1vuRYNJru1xOYyuZWz3chhGSwsK-NkCi_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs9BLZCxXCaDpGVyeZ4-uxu40HQ6fK57ve73u6s-D9Pf5HDeNX63X3P6W55_0ctj9EsGk8lesNwrhnvVxWV5ixymh1tieTk8RrfQ4fG6TG7B0ek5Ou0-v2IwWix3s8VgMNnLAQAAAODh____HwIAAAAgAgAAAEACAAAAgCKg4t9C4AIAAAAA4____18DwGRDIDrkQGi_3XR5Ocz-AAAAAAABAAAAIAEgQKgpAejgnjn5_________48ZoM-8kfn___-_UegBePABeBACAAC4GAITwZCMdoUeJyIYK2IEAAAAUImTqXs0qRMqi6r___9-K4ArAICAQatkvIos3UGJtzAAAICDsQV6WPx-s8Ou8btd9v________9v9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUDMdrMDgAAAODu____Xw-EZiPnzOKceSyzkcVjssx2G9NgNPKtHAvTarFaeA_JrCDWCCieuS9GWGa_76CgnJ4es8sgKrreFrvDafYc1AIZy2UySFoml-fpsxvEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWjSYrEajyWIyXI0mq9lysdttkKJVq9loMxiuZpPZbrcaDobL0QgnbDFaTSab5XC2XEwGw9FwNBoiTJhsK4trs1rLBoPJWjSzzNYK33K0lm18M4dvN1yubKa16PUxPSyTycTj2aJgQNReJE-LdKLZzBYOy265nFh2w-VgMFkshruRbbgZDRcOj2M2EUs0J4t0IrvsS7ORc2ZxzjyW2cjiMVlmu41pMBr5Vo6FabVYLfwNk21lcW1Wa9lgMFmLZpbZWuFbjtayjW_m8O2Gy5XNtBa9PqaHZTKZeDz7xmy2mQ2Gm-Fu35jNNrPBcDPc7Tt0hu_qcza6Dq6z-nqLTZdX78lg8R2kBtvPpPsthBHjuSg5CcfZtcHYsK4PkrPBYzAYdtraN3h4_X3Obvm78R6MilgiuEgnqs_D9Dc5nCeX228RS5Smi3Si15z-ludf9PIY_ZLBZLIXLPeK4V51cVneIofp4ZZYXg6P0S10eLwuk1twdHqOTrvPrxiMFsvdbDEYTPYSsURwukgnopfxdFH_0SFGy7lqNlesNnPFcLZKAAAAAAAAAABLmDJvAgAAAHAayGw0Ga3WeRDL1Wy5WC0XAIAAUvdHfewv-_9gb1fpaiNyKJkarLjxY4b6PEx_k8N5crn9VgYAEPhg3vyZINZqtawBAAAEsAEAAAK4dfMWiA7F_____8cBAADIyNEDAADQ7wMxqffAjV4r8BPgaLMY!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: B3E31C60DA75197D1AE5F59E62E5C9BF
Requests: 1 HTTP requests in this frame

Frame: https://ffe23ab977ed4d082aa81c53cd0ea023.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 383C5B8867EDD3F14F6C8F91EF964EDA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw3Q6FOth3BULt-tJrfuMKhbP4x-6FEGmddrbfBWAOg-7phbfVKmffTuSTJtEwF5b9DKxU3aCl5L4USFpGEQuYH9oJeBNp5fB8VFaO3NbCUVbyNCeDTva6cIXriGv81d8-3D85llnry7Cg49td6SOfcnZor4hdyyJJzjcA4A0LjvFLjIaDI9qg-aPZpoIhpuslrGB4Mod0WYcYVXjVa647NvdB5y4BSvGknZiV0RTkJZnhgkkPyMe0p_mW4EU7ag4NlZS7ZB6aVvF_DN3JJa7ETSEMxl8BuMBIdD-bKfdRBkb2zGEgijRRQDPWlb45ALIYYM6z&sai=AMfl-YQ4v24GqxuAz59G21wXYC6uQQphPWszh2gQPlX65B0BtwpwbJMh7pw9-ymOxLhKwOw-heUDFj5whnLlBEhw_UT4mnTTcOnv3PghB71Rt5KwTR1-JHcwi0bJTMB1iB4&sig=Cg0ArKJSzF6eiHttgJIiEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FF132D0366820665D6678213B4F60D22
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxOiKnRJ_RyXT6wc0BGIJV_QyCI13ppop4OpYmyH7bGFfzqRnAU5lObf7WOwdHm18D8L4M6VifuOx6DTIpWh2dFfS30zO06zNOMsSDjpHC1xrtiHJgWoZZ1wSKz72qeMEiZ7i_PH4VKxt4Ne2acYZoMeb1bzhpZHykd0qFDq7wcWRRO2gvIW9XARlFDzqMRXiX1Xm07qurnw5yBWEqvDpTmLNtsB4fhf0aUANQ8tBmsbYx_c95sOXvkELrCxrZyHXDUUrnQdVqCnaB5b4mIgUO5PJvfZgCK8_bkkRMNSbCh546j4LhcidQ6ts_OZuYxErgMzfFzX5lg_-Ooaq3tS9zcutdqzSg0fvv&sai=AMfl-YQijIlBbdbLaK92lc7EPCFiILLHP9i4vZgrrJFyyL0Bpod8RpC8axUQ8yaB4e7kD32QSyOiw_ztdtAoeqmyW190Eiri3hAqyDFpNbT-j5OEAgrGcmnVHUIrfp4RfYU&sig=Cg0ArKJSzD062-ntq_YfEAE&uach_m=[UACH]&adurl=
Frame ID: 8B2CE49306CEB446D3EFBD6CFFEF18FB
Requests: 6 HTTP requests in this frame

Frame: https://cm.usatoday.com/overlay/091322_USAT40th_entrance
Frame ID: EA937697C07D8A9970AD4DF3A1B8407E
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=922805&campId=300x600&pubId=76839168&chanId=35441208&placementId=4442091026&pubCreative=138212742965&pubOrder=2154910521&cb=175373668&adsafe_par&impId=312d7bdd-3840-11ed-9208-02813368eb05&custom2=direct&custom3=story
Frame ID: 3FBCCD85C2A45D577477AAD07F61693F
Requests: 2 HTTP requests in this frame

Frame: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JG7zcp36syEpREzetXyP-RUAAAGDVsl4jAEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICDCLykM&rnd=9403776339161663608389124&pp=z7a2v4&p=1s4lr0g&crid=519816_ssl&ep=%7B%22ce%22%3A%221%22%7D
Frame ID: F28D3978EDF096ACA46B35AA9179CA41
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 196FDF4792C52F5FAA4750DCE8EDD2AF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.usatoday.com
Frame ID: E99FAD427937F0B3996543620FA63314
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=4bpffy2&ref=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&upid=zpgwcot&upv=1.1.0
Frame ID: E2BE2FF6E20E7B7716381330D6970CBF
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891HAY0-M-96V3
Frame ID: D338DB3F5D26FF7118FC5335CE1E5E05
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A4E81AD4785780CEAED034F953FC323C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 47FBEE3DAB35736FF4433A4C958E5544
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0060B0B125172407FAFF95BD06A2C28F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 66E66A1000BD5C318B5D896D4EEE0C40
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: C051843E8E7935992FC319B5C87AE846
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Uber data breach: Employee apparently tricked into sharing credentialsPlayPauseSound OnSound OffClosedCaptionOpen ShareEnter Full ScreenExit Full Screen

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • d\.impactradius-event\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

268
Requests

90 %
HTTPS

25 %
IPv6

76
Domains

132
Subdomains

97
IPs

8
Countries

2692 kB
Transfer

8438 kB
Size

185
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663608387275&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=0&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1663608387281&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=5&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663608387275&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=0&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1663608387281&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=5&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=
Request Chain 83
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663608387275&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=3&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=3&ns_st_dpt=3&ns_st_ipt=3&ns_st_et=3&ns_st_det=3&ns_st_upc=3&ns_st_dupc=3&ns_st_iupc=3&ns_st_upa=3&ns_st_dupa=3&ns_st_iupa=3&ns_st_lpc=3&ns_st_dlpc=3&ns_st_lpa=3&ns_st_dlpa=3&ns_st_pa=3&ns_ts=1663608387284&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663608387275&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=3&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=3&ns_st_dpt=3&ns_st_ipt=3&ns_st_et=3&ns_st_det=3&ns_st_upc=3&ns_st_dupc=3&ns_st_iupc=3&ns_st_upa=3&ns_st_dupa=3&ns_st_iupa=3&ns_st_lpc=3&ns_st_dlpc=3&ns_st_lpa=3&ns_st_dlpa=3&ns_st_pa=3&ns_ts=1663608387284&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=
Request Chain 95
  • https://sb.scorecardresearch.com/cs/6035223/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 129
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_rbd_n-emx_ppt_n-vmg_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_rbd_n-emx_ppt_n-vmg_an-db5_3lift&dcc=t
Request Chain 151
  • https://rp.liadm.com/j?dtstmp=1663608388092&aid=a-01aa&se=e30&duid=bf719b866c77--01gdbcjyccrc83hbd3x1vky1f6&tna=v2.4.2&pu=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ext_gup_anonid=176a75d8-ef36-4ff6-8ace-16a2bb816b37&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPlViZXIgZGF0YSBicmVhY2g6IEVtcGxveWVlIGFwcGFyZW50bHkgdHJpY2tlZCBpbnRvIHNoYXJpbmcgY3JlZGVudGlhbHM8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGRhdGEgYnJlYWNoIGF0IFViZXIgcHV0cyB0aGUgc3BvdGxpZ2h0IG9uIGFuIGVmZmVjdGl2ZSBicmVhay1pbiByb3V0aW5lOiB0cmlja2luZyBhbiBlbXBsb3llZSBpbnRvIHNoYXJpbmcgdGhlaXIgY3JlZGVudGlhbHMuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNhdG9kYXkuY29tL3N0b3J5L3RlY2gvMjAyMi8wOS8xOC91YmVyLWRhdGEtYnJlYWNoLWhhY2tlZC1waGlzaGluZy8xMDQxOTc2MTAwMi8iPjxoMSBjbGFzcz0iZ250X2FyX2hsIiBlbGVtZW50dGltaW5nPSJhci1oZWFkbGluZSI-VWJlciBzYXlzIHNlcnZpY2VzIGFyZSBvcGVyYXRpb25hbCBmb2xsb3dpbmcgZGF0YSBicmVhY2g8L2gxPjx0aXRsZSBpZD0icGxheV90ZWFscGxheWVyX3N2ZyI-UGxheTwvdGl0bGU-PHRpdGxlIGlkPSJwYXVzZV90ZWFscGxheWVyX3N2ZyI-UGF1c2U8L3RpdGxlPjx0aXRsZSBpZD0ibXV0ZV90ZWFscGxheWVyX3N2ZyI-U291bmQgT248L3RpdGxlPjx0aXRsZSBpZD0idW5tdXRlX3RlYWxwbGF5ZXJfc3ZnIj5Tb3VuZCBPZmY8L3RpdGxlPjx0aXRsZSBpZD0iY2xvc2VkQ2FwdGlvbl90ZWFscGxheWVyX3N2ZyI-Q2xvc2VkQ2FwdGlvbjwvdGl0bGU-PHRpdGxlIGlkPSJzaGFyZV90ZWFscGxheWVyX3N2ZyI-T3BlbiBTaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJmdWxsc2NyZWVuX3RlYWxwbGF5ZXJfc3ZnIj5FbnRlciBGdWxsIFNjcmVlbjwvdGl0bGU-PHRpdGxlIGlkPSJleGl0RnVsbHNjcmVlbl90ZWFscGxheWVyX3N2ZyI-RXhpdCBGdWxsIFNjcmVlbjwvdGl0bGU- HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1663608388092&aid=a-01aa&se=e30&duid=bf719b866c77--01gdbcjyccrc83hbd3x1vky1f6&tna=v2.4.2&pu=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ext_gup_anonid=176a75d8-ef36-4ff6-8ace-16a2bb816b37&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPlViZXIgZGF0YSBicmVhY2g6IEVtcGxveWVlIGFwcGFyZW50bHkgdHJpY2tlZCBpbnRvIHNoYXJpbmcgY3JlZGVudGlhbHM8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGRhdGEgYnJlYWNoIGF0IFViZXIgcHV0cyB0aGUgc3BvdGxpZ2h0IG9uIGFuIGVmZmVjdGl2ZSBicmVhay1pbiByb3V0aW5lOiB0cmlja2luZyBhbiBlbXBsb3llZSBpbnRvIHNoYXJpbmcgdGhlaXIgY3JlZGVudGlhbHMuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNhdG9kYXkuY29tL3N0b3J5L3RlY2gvMjAyMi8wOS8xOC91YmVyLWRhdGEtYnJlYWNoLWhhY2tlZC1waGlzaGluZy8xMDQxOTc2MTAwMi8iPjxoMSBjbGFzcz0iZ250X2FyX2hsIiBlbGVtZW50dGltaW5nPSJhci1oZWFkbGluZSI-VWJlciBzYXlzIHNlcnZpY2VzIGFyZSBvcGVyYXRpb25hbCBmb2xsb3dpbmcgZGF0YSBicmVhY2g8L2gxPjx0aXRsZSBpZD0icGxheV90ZWFscGxheWVyX3N2ZyI-UGxheTwvdGl0bGU-PHRpdGxlIGlkPSJwYXVzZV90ZWFscGxheWVyX3N2ZyI-UGF1c2U8L3RpdGxlPjx0aXRsZSBpZD0ibXV0ZV90ZWFscGxheWVyX3N2ZyI-U291bmQgT248L3RpdGxlPjx0aXRsZSBpZD0idW5tdXRlX3RlYWxwbGF5ZXJfc3ZnIj5Tb3VuZCBPZmY8L3RpdGxlPjx0aXRsZSBpZD0iY2xvc2VkQ2FwdGlvbl90ZWFscGxheWVyX3N2ZyI-Q2xvc2VkQ2FwdGlvbjwvdGl0bGU-PHRpdGxlIGlkPSJzaGFyZV90ZWFscGxheWVyX3N2ZyI-T3BlbiBTaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJmdWxsc2NyZWVuX3RlYWxwbGF5ZXJfc3ZnIj5FbnRlciBGdWxsIFNjcmVlbjwvdGl0bGU-PHRpdGxlIGlkPSJleGl0RnVsbHNjcmVlbl90ZWFscGxheWVyX3N2ZyI-RXhpdCBGdWxsIFNjcmVlbjwvdGl0bGU-&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjE1&n3pc=true
Request Chain 160
  • https://us-east-sync.bidswitch.net/sync?ssp=taboola&dsp_id=366&imp=1 HTTP 302
  • https://us-east-sync.bidswitch.net/ul_cb/sync?ssp=taboola&dsp_id=366&imp=1 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=taboola&bsw=a43d1664-bc25-4fd3-bd32-f6be759dd4f2 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=&consent=&usp=&ssp=taboola&bsw=a43d1664-bc25-4fd3-bd32-f6be759dd4f2&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NTYzMTY2MTY5ZWVhOWNiNg&gdpr=&gdpr_consent=&us_privacy=&ssp=taboola&bsw_param=a43d1664-bc25-4fd3-bd32-f6be759dd4f2 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
Request Chain 171
  • https://redirector.gvt1.com/videoplayback/id/2fd7b80018412b55/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1663629988/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/21F1D22CD29BD136C995FDD4CA8EBE0D616B2E67.84A46BD89E660A7D4B289647C74A158EB20D342D/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-quxapm-3c2e.gvt1.com/videoplayback/id/2fd7b80018412b55/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1663629988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/3DC1A0303CA1252A795499FCA587AAE0B7901490.1EF37FE8BC2FCA7190483FD7265787BBCC1D1C14/key/cms1/cms_redirect/yes/mh/vp/mip/2607:5300:60:7867::15/mm/28/mn/sn-quxapm-3c2e/ms/nvh/mt/1663608021/mv/m/mvi/3/pl/32/file/file.mp4
Request Chain 218
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891HAY0-M-96V3
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENO9dY5V7sEi4pV1lcg_gWM&google_cver=1
Request Chain 221
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3
Request Chain 222
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=78f21c37-dcdb-4918-9039-c36740a247bc
Request Chain 223
  • https://ce.lijit.com/merge?pid=42&3pid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 227
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=5a49d11a-2898-40db-bd18-1fddfc0ff060
Request Chain 228
  • https://id5-sync.com/s/464/9.gif?puid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F464%2F2%2F6%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/2/6/2.gif?puid=1564471431995386053&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO3CitBYQ9hDdgreveTCtL2dIXnr5Q5brW0m8-9A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/5/3.gif?puid=de296328-a644-4900-b268-afe60d072d58&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=78f21c37-dcdb-4918-9039-c36740a247bc&ttl=%%TTL%% HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F3%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/429/3/5.gif?puid=9F923589-9F68-456D-A924-A117148FA4BF&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/464/434/2/6.gif?puid=8349d69f-a6b4-4368-8cf2-b97976354c14&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/1/7.gif?puid=39e78b65-55a0-46d3-ae80-2316a65b8a75&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F0%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F0%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/0/8.gif?puid=FD38CDB3D46C238B&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMO3CitBYQ9hDdgreveTCtL2dIXnr5Q5brW0m8-9A
Request Chain 229
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=969751683053626673&expires=30&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
Request Chain 230
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=be6e1553-7553-4630-9dd7-c29efe22c307 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=be6e1553-7553-4630-9dd7-c29efe22c307&tbid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&query=taboola_hm%3Dbe6e1553-7553-4630-9dd7-c29efe22c307&isDirect=0
Request Chain 235
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=FKnq1GizRFJavdhBCPN76JU4mbo
Request Chain 236
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a43d1664-bc25-4fd3-bd32-f6be759dd4f2 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a43d1664-bc25-4fd3-bd32-f6be759dd4f2&crf=1
Request Chain 238
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=fc1ac4ef-77c3-0f1b-3274-39bd09d750cf
Request Chain 256
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=de296328-a644-4900-b268-afe60d072d58
Request Chain 257
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=969751683053626673
Request Chain 258
  • https://colossusssp.com/?c=o&m=cookie HTTP 302
  • https://sync.colossusssp.com/hms.gif HTTP 302
  • https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]=&us_privacy=[CCPA]&redirectUri=4007f5de-7fc0-4b98-9a72-43e6f8f2b24d
Request Chain 259
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=8349d69f-a6b4-4368-8cf2-b97976354c14&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=iHZNEvf3QN9k
Request Chain 260
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=092ac5c683&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=78f21c37-dcdb-4918-9039-c36740a247bc&pubid=092ac5c683 HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=8349d69f-a6b4-4368-8cf2-b97976354c14
Request Chain 261
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=themediagrid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6757255381717511957&ssp=themediagrid
Request Chain 262
  • https://sofia.trustx.org/push_sync?us_privacy=1--- HTTP 302
  • https://sofia.trustx.org/ul_cb/push_sync?us_privacy=1--- HTTP 302
  • https://creativecdn.com/cm-notify?pi=trustx HTTP 302
  • https://creativecdn.com/cm-notify?pi=trustx&tc=1 HTTP 302
  • https://sofia.trustx.org/sync?tp_id=22&tp_uid=Gavh1sYbCaRTYaRm86mY&pi=trustx&tc=1
Request Chain 263
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=a43d1664-bc25-4fd3-bd32-f6be759dd4f2&google_hm=YTQzZDE2NjQtYmMyNS00ZmQzLWJkMzItZjZiZTc1OWRkNGYy HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPuM9C4NjaqJk2XEBDiC9dQ&google_cver=1&ssp=sonobi&bsw_param=a43d1664-bc25-4fd3-bd32-f6be759dd4f2 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=a43d1664-bc25-4fd3-bd32-f6be759dd4f2

268 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/ 		157 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ece6bb68f58dc2e38e1995e2d34566679c5126ea21d40dba61308655c7e4e7e3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
89406
cache-control
no-store
content-encoding
br
content-length
49955
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
content-security-policy-report-only
script-src https: blob: 'unsafe-inline' 'unsafe-eval' 'self';base-uri 'self';report-uri https://reporting-api.gannettinnovation.com;report-to default
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 19 Sep 2022 17:26:26 GMT
etag
W/"2c4cf-bwE+/E/g4FI9m6Uc2B5lJiKiwvg"
feature-policy
camera 'none';display-capture 'none';geolocation 'none';microphone 'none';payment 'none';usb 'none';xr-spatial-tracking 'none'
link
<https://www.usatoday.com/tangstatic/svg/weather/6-q1a2z336db9d4f.svg>;rel=preload;as=image;nopush
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
origin-agent-cluster
?1
permissions-policy
camera=(),display-capture=(),geolocation=(),microphone=(),payment=(),usb=(),xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
strict-transport-security
max-age=63072000
vary
Accept-Encoding,User-Agent
x-cache
HIT, HIT
x-content-type-options
nosniff
x-frame-options
deny
x-timer
S1663608387.711435,VS0,VE2
x-xss-protection
1; mode=block
6-q1a2z336db9d4f.svg
www.usatoday.com/tangstatic/svg/weather/ 		782 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usatoday.com/tangstatic/svg/weather/6-q1a2z336db9d4f.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6e8a6be1ddac59b849eb4bb2650b704fb768f1a99ff0292673432479ba48d99a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
last-modified
Tue, 09 Aug 2022 13:19:04 GMT
age
3554612
date
Mon, 19 Sep 2022 17:26:26 GMT
vary
Accept-Encoding
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/svg+xml
cache-control
public, immutable, max-age=315360000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache
HIT, HIT
strict-transport-security
max-age=63072000
accept-ranges
bytes
x-timer
S1663608387.756383,VS0,VE0
content-length
411
/
user.usatoday.com/USAT-GUP/user/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://user.usatoday.com/USAT-GUP/user/
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5dc2126badc2388a068241f4626986e59ec0709aa1e0199b24b78786c937e842
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://login.usatoday.com/
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://login.usatoday.com/

Request headers

Referer
https://www.usatoday.com/
Origin
https://www.usatoday.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://login.usatoday.com/
via
1.1 varnish
x-content-type-options
nosniff
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache
MISS
x-cache-hits
0
content-length
1053
x-served-by
cache-yul12834-YUL
referrer-policy
same-origin
server
nginx
x-frame-options
ALLOW-FROM https://login.usatoday.com/
date
Mon, 19 Sep 2022 17:26:26 GMT
vary
Origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials
true
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:26:26 GMT
pbjsandwich-q1a2z3d1e3c40a.min.js
www.usatoday.com/tangstatic/js/ 		327 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bee20447aa0e1293049d65c522a290c718d0d93ba582f9aabb391ad2e1187ac0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
273324
x-cache
HIT, HIT
strict-transport-security
max-age=63072000
content-length
89520
last-modified
Fri, 16 Sep 2022 13:30:35 GMT
x-timer
S1663608387.764198,VS0,VE0
date
Mon, 19 Sep 2022 17:26:26 GMT
vary
Accept-Encoding
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/javascript
cache-control
public, immutable, max-age=315360000
accept-ranges
bytes
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Sep 2022 16:40:14 GMT
via
1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront), 1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:32 GMT
server
AmazonS3
age
2773
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
IAD89-C3, PHL50-C1
content-encoding
gzip
x-amz-cf-id
1eK94U-vXqYuwvYRsEtbNo3Rq6DjbCm6U7G7D39vzDtiZ36b4u3CeQ==
iasPET.1.js
static.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/iasPET.1.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
UWTIHcIBCTlOhfqinKDA9NwqhFA8.Ocb
content-encoding
gzip
etag
W/"51636de3ce868a2172f9e6996c2934e0"
age
452780
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Jun 2021 13:42:44 GMT
server
AmazonS3
date
Wed, 14 Sep 2022 11:40:07 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
3-osrgl1oEtGaMsUmv-LrRccdfa4__cZSkK1bzsZfQSBWXLzgkTuDA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efc1feac35e089b632417f7f1c2cfddb46d4b16c234407a9d98ed2d64261f21d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27762
x-xss-protection
0
server
sffe
etag
"1338 / 803 of 1000 / last-modified: 1663585777"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 19 Sep 2022 17:26:26 GMT
config.js
confiant-integrations.global.ssl.fastly.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/ 		111 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/config.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ceba4d461c9ed764d77585e64ab6d5776577854523e21a1422a0c4701e7a3b69

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:26:26 GMT
Content-Encoding
gzip
Age
309
X-Cache
HIT
Connection
keep-alive
Content-Length
27824
x-amz-id-2
wQ3k3aYlSInX08Wv5Ufgl6Lf67nHtcxkO5ZOppxW4/TBoM3q3prLJTnTP1FPSUD2cRzVsv7Y/lQ=
X-Served-By
cache-yul12826-YUL
Last-Modified
Mon, 19 Sep 2022 16:40:31 GMT
Server
AmazonS3
X-Timer
S1663608387.830059,VS0,VE0
ETag
"5dca34c01bb6d10d760ac2357e1cf67d"
x-amz-request-id
TJDC0R7JY0WHF77V
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
14
main-q1a2z3ec888503.min.js
www.usatoday.com/tangstatic/js/ 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/tangstatic/js/main-q1a2z3ec888503.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba390a736698135d0c3c8dc84b37c04887ad263fbc5ade658888ca74b9cb59e5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
248663
x-cache
HIT, HIT
strict-transport-security
max-age=63072000
content-length
29576
last-modified
Fri, 16 Sep 2022 20:21:12 GMT
x-timer
S1663608387.775034,VS0,VE1
date
Mon, 19 Sep 2022 17:26:26 GMT
vary
Accept-Encoding
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/javascript
cache-control
public, immutable, max-age=315360000
accept-ranges
bytes
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D20) /
Resource Hash
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:26:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1077
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Methods
GET
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29220
x-amzn-internal-status
304
Last-Modified
Wed, 31 Aug 2022 20:41:50 GMT
Server
ECS (nyb/1D20)
Etag
"f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Access-Control-Max-Age
3000
x-tw-cdn
VZ
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
loader.js
cdn.taboola.com/libtrc/usatodaydemo/ 		1 MB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e0b8168c8f161da80b731b5602cb3752c3505182c171dfe5336850075880e2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
tJUhQsRqtkdienesJxpAs_4xyUYT2Xai
content-encoding
gzip
age
2291
via
1.1 varnish
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
16
content-length
69017
x-amz-id-2
PdgvxCPjOa18FUZZ3W5Hw7bTWe7TpoPkykr4tnZhBr6vQx1F6ANeUfwJ496hI577WlLdvWnZym4=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 19 Sep 2022 16:30:52 UTC
server
nginx
x-timer
S1663608387.830161,VS0,VE0
etag
"eba1708eb492cde5c3517d6b586d94e2aebb3cc6"
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
T1G5FQ9246GN4YB3
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
date
Mon, 19 Sep 2022 17:26:26 GMT
abp
18
x-cache-hits
3
controls-a6bac614.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/controls-a6bac614.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60fe545b3bf07b8dd89fe466a0cf2bc3bcc60508ef6c6d2e3544b490c8cdd2ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=wLQRnQ==, md5=YMf2QhBfHKLSoii8MD1ZWA==
date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
13237684
x-amz-meta-goog-reserved-file-mtime
1634665282
x-guploader-uploadid
ADPycdt6LFMUB3U1KceMrR2kEtUmZA7WKxlkH4yqJdRoNGSE_jPDqH2bccFmgvxdeHa2_YLVleBQYAEGuolIqDVv4a0
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
4568
last-modified
Tue, 19 Oct 2021 17:42:23 GMT
x-timer
S1663608387.775018,VS0,VE1
etag
"60c7f642105f1ca2d2a228bc303d5958"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
share-4cfe2242.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/share-4cfe2242.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66d804a1bf1e9a9d5b2f423a246a65f57a6236f07fd0ef7f4d23c8b995eab7f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=cxDZMA==, md5=jtLFhZ5z65gIBTe3OYWalg==
date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
16198032
x-amz-meta-goog-reserved-file-mtime
1618514148
x-guploader-uploadid
ADPycdsiPA0I2CEK0bwqbRq7xltZLKjlR2aNJ7cIba1RfgKtc4wGAMdB6a8MZ8HAnbvHWZPWDqVESJiVMLvd23kDR5Q
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
2648
last-modified
Thu, 15 Apr 2021 19:16:48 GMT
x-timer
S1663608387.775006,VS0,VE1
etag
"8ed2c5859e73eb98080537b739859a96"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
tealplayer-4a52fd5f.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/tealplayer-4a52fd5f.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1612b60f989de0a97671f56dd902f2c588750f09e2918c22f2f39791ff560d6d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=BtBU1g==, md5=pnC9YBnvMLUzyuD+/La+5A==
date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
br
vary
Accept-Encoding
content-type
text/javascript
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
4076761
x-amz-meta-goog-reserved-file-mtime
1658319893
x-guploader-uploadid
ADPycdtEIAqD_VbO_KiYIn4hmq23aAjKlOsIsJyljfgrCiyxPx5QhTCrq5HK9EOf_4MKNFLi0lpFnFmpJfjMHErvvk7WBw
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
6178
last-modified
Wed, 20 Jul 2022 12:25:45 GMT
x-timer
S1663608387.775048,VS0,VE1
etag
"a670bd6019ef30b533cae0fefcb6bee4"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-generation
1658319945017120
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
x-goog-stored-content-length
6178
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
teal-comscore-f1701de9.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/teal-comscore-f1701de9.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
205921d4b8c37e9533528462950ba51ce45191e5ca94e7af31fb341e1592503c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=xg6Wig==, md5=ITqSdMH5Zz7qPS1D2oJ9Nw==
date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
13937263
x-amz-meta-goog-reserved-file-mtime
1564771659
x-guploader-uploadid
ADPycdsa0pbSNYrSrR2ExnK56KWFeYSlOcPV7bRvP86Itd0ccgmD9U7yrIwOhuhTXO4wiz6NHsgpCaDuYdlmmL2tNb4
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
646
last-modified
Fri, 02 Aug 2019 18:49:08 GMT
x-timer
S1663608387.774978,VS0,VE1
etag
"213a9274c1f9673eea3d2d43da827d37"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
teal-gcianalytics-102aa282.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/teal-gcianalytics-102aa282.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
139ed1e4e05d314894b9ac6d42f352b8c81de7785bda5d0a0a554410d56513cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=2w5QRw==, md5=3/TptPk8DKL8umczGH1n3w==
date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
9589846
x-amz-meta-goog-reserved-file-mtime
1654016067
x-guploader-uploadid
ADPycdtWKtbn3d2maFccNw3ufHe8_qRo3XRjwjq4TeExyik3R53fhxd1cNucLigjNwxsBQpgmNInVADPDw1epEfb04oNCVuzxwop
x-cache
MISS, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
1152
last-modified
Tue, 31 May 2022 16:55:12 GMT
x-timer
S1663608387.774915,VS0,VE1
etag
"dff4e9b4f93c0ca2fcba6733187d67df"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
teal-hls-aa645eb8.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		2 KB
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/teal-hls-aa645eb8.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40a3b348ffce5e680fa64715fd255db4f2aca4c828ab4c9ba1b92862c3a2d891
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=Fqu/dw==, md5=m4pGkNugXKBeamykpvKNDA==
date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
15547932
x-amz-meta-goog-reserved-file-mtime
1610471101
x-guploader-uploadid
ADPycdtzutefAKCCZiagrZXwgA7BFThCY1NhQAz0XsnXvweLq0zIgAlTMKalv3A0HYDwPxT3WzRYFBeIz06PMHtuPw
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
628
last-modified
Tue, 12 Jan 2021 17:06:00 GMT
x-timer
S1663608387.776496,VS0,VE1
etag
"9b8a4690dba05ca05e6a6ca4a6f28d0c"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
teal-parsely-9e946b2b.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/teal-parsely-9e946b2b.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97e6939bd37c94f8532ab3151190b0ba154c1932437b3ad86cde2e5e9c6439ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=1gxR9w==, md5=vjf6NJHtMFWJ9vsQXsCEBQ==
date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
13862326
x-amz-meta-goog-reserved-file-mtime
1621967392
x-guploader-uploadid
ADPycdvpEuF9CZWoDkb02LN9C44VX1yIdiUDSH1IOizuM6Ve2B-SxaoURsV2fAUwlW2pjnDPKpypyEv1W8tJeZTVles
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
628
last-modified
Tue, 25 May 2021 18:31:00 GMT
x-timer
S1663608387.776749,VS0,VE1
etag
"be37fa3491ed305589f6fb105ec08405"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
encore-04455b51.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/encore-04455b51.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fca848faee8095a7b1dcc41981d0cd0ebd285e3f06c5ed4e7b1c9d4b17f2d157
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=BmSnxA==, md5=fJQ/RMct/wm4cDRV7Djf3g==
date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
20860782
x-amz-meta-goog-reserved-file-mtime
1624892222
x-guploader-uploadid
ADPycdufGiEDC5oeVfwfBWkUAyZQlZn_BvxeioCoJbcY9isMMQjZdRDoOsrXk_Jw7ighisotECaf3Z1uAGaoF-EKRmoWrd8_Pg
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
1340
last-modified
Mon, 28 Jun 2021 14:58:08 GMT
x-timer
S1663608387.776400,VS0,VE0
etag
"7c943f44c72dff09b8703455ec38dfde"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
teal-ima-94d3c4f7.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/teal-ima-94d3c4f7.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5b4318b593211376d1911f208751f1c90ce53c0121c46202de0a79bebce959e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=5RaMGQ==, md5=HOZ5WqlB3NVMoFnCa8hHLQ==
date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
br
vary
Accept-Encoding
content-type
text/javascript
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
4076603
x-amz-meta-goog-reserved-file-mtime
1658319892
x-guploader-uploadid
ADPycdvWM5Cry1_X6V99n2iMuLKdllPKI424hlJtjCCl1yJ6_1boRI3P9uBFsCL5K4LjxKMijM0T1dWeABIMH3_mWy76Yg
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
3242
last-modified
Wed, 20 Jul 2022 12:25:43 GMT
x-timer
S1663608387.776383,VS0,VE1
etag
"1ce6795aa941dcd54ca059c26bc8472d"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-generation
1658319943513098
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
x-goog-stored-content-length
3242
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
1080p_30fps,720p_30fps,480p_30fps,master.m3u8
hlsmedia.gannett-cdn.com/authoring/video-renditions/acdaa0e2-46de-4532-a457-f882f64f05ab/7aa7f1b0-988e-4d71-a586-8062369bd120/ 		733 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hlsmedia.gannett-cdn.com/authoring/video-renditions/acdaa0e2-46de-4532-a457-f882f64f05ab/7aa7f1b0-988e-4d71-a586-8062369bd120/1080p_30fps,720p_30fps,480p_30fps,master.m3u8?subtitles=8764973002
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
9256207262db320310e9e194b9174e6e26c21b6e474fc1b22ebcce71526c08a0

Request headers

Referer
https://www.usatoday.com/
Origin
https://www.usatoday.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:26 GMT
via
1.1 varnish, 1.1 varnish
server
otfp
age
80028
etag
"xZQKZUN70KmJYvC8IUN4YuIV-2aGUwF_KoeM4tU2kMnaOXv2ScpGDozKC1_oJQZIQX5B_2CezA-kOcYc7yyfxQ50VzwBNNNxeQ17uP-dnGcCrAS2DcNfUwft7GIzeTikXyDiC38zwh8"
x-served-by
cache-iad-kcgs7200079-IAD, cache-yul12833-YUL
x-cache
HIT, HIT
content-type
application/x-mpegurl
access-control-allow-origin
*
fastly-stats
otfp=1
accept-ranges
bytes
x-timer
S1663608387.829450,VS0,VE0
content-length
733
x-cache-hits
2, 17
hls.0.14.9.min.js
www.usatoday.com/gannett-web/apps/teal/dist/vendor/hls/ 		234 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/vendor/hls/hls.0.14.9.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6ab3d025d76e18b3c5b3eaf86c8c64151f1ce4348244650c9a229d45316a9b3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=04gOQQ==, md5=j9vq4UIMZ0WSKC7Zx+/S4g==
date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
21015407
x-amz-meta-goog-reserved-file-mtime
1618514148
x-guploader-uploadid
ADPycds14xAggtVU6cs-gbvl5NIklVpa2xuxCFTPdPCn2YdPhqjgNbC-n58qkihTVVQz3kSszQpPgII1CFXw9x62PkQmoSRMDQ
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
60647
last-modified
Thu, 15 Apr 2021 19:16:55 GMT
x-timer
S1663608387.782931,VS0,VE1
etag
"8fdbeae1420c674592282ed9c7efd2e2"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
streamsense-5.1.1.160316.min.js
www.usatoday.com/gannett-web/apps/teal/dist/vendor/comscore/ 		88 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/vendor/comscore/streamsense-5.1.1.160316.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5e0f3e088896d15c5b2d1a0396fe84159eeee608a535c6f4e62992c927e8434f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=0ca1vg==, md5=oMYFmalRKmTWyqkSbPV95A==
date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
12652886
x-amz-meta-goog-reserved-file-mtime
1564523890
x-guploader-uploadid
ADPycds9rdF2lZZbdPcyBaYE6JoqFxR98skum5u8JS4xj9MRs_3_x1GcmAaclyzLnSqJUPDIMp6lSnuklpMWsMCA_TmIr4uNmg
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
14269
last-modified
Tue, 30 Jul 2019 21:59:07 GMT
x-timer
S1663608387.782923,VS0,VE1
etag
"a0c60599a9512a64d6caa9126cf57de4"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
ias-3.5.1.min.js
www.usatoday.com/gannett-web/apps/teal/dist/vendor/ias/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/vendor/ias/ias-3.5.1.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ec7fb38dc02cbe463429e410e7dc633ce5ab60c62c0315a39402594fbea4bf39
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=OSp2gg==, md5=LaiRY8nqOrc6SB1Dm0Q/Kg==
date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
br
vary
Accept-Encoding
content-type
text/javascript
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
4678656
x-amz-meta-goog-reserved-file-mtime
1564518562
x-guploader-uploadid
ADPycduW5R0gHrInQUs4g5iHNBvn_Mqui9ymv5IGvULzFpQZuJwWeADTDDY6fpkjjcBeJsa0pXFDIolldv-VhTuwrIDaDWOnCtgi
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
5228
last-modified
Tue, 30 Jul 2019 20:30:37 GMT
x-timer
S1663608387.782910,VS0,VE1
etag
"2da89163c9ea3ab73a481d439b443f2a"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-generation
1564518637785355
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
x-goog-stored-content-length
5228
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 17:26:26 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27e83793f50bb31fc8e9fd687a90b7472f979f925993f597db551450c423487a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128538
x-xss-protection
0
expires
Mon, 19 Sep 2022 17:26:26 GMT
8aae3612-a36c-48d4-b654-ae0ed8cb1bac-VPC_RIDESHARE_PRICES.jpg
www.gannett-cdn.com/presto/2021/11/26/USAT/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2021/11/26/USAT/8aae3612-a36c-48d4-b654-ae0ed8cb1bac-VPC_RIDESHARE_PRICES.jpg?width=660&height=371&fit=crop&format=pjpg&auto=webp
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
16fe769b2edcb8b600e58c0907b8275182c09fc886c265681b94d50a56adb5ad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=zhYOfg==, md5=tP8Kn1iB9Fu2nAW8BbrSOA==
date
Mon, 19 Sep 2022 17:26:26 GMT
via
1.1 varnish, 1.1 varnish
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
3434214
x-guploader-uploadid
ADPycdtippw-Vcpb0SS68jydDh14Rj1oNJaLIcbNZbZGVT-599OBwHVDtJgQr45DIqOizJOLRtHqZgNYVhMaXt6idT4olA
x-cache
HIT, HIT
fastly-io-info
ifsz=403808 idim=1080x1080 ifmt=jpeg ofsz=22194 odim=660x371 ofmt=webp
x-goog-storage-class
NEARLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
22194
x-served-by
cache-iad-kjyo7100023-IAD, cache-yul12834-YUL
vcl_data
4teo2sTrkRpe2BJzz4IyqE.277_19-e95cb5ef2212fd9d1b5de488fdb8074b
server
UploadServer
x-timer
S1663608387.830595,VS0,VE1
etag
"P4pbpV8lehpskBUoHzhpRBpdx4KZ4TWdwyspY/RMbb0"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
x-goog-generation
1637940054220348
expires
Wed, 10 Aug 2022 23:29:32 GMT
cache-control
max-age=2592000
x-goog-stored-content-length
403808
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 1
global-q1a2z3u1EuDuIBXGXnOmbqtWCTVvNO2Xs.min.json
www.usatoday.com/ 		13 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/global-q1a2z3u1EuDuIBXGXnOmbqtWCTVvNO2Xs.min.json
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ebb6c50cb9844218a00fa4978bbf426284ce5be59dc100d817decce4a443aa31
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Origin
https://www.usatoday.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
256841
content-security-policy-report-only
script-src https: blob: 'unsafe-inline' 'unsafe-eval' 'self';base-uri 'self';report-uri https://reporting-api.gannettinnovation.com;report-to default
x-cache
HIT, HIT
date
Mon, 19 Sep 2022 17:26:26 GMT
cross-origin-resource-policy
same-origin
vary
Accept-Encoding
content-length
2715
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-timer
S1663608387.783225,VS0,VE1
x-frame-options
deny
etag
W/"u1EuDuIBXGXnOmbqtWCTVvNO2Xs"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
cache-control
public,immutable,max-age=315360000
feature-policy
camera 'none';display-capture 'none';geolocation 'none';microphone 'none';payment 'none';usb 'none';xr-spatial-tracking 'none'
permissions-policy
camera=(),display-capture=(),geolocation=(),microphone=(),payment=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9efb51af16021c2c2818c91225e5e954c3a11b7affd7e2935b9ef7d9053e4e22

Request headers

Referer
Origin
https://www.usatoday.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
091322_USAT40th
cm.usatoday.com/nanobar/ Frame A801 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.usatoday.com/nanobar/091322_USAT40th
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors https://usatoday.com https://*.usatoday.com https://*.gannettdigital.com https://*.usatodaynetworkservice.com https://*.usatodaynetwork.com 'self';default-src 'none';script-src 'unsafe-inline';style-src 'unsafe-inline';worker-src 'none';style-src-elem 'unsafe-inline';connect-src https://reporting-api.gannettinnovation.com https://api.parsely.com;font-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';img-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com https://images.parsely.com data: 'self';prefetch-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';form-action https://*.usatoday.com 'self' 'unsafe-hashes';sandbox allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms;report-sample;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
339839
cache-control
public, max-age=3600, stale-while-revalidate=7200
content-encoding
gzip
content-length
17296
content-security-policy
upgrade-insecure-requests;frame-ancestors https://usatoday.com https://*.usatoday.com https://*.gannettdigital.com https://*.usatodaynetworkservice.com https://*.usatodaynetwork.com 'self';default-src 'none';script-src 'unsafe-inline';style-src 'unsafe-inline';worker-src 'none';style-src-elem 'unsafe-inline';connect-src https://reporting-api.gannettinnovation.com https://api.parsely.com;font-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';img-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com https://images.parsely.com data: 'self';prefetch-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';form-action https://*.usatoday.com 'self' 'unsafe-hashes';sandbox allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms;report-sample;report-uri https://reporting-api.gannettinnovation.com;report-to default
content-type
text/html
cross-origin-resource-policy
same-site
date
Mon, 19 Sep 2022 17:26:27 GMT
etag
"f675d8bffcddf0c455aad689e5f35226"
expires
Thu, 15 Sep 2022 19:02:27 GMT
feature-policy
autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
last-modified
Thu, 15 Sep 2022 18:28:49 GMT
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
origin-agent-cluster
?1
permissions-policy
autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
strict-transport-security
max-age=63072000;includeSubDomains;preload
timing-allow-origin
*
vary
X-AbVariant,Accept-Encoding
x-cache
HIT, HIT
x-content-type-options
nosniff
x-goog-generation
1663266529645394
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
29741
x-robots-tag
noindex
x-timer
S1663608387.004266,VS0,VE0
x-xss-protection
1;mode=block
8764973002.webvtt.m3u8
hlsmedia.gannett-cdn.com/_captions/ 		148 B
270 B 		Other
General
Check archive.org
Download Go to
Full URL
https://hlsmedia.gannett-cdn.com/_captions/8764973002.webvtt.m3u8
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/main-q1a2z3ec888503.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
794afd020d65d819e404ec6e59d3ca4ce8850c36821ddd79fb53f37d184f395a

Request headers

Referer
https://www.usatoday.com/
Origin
https://www.usatoday.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 varnish, 1.1 varnish
server
otfp
age
80028
x-served-by
cache-iad-kiad7000034-IAD, cache-yul12833-YUL
x-cache
HIT, HIT
content-type
application/x-mpegurl
access-control-allow-origin
*
fastly-stats
otfp=1
accept-ranges
bytes
x-timer
S1663608387.020878,VS0,VE1
content-length
148
x-cache-hits
1, 1
scroll-smart.js
static.scroll.com/js/ 		1 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.scroll.com/js/scroll-smart.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.usatoday.com/
Origin
https://www.usatoday.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 varnish
age
38211
x-guploader-uploadid
ADPycdvJq4vdPd95SFSZ2drE6SogN3m-EfH6nMycj-4jF2GQjUDYSqc76GzaO9NvO7m-5u9pTEeWyQIbIpufHlcyLPfsm1zZstDK
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
content-length
1
x-served-by
cache-yul12825-YUL
last-modified
Mon, 06 Jan 2020 18:21:36 GMT
server
UploadServer
x-timer
S1663608387.067184,VS0,VE0
etag
"68b329da9893e34099c7d8ad5cb9c940"
vary
Origin
x-goog-hash
crc32c=OZ97aQ==, md5=aLMp2piT40CZx9itXLnJQA==
x-goog-generation
1578334896006287
access-control-allow-origin
https://www.usatoday.com
expires
Wed, 03 Aug 2022 06:10:58 GMT
cache-control
public, max-age=0, s-maxage=86400
access-control-allow-credentials
true
x-goog-stored-content-length
1
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
338
main.js
www.usatoday.com/dcjs/prod/ 		135 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/dcjs/prod/main.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/main-q1a2z3ec888503.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3de6ca902e365219c2ffd5ff7a1e7aeff4c58adc609b9a03c2e11c8f6ee1bbd0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Origin
https://www.usatoday.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=eIvo0w==, md5=TPRKdljc0BuA0JD14qe3OQ==
date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
249389
x-amz-meta-goog-reserved-file-mtime
1663358974
x-guploader-uploadid
ADPycdubyn_PINOxymfhYMizGTwyY8D6h996R4YFEesunnbFnLbsS-2Le9Lk94a6sojt1QQTPnCGzTVbk0O1DkPf7nfP4Q
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
42176
last-modified
Fri, 16 Sep 2022 20:09:56 GMT
x-timer
S1663608387.023960,VS0,VE1
etag
"4cf44a7658dcd01b80d090f5e2a7b739"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-generation
1663358996450846
access-control-allow-origin
*
cache-control
max-age=3600
x-goog-stored-content-length
137754
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8065b63060a4e481a54a3d0219d9a6ca666965ac28f08f6c44cf1624ab72ae33

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c9b0f1855be4e7643aec0d94cb50421424f43226b62ef823c41fd32f7a4f9bfc

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
467 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
54971b9873487362bcd62428147b363437fb915bc4c2e7188e639771be182e73

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
53ac178a13cbc64c08579f847369d14c4eed2cfe568b3506a5fc0dec487fb701

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9ad0625d88437e6716ee45ded63759a9c5f60c588a9f361971e38761d6bdd969

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8f18a8cfe23d9332dc159cb923ff59be65a8c3f7502cadf96816041a3a697b64

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6a3797a6218d83df324666123c0238510887109571ccf2a9f46f380ba25e34c4

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e04dfd12d2b3bf73b41efda54e92bd7f193859e98f188acbe515d74d37d2057c

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5a9cea524c6f479a225fa748059f2e504aa8f7ddf75adc47530c6309f1523688

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d37d1a94b4521a61b7215155160a8f59effd2e5300e47ae0183222db46da92fc

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
819a24b02a20da3c978b602367b54a3eefee761c357771d2b29bffdc4e6ba5dc

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
hbjson
grid.bidswitch.net/ 		24 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
006ee7e32a22e8922606f970edd4b35582030acdac670a67476653ce721667d9

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 19 Sep 2022 17:26:27 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
cdb
bidder.criteo.com/ 		2 KB
743 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=185&av=34&wv=6.2.0&cb=106071792
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a79c612cc102529a9f9e24e48781a78dbb98e5383492bdde0e197d047088fe09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
472
/
colossusssp.com/ 		2 B
243 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.124 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.usatoday.com
Date
Mon, 19 Sep 2022 17:26:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
prebid
ib.adnxs.com/ut/v3/ 		19 B
712 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:27 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c3a36b3f-0394-4d63-88e5-564b6322ac6d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.usatoday.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
712 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:27 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f178c1d1-faa3-4356-9fc5-573974ee63a5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.usatoday.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		606 B
576 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.108.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-108-135.compute-1.amazonaws.com
Software
/
Resource Hash
bb9a87b2ec740ad773b8f65de5c6e2d65f3eafedbb99b8daaa41817136052645

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
x-prebid
pbs-java/1.98.0
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
340
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		2 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11324&site_id=29970&zone_id=120294&size_id=2%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B2&alt_size_ids=57%3B198%3B198%3B198%3B10%3B10%2C54%3B10%2C54%3B10%2C54%3B10%2C54%3B&p_pos=atf%3Batf%3Batf%3Batf%3Batf%3Batf%3Batf%3Batf%3Batf%3B&us_privacy=1---&rf=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&kw=uber%2Chacking%2Chacker%2Cride-hailing%2Cdata-breach%2Coverall-negative%2Ccybersecurity%2Ccomputer-crime%2Cdefense-and-cybersecurity%2Ccomputer-security&tg_i.name=USA%20TODAY&tg_i.domain=usatoday.com%2Cusatoday.com&tg_i.cat=IAB19&tg_i.page=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&tg_i.brandsafety=disasters%2Ccustom-verizon%2Cdisasters%2Ccustom-verizon&tg_i.section=tech&tg_i.topic=Uber%2CHacking%2CHacker%2Cride-hailing%2CData%20Breach%2COverall%20Negative%2CCybersecurity%2Ccomputer%20crime%2CDefense%20and%20Cybersecurity%2CComputer%20Security&tg_i.dfp_ad_unit_code=7103%2Fusatoday%2Fhigh_impact%2Ftech%231%3B7103%2Fusatoday%2Fnative-article_link%2Ftech%232%3B7103%2Fusatoday%2Fnative-article_link%2Ftech%233%3B7103%2Fusatoday%2Fnative-article_link%2Ftech%234%3B7103%2Fusatoday%2Fposter%2Ftech%235%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%236%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%237%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%238%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%239%3B7103%2Fusatoday%2Fleaderboard_btf%2Ftech%2310&tg_i.pbadslot=7103%2Fusatoday%2Fhigh_impact%2Ftech%231%3B7103%2Fusatoday%2Fnative-article_link%2Ftech%232%3B7103%2Fusatoday%2Fnative-article_link%2Ftech%233%3B7103%2Fusatoday%2Fnative-article_link%2Ftech%234%3B7103%2Fusatoday%2Fposter%2Ftech%235%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%236%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%237%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%238%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%239%3B7103%2Fusatoday%2Fleaderboard_btf%2Ftech%2310&tk_flint=pbjs_lite_v6.2.0&x_source.tid=e0c4cf72-3af8-4b3a-b0dc-1a0491d03367%3B89a5f0e3-b67b-44db-9ccd-a682666c220a%3Be7910a9f-760d-4f23-9ee6-aca67ef7fd83%3Ba3538bc9-fd58-463e-a1f7-3b2d2981fcde%3B50a49832-381a-4257-90de-d5a875ef7703%3B69df9d24-9b06-4fa0-901d-26bd98b3030c%3B907f6e07-8956-43a3-abc6-d09a798ee64a%3Baf53bdfe-2c5d-4c4f-8e0b-bd7b5c4663e3%3B2c4f493f-125b-489e-a5ae-69d261fabeef%3B8f26161a-899a-4d6b-9298-b687fb53898c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=10&rand=0.9034448922011296
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3ea740e57f9785ad345e20ed0296c58503096ae56e99aaa3a6ebc49072629732

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:27 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.usatoday.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
710
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F7103%2Fusatoday%2Fhigh_impact%2Ftech%7C76fcf2a26969d12%22%3A%22970x250%2C728x90%7Cgpid%3D%2F7103%2Fusatoday%2Fhigh_impact%2Ftech%231%22%2C%2277b1500ce60bf4%22%3A%225b547b098fa5cddb73dd%7C%7Cgpid%3D%2F7103%2Fusatoday%2Fteal-hero%2Ftech%23videoSlot1%22%2C%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%7C78bc1b07e3731f2%22%3A%22640x360%2C300x250%2C3x3%7Cgpid%3D%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%232%22%2C%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%7C7981303b18f66d2%22%3A%22640x360%2C300x250%2C3x3%7Cgpid%3D%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%233%22%2C%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%7C8099d904342509f%22%3A%22640x360%2C300x250%2C3x3%7Cgpid%3D%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%234%22%2C%22%2F7103%2Fusatoday%2Fposter%2Ftech%7C8150e937d7ab64d%22%3A%22300x250%2C300x600%7Cgpid%3D%2F7103%2Fusatoday%2Fposter%2Ftech%235%22%2C%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%7C82b92b1ce036971%22%3A%22300x250%2C300x600%2C300x1050%7Cgpid%3D%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%236%22%2C%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%7C833732bbbde1c88%22%3A%22300x250%2C300x600%2C300x1050%7Cgpid%3D%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%237%22%2C%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%7C846391cfdb105f%22%3A%22300x250%2C300x600%2C300x1050%7Cgpid%3D%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%238%22%2C%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%7C85a8e027f886f3a%22%3A%22300x250%2C300x600%2C300x1050%7Cgpid%3D%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%239%22%2C%22%2F7103%2Fusatoday%2Fleaderboard_btf%2Ftech%7C866921b344a07de%22%3A%22728x90%7Cgpid%3D%2F7103%2Fusatoday%2Fleaderboard_btf%2Ftech%2310%22%7D&ref=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&s=bdc9d4bf-b274-42ba-9d0a-792d69e34913&pv=ba12b064-32ab-4c20-af85-833fa7f5de91&vp=desktop&lib_name=prebid&lib_v=6.2.0&us=5&fpd=%7B%22site%22%3A%7B%22name%22%3A%22USA%20TODAY%22%2C%22domain%22%3A%22usatoday.com%22%2C%22cat%22%3A%5B%22IAB19%22%5D%2C%22sectioncat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22keywords%22%3A%22uber%2Chacking%2Chacker%2Cride-hailing%2Cdata-breach%2Coverall-negative%2Ccybersecurity%2Ccomputer-crime%2Cdefense-and-cybersecurity%2Ccomputer-security%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22brandsafety%22%3A%5B%22disasters%22%2C%22custom-verizon%22%5D%2C%22section%22%3A%5B%22tech%22%5D%2C%22subsection%22%3A%5B%22%22%5D%7D%7D%7D%7D&ius=0&us_privacy=1---&coppa=0
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
f8f6a09bfb74ce4f6cb03274735b9b3bbe661a73998414796bdd5216d59c6bd0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:27 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-151
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.usatoday.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
681
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.2.0&referrer=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&tmax=1600&us_privacy=1---
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.234.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-234-15.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
x-auction-status
12, 12, 12, 12, 12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
232953
search.spotxchange.com/openrtb/2.3/dados/ 		0
953 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/232953?src_sys=prebid
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.142 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
x-spotx-timing-transform
0.000342
x-spotx-timing-spotmarket
0.004067
x-spotx-timing-page-require
0.000428
x-fe
077
x-spotx-timing-page-misc
0.003801
x-spotx-timing-page-cookie
0.000035
x-spotx-timing-page
0.009967
pragma
no-cache
x-spotx-timing-page-context
0.000349
last-modified
Mon, 19 Sep 2022 17:26:27 GMT
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary
0.004067
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
x-spotx-timing-page-exception
0.000001
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-uri
0.000013
x-spotx-timing-page-mux
0.000931
access-control-allow-headers
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.2.0&p=%5B%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-high_impact-tech-1%22%2C%22callback_id%22%3A%22100d88b15eaa40f2%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fhigh_impact%2Ftech%231%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-native-article_link-tech-2%22%2C%22callback_id%22%3A%221013a67c4e2d5a91%22%2C%22sizes%22%3A%5B%5B640%2C360%5D%2C%5B300%2C250%5D%2C%5B3%2C3%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%232%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-native-article_link-tech-3%22%2C%22callback_id%22%3A%221020c30d7ddb8ef5%22%2C%22sizes%22%3A%5B%5B640%2C360%5D%2C%5B300%2C250%5D%2C%5B3%2C3%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%233%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-native-article_link-tech-4%22%2C%22callback_id%22%3A%221032d12f4368bf84%22%2C%22sizes%22%3A%5B%5B640%2C360%5D%2C%5B300%2C250%5D%2C%5B3%2C3%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%234%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-poster-tech-5%22%2C%22callback_id%22%3A%221043108fa205592a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fposter%2Ftech%235%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-6%22%2C%22callback_id%22%3A%22105fe702fc4d45fa%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C1050%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%236%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-7%22%2C%22callback_id%22%3A%22106a930c8cc90f55%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C1050%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%237%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-8%22%2C%22callback_id%22%3A%221076b2ba078d6d9f%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C1050%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%238%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-9%22%2C%22callback_id%22%3A%221085da6c33f7b953%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C1050%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%239%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-leaderboard_btf-tech-10%22%2C%22callback_id%22%3A%22109f23d838961f73%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fleaderboard_btf%2Ftech%2310%22%7D%5D&page_url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&bust=1663608387100&pr=&scrd=1&dnt=false&description=A%20data%20breach%20at%20Uber%20puts%20the%20spotlight%20on%20an%20effective%20break-in%20routine%3A%20tricking%20an%20employee%20into%20sharing%20their%20credentials.&title=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=1---
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.24.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-24-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.usatoday.com
pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bid-request
a.teads.tv/hb/ 		16 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.77.192 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-77-192.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 19 Sep 2022 17:26:27 GMT
translator
hbopenbid.pubmatic.com/ 		0
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.usatoday.com
date
Mon, 19 Sep 2022 17:26:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
712 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:27 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
8d854362-59e8-4674-afc3-7d3761db142f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.usatoday.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
gannett-d.openx.net/w/1.0/ 		189 B
394 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gannett-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e0c4cf72-3af8-4b3a-b0dc-1a0491d03367%2Ce0c4cf72-3af8-4b3a-b0dc-1a0491d03367%2C89a5f0e3-b67b-44db-9ccd-a682666c220a%2Ce7910a9f-760d-4f23-9ee6-aca67ef7fd83%2Ca3538bc9-fd58-463e-a1f7-3b2d2981fcde%2C50a49832-381a-4257-90de-d5a875ef7703%2C50a49832-381a-4257-90de-d5a875ef7703%2C69df9d24-9b06-4fa0-901d-26bd98b3030c%2C69df9d24-9b06-4fa0-901d-26bd98b3030c%2C907f6e07-8956-43a3-abc6-d09a798ee64a%2C907f6e07-8956-43a3-abc6-d09a798ee64a%2Caf53bdfe-2c5d-4c4f-8e0b-bd7b5c4663e3%2Caf53bdfe-2c5d-4c4f-8e0b-bd7b5c4663e3%2C2c4f493f-125b-489e-a5ae-69d261fabeef%2C2c4f493f-125b-489e-a5ae-69d261fabeef%2C8f26161a-899a-4d6b-9298-b687fb53898c&nocache=1663608387106&us_privacy=1---&aus=970x250%2C728x90%7C970x250%2C728x90%7C640x360%2C300x250%2C3x3%7C640x360%2C300x250%2C3x3%7C640x360%2C300x250%2C3x3%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C728x90&divids=ad-slot-7103-usatoday-high_impact-tech-1%2Cad-slot-7103-usatoday-high_impact-tech-1%2Cad-slot-7103-usatoday-native-article_link-tech-2%2Cad-slot-7103-usatoday-native-article_link-tech-3%2Cad-slot-7103-usatoday-native-article_link-tech-4%2Cad-slot-7103-usatoday-poster-tech-5%2Cad-slot-7103-usatoday-poster-tech-5%2Cad-slot-7103-usatoday-poster_scroll-tech-6%2Cad-slot-7103-usatoday-poster_scroll-tech-6%2Cad-slot-7103-usatoday-poster_scroll-tech-7%2Cad-slot-7103-usatoday-poster_scroll-tech-7%2Cad-slot-7103-usatoday-poster_scroll-tech-8%2Cad-slot-7103-usatoday-poster_scroll-tech-8%2Cad-slot-7103-usatoday-poster_scroll-tech-9%2Cad-slot-7103-usatoday-poster_scroll-tech-9%2Cad-slot-7103-usatoday-leaderboard_btf-tech-10&aucs=%252F7103%252Fusatoday%252Fhigh_impact%252Ftech%25231%2C%252F7103%252Fusatoday%252Fhigh_impact%252Ftech%25231%2C%252F7103%252Fusatoday%252Fnative-article_link%252Ftech%25232%2C%252F7103%252Fusatoday%252Fnative-article_link%252Ftech%25233%2C%252F7103%252Fusatoday%252Fnative-article_link%252Ftech%25234%2C%252F7103%252Fusatoday%252Fposter%252Ftech%25235%2C%252F7103%252Fusatoday%252Fposter%252Ftech%25235%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25236%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25236%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25237%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25237%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25238%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25238%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25239%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25239%2C%252F7103%252Fusatoday%252Fleaderboard_btf%252Ftech%252310&auid=538809158%2C540401029%2C538809142%2C538809142%2C538809142%2C538809142%2C538809143%2C538809142%2C538809143%2C538809142%2C538809143%2C538809142%2C538809143%2C538809142%2C538809143%2C540401029
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
21f3087f8e2217e913da0fc11ae868b86acfd75f75d48d1941002b669bfacebc

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.usatoday.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
gannett-d.openx.net/v/1.0/ 		106 B
509 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gannett-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7adc7040-7e69-4c9f-af88-e8d3b1a4f8dd&nocache=1663608387108&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A660%2C%22h%22%3A372%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22maxduration%22%3A120%2C%22minduration%22%3A0%2C%22mimes%22%3A%5B%22application%2Fjavascript%22%2C%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%2C%22application%2Fx-mpegURL%22%2C%22application%2Fdash%2Bxml%22%2C%22video%2Fx-ms-wmv%22%2C%22video%2Fms-asf%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%7D%7D%5D%7D&auid=539725881&vwd=660&vht=372&aucs=%252F7103%252Fusatoday%252Fteal-hero%252Ftech%2523videoSlot1
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.usatoday.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		38 B
569 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=196725&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221513db714ae47392%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22name%22%3A%22USA%20TODAY%22%2C%22domain%22%3A%22usatoday.com%22%2C%22cat%22%3A%5B%22IAB19%22%5D%2C%22sectioncat%22%3A%5B%5D%2C%22keywords%22%3A%22uber%2Chacking%2Chacker%2Cride-hailing%2Cdata-breach%2Coverall-negative%2Ccybersecurity%2Ccomputer-crime%2Cdefense-and-cybersecurity%2Ccomputer-security%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22brandsafety%22%3A%5B%22disasters%22%2C%22custom-verizon%22%5D%2C%22section%22%3A%5B%22tech%22%5D%2C%22subsection%22%3A%5B%22%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A8%2C%22ren%22%3Afalse%2C%22version%22%3A%226.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22152a9773fbabc5d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A196725%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fhigh_impact%2Ftech%231%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A196725%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fhigh_impact%2Ftech%231%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fhigh_impact%2Ftech%231%22%7D%7D%2C%7B%22id%22%3A%221556d2dedff56afe%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A196728%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter%2Ftech%235%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A196728%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter%2Ftech%235%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter%2Ftech%235%22%7D%7D%2C%7B%22id%22%3A%22157de5efa01c4744%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%236%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%236%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%236%22%2C%22sid%22%3A%22300x1050%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%236%22%7D%7D%2C%7B%22id%22%3A%2216058e302f4e2e7d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%237%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%237%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%237%22%2C%22sid%22%3A%22300x1050%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%237%22%7D%7D%2C%7B%22id%22%3A%22163787b261826d85%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%238%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%238%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%238%22%2C%22sid%22%3A%22300x1050%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%238%22%7D%7D%2C%7B%22id%22%3A%2216698363055d7ef1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%239%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%239%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%239%22%2C%22sid%22%3A%22300x1050%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%239%22%7D%7D%2C%7B%22id%22%3A%22169541cddb94158c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A196727%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fleaderboard_btf%2Ftech%2310%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fleaderboard_btf%2Ftech%2310%22%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30623623e69f4fa9ba32604465e40d014eddddb5d2631d14be07e5638d62d2f1

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRdVQD03qgrT%2BOpVasFRxdfhHbe%2FOCBUd8XJvYYXlqNGhixVX23oTVTCO8SHLx8yHBYnRyAPaDqcRmBtLuE8Nly0e4UQp0EH71AKqMFDWvxG6o4Bfgk6P5uLE%2BOzfJe0MDNjguVE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74d406c3e931f99d-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
cygnus
htlb.casalemedia.com/ 		38 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=196725&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221513db714ae47392%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22name%22%3A%22USA%20TODAY%22%2C%22domain%22%3A%22usatoday.com%22%2C%22cat%22%3A%5B%22IAB19%22%5D%2C%22sectioncat%22%3A%5B%5D%2C%22keywords%22%3A%22uber%2Chacking%2Chacker%2Cride-hailing%2Cdata-breach%2Coverall-negative%2Ccybersecurity%2Ccomputer-crime%2Cdefense-and-cybersecurity%2Ccomputer-security%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22brandsafety%22%3A%5B%22disasters%22%2C%22custom-verizon%22%5D%2C%22section%22%3A%5B%22tech%22%5D%2C%22subsection%22%3A%5B%22%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A8%2C%22ren%22%3Afalse%2C%22version%22%3A%226.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22154899c1077e32bc%22%2C%22ext%22%3A%7B%22siteID%22%3A239824%2C%22sid%22%3A%221%22%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fteal-hero%2Ftech%23videoSlot1%22%7D%2C%22video%22%3A%7B%22playerType%22%3A%22HTML5%22%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22mimes%22%3A%5B%22application%2Fjavascript%22%2C%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%2C%22application%2Fx-mpegURL%22%2C%22application%2Fdash%2Bxml%22%2C%22video%2Fms-asf%22%2C%22video%2Fx-ms-wmv%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A120%2C%22linearity%22%3A1%2C%22playerSize%22%3A%5B%5B660%2C372%5D%5D%2C%22placement%22%3A1%2C%22w%22%3A660%2C%22h%22%3A372%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30623623e69f4fa9ba32604465e40d014eddddb5d2631d14be07e5638d62d2f1

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul1DGWCZBWpMJRy%2FUNOdwwEWos5JUHdSWS4I2a2bbMMkWL0H31XiTaBdH0Q0BhNeNAfY29BToP0afdjwBgpv5OVNxpunmMb3Hfqe4De1sej9GH0InCO0Y6rgmyV5XD2sO%2F%2F%2BQLCA"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74d406c3e932f99d-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
pub
pixel.adsafeprotected.com/services/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:ad-slot-7103-usatoday-high_impact-tech-1,s:970.250,p:7103/usatoday/high_impact/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-native-article_link-tech-2,s:640.360,p:7103/usatoday/native-article_link/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-native-article_link-tech-3,s:640.360,p:7103/usatoday/native-article_link/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-native-article_link-tech-4,s:640.360,p:7103/usatoday/native-article_link/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-poster-tech-5,s:300.250,p:7103/usatoday/poster/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-poster_scroll-tech-6,s:300.250,p:7103/usatoday/poster_scroll/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-poster_scroll-tech-7,s:300.250,p:7103/usatoday/poster_scroll/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-poster_scroll-tech-8,s:300.250,p:7103/usatoday/poster_scroll/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-poster_scroll-tech-9,s:300.250,p:7103/usatoday/poster_scroll/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-leaderboard_btf-tech-10,s:728.90,p:7103/usatoday/leaderboard_btf/tech,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=667e045a-b978-b206-e580-3e02b1c68b1c&url=https%253A%252F%252Fwww.usatoday.com%252Fstory%252Ftech%252F2022%252F09%252F18%252Fuber-data-breach-hacked-phishing%252F10419761002%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.231.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-231-143.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b998e7c77cb959ba45b4566808901a718db8136d7f9464a0fc1ca3bc97ebfee8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
x-server-name
app06.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.usatoday.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
iasADX.js
static.adsafeprotected.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/iasADX.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 19:03:18 GMT
content-encoding
gzip
age
598990
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 14 Feb 2022 12:59:56 GMT
server
AmazonS3
etag
W/"c700d1e14608af0f21adaf6e08ac2cf5"
vary
Accept-Encoding
x-amz-version-id
S08nbEMSQBiWsSqdAKl6yaGPRyD0riRA
via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
yuNzbpfIgTnVkQv3lCGghTxrOPfo4PZ8q-BSJILvgX2yBBgM4-h9Dw==
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_m&anid:922805&sessionId:667e045a-b978-b206-e580-3e02b1c68b1c
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.231.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-231-143.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
x-server-name
app02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/ 		202 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:26:27 GMT
Content-Encoding
gzip
Age
259747
X-Cache
HIT
Connection
keep-alive
Content-Length
65932
x-amz-id-2
V/KsZeUml9OPtn8DD0LGMUba2pK1GX3V3q+t55b+Hb7VGylg+mTtICNrkG4dWAZ2HsqsYs+quZI=
X-Served-By
cache-yul12826-YUL
Last-Modified
Tue, 06 Sep 2022 17:14:03 GMT
Server
AmazonS3
X-Timer
S1663608387.161406,VS0,VE0
ETag
"ff03fa033abd214ac10b94ea9d102f86"
x-amz-request-id
6YAM0F6YY433SV0Y
Via
1.1 varnish
Cache-Control
public, max-age=864000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1940943
pubads_impl_2022091501.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2838ada1a2e98ea67fbff5622ae6dbc293c5cae3f50be29febaa03b9a4bd8627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 10:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130101
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 08:34:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Sep 2023 10:48:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		621 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.usatoday.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c0e8032448feed73a00d6ded147a500990327e7391ec952b96586bd1f5cd32e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
239
x-xss-protection
0
expires
Mon, 19 Sep 2022 17:26:27 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:37:17 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
28151
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
via
1.1 4e2a7874b5959279490dd3b94b18a312.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
wLIc8zxMow5K3Al2O-ybYlyYUD9dngSpy7sIU8-oengqROGFEmdooQ==
config
c.amazon-adsystem.com/cdn/prod/ 		849 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3062&u=https%3A%2F%2Fwww.usatoday.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
Server /
Resource Hash
a3fdf333d2e97c0f0dfc85a5b2d93216ce560fd3e973165219c624532249b38b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:34:52 GMT
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
server
Server
age
10294
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.usatoday.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
PHL50-C1
content-length
849
x-amz-cf-id
4msFF41z60f0s1gZYq-y6JRmagSKQxyW53rwJGr2fQt6GFYuam1mEA==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&pid=Ex5jn4a8JatUx&cb=0&ws=1600x1200&v=22.9.81452&t=1500&slots=%5B%7B%22sd%22%3A%22ad-slot-7103-usatoday-high_impact-tech-1%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fhigh_impact%2Ftech%231%22%7D%2C%7B%22id%22%3A%22videoSlot1%22%2C%22mt%22%3A%22v%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-native-article_link-tech-2%22%2C%22s%22%3A%5B%22640x360%22%2C%22300x250%22%2C%223x3%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%232%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-native-article_link-tech-3%22%2C%22s%22%3A%5B%22640x360%22%2C%22300x250%22%2C%223x3%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%233%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-native-article_link-tech-4%22%2C%22s%22%3A%5B%22640x360%22%2C%22300x250%22%2C%223x3%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%234%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-poster-tech-5%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter%2Ftech%235%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-6%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%236%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-7%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%237%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%238%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-9%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%239%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-leaderboard_btf-tech-10%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fleaderboard_btf%2Ftech%2310%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-36.phl50.r.cloudfront.net
Software
Server /
Resource Hash
7dbbf29eff26fea66f7f6fb4a5842f3375c109533b29865b2b9a078a5a80364e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 bf08d0f122cb7618f980954bd4f44e36.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-amz-rid
AS97W8P7QTEYFAE28HB7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
3195
x-amz-cf-id
ZCbZEPL5I-FZTwowT6fg4ux4GIvI7it7Tlukml-WBgk1TgnOcqEeuA==
bridge3.531.0_en.html
imasdk.googleapis.com/js/core/ Frame 738C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.531.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
360510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211701
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:17:57 GMT
expires
Fri, 15 Sep 2023 13:17:57 GMT
last-modified
Thu, 15 Sep 2022 13:10:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663608387275&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663608387275&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_s...
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663608387275&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=0&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1663608387281&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=5&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Server
18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-100.iad55.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
content-length
43
x-amz-cf-id
yrQL0KzDI8NzSMZRD6L8gihSDb-FQif12alQR5ZaHM3R5xgZWWct-g==
x-cache
Miss from cloudfront
content-type
image/gif

Redirect headers

location
/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663608387275&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=0&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1663608387281&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=5&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=
date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
content-length
0
x-amz-cf-id
tXHLhP77c-Iy9GD5UK-RjK3uTw2A9vNNKYAJ4StKRLSn9e0jxw0nBw==
x-cache
Miss from cloudfront
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663608387275&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663608387275&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_s...
43 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663608387275&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=3&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=3&ns_st_dpt=3&ns_st_ipt=3&ns_st_et=3&ns_st_det=3&ns_st_upc=3&ns_st_dupc=3&ns_st_iupc=3&ns_st_upa=3&ns_st_dupa=3&ns_st_iupa=3&ns_st_lpc=3&ns_st_dlpc=3&ns_st_lpa=3&ns_st_dlpa=3&ns_st_pa=3&ns_ts=1663608387284&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Server
18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-100.iad55.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
content-length
43
x-amz-cf-id
rCSOU1ij0IxEtWq7ayWct1yx3YLqK6i056DJG4sYDgm-S6f7tSA4kg==
x-cache
Miss from cloudfront
content-type
image/gif

Redirect headers

location
/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663608387275&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=3&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=3&ns_st_dpt=3&ns_st_ipt=3&ns_st_et=3&ns_st_det=3&ns_st_upc=3&ns_st_dupc=3&ns_st_iupc=3&ns_st_upa=3&ns_st_dupa=3&ns_st_iupa=3&ns_st_lpc=3&ns_st_dlpc=3&ns_st_lpa=3&ns_st_dlpa=3&ns_st_pa=3&ns_ts=1663608387284&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=
date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
content-length
0
x-amz-cf-id
T2M7mHZb9iYDMQfCgUVmL38j30apmBtKWbybb76K3eFl6p3VMg-tbA==
x-cache
Miss from cloudfront
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:06:04 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
51624
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
IAD55-P5
x-amz-cf-id
lM4Ecg4ET7sCVie8d_sCLPa4I2bsV3HQ96Lls5IeuK5hk_hi1w8xpA==
tr5
cdn.taboola.com/libtrc/ 		3 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=aa_test_for_monitoring_var
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663608387.431974,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
content-type
text/html
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
load.js
widget.perfectmarket.com/usatodaydemo/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/usatodaydemo/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f462305b0fa1cf6b138314840673fc57278fe4a22a4c041f7c7002e507fd8e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
sIhlgdY23G4B4SeUF3CoyE.2qjAuGLGx
content-encoding
gzip
etag
"9bd661ed70dc54df824cfbbe2a292a6d"
age
209
x-cache
HIT, HIT
content-length
1179
x-amz-id-2
DxwfuoTmaAOU+mw88PRNnI4V7MhzjI4uL5veWEqSNXPJ9dYSYd9KARh5Zo3q9PjgbchenJm2W40=
x-served-by
cache-sna10722-LGB, cache-yul12834-YUL
last-modified
Wed, 11 Mar 2020 08:48:12 GMT
server
AmazonS3
x-timer
S1663608387.456046,VS0,VE0
date
Mon, 19 Sep 2022 17:26:27 GMT
vary
Accept-Encoding,,
x-amz-request-id
00N5B0DZZ6T7RQ4B
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 4
impl.20220919-29-RELEASE.js
cdn.taboola.com/libtrc/ 		686 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220919-29-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
7475c05506be64a3776f01a8983debdb2776e64807042516043ca861986cad40

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
T4BwW6L7GkUUwUHkGO95NCIpA3.XfdwB
content-encoding
br
etag
"91098208efb744fc7f4777d1c6754b4d"
age
4254
x-cache
HIT
content-length
145351
x-amz-id-2
iFYM6cirozLeDUOxNC/lW1YiQQZH92ycX87z4bpE9X4FlnemTQzEOW8Jhi3RthGnAmtVKoph4H0=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 19 Sep 2022 15:43:23 GMT
server
AmazonS3-br
x-timer
S1663608387.431951,VS0,VE0
date
Mon, 19 Sep 2022 17:26:27 GMT
vary
Accept-Encoding
x-amz-request-id
13XT2GMYNRXB1Q95
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
32
x-cache-hits
10742
ats.js
ats.rlcdn.com/ 		109 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-52.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via
1.1 39a169e5169cc741a7c793f95d144134.cloudfront.net (CloudFront)
etag
"148e21f812b555a13b2a9c6b616141f4"
age
73239
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
content-length
112112
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Sun, 18 Sep 2022 21:05:49 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/x-javascript
x-amz-cf-id
q0liU404Rd2DxywAmhmUvP27mJUoJNdBG9PKLnEmD6s7yZ7N8fZ7AQ==
events
bidder.criteo.com/csm/ 		0
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 17:26:26 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
USAT-TEALIUM-TANGENT.json
www.usatoday.com/dcc/prod/ 		73 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/dcc/prod/USAT-TEALIUM-TANGENT.json
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f4a0264f0dbec6232658dd0ffb9e44c69c8f6f173de038ee99020cc672dba9b1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=wAS9Bg==, md5=J/FL1M+w5mowKLZ3m7iPDg==
date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
262395
x-amz-meta-goog-reserved-file-mtime
1663275020
x-guploader-uploadid
ADPycdu0wocILzCBanO51nYcUs4huyMzJjy-Agxk__M9rUtwWhufXFddGp3LN3lxXpT-FOILSLfT5Yt8YkYitYVv72G3pw
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
8285
last-modified
Thu, 15 Sep 2022 21:07:56 GMT
x-timer
S1663608387.454297,VS0,VE1
etag
"27f14bd4cfb0e66a3028b6779bb88f0e"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-generation
1663276076574051
access-control-allow-origin
*
cache-control
max-age=3600
x-goog-stored-content-length
74463
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
b
sb.scorecardresearch.com/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663608387507&ns_c=UTF-8&c7=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&c8=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&c9=
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-100.iad55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
x-amz-cf-id
NO7Ru2pGCie9IT664E-TPHMM6zNQMzivYX_WAv5nX5eCfaIF6wF-6A==
x-cache
Miss from cloudfront
b
sb.scorecardresearch.com/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663608387508&ns_c=UTF-8&c7=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&c8=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&c9=
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-100.iad55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
x-amz-cf-id
ISBTAWTvVS_4ubDx2OlnG4Meo6WXXHlikSUPMNExW3iGNnG0ciZRGg==
x-cache
Miss from cloudfront
json
trc.taboola.com/usatodaydemo/trc/3/ 		83 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/trc/3/json?tim=17%3A26%3A27.537&lti=aa_test_for_monitoring_var&data=%7B%22id%22%3A182%2C%22ii%22%3A%22%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1663604871046%2C%22vi%22%3A1663608387534%2C%22cv%22%3A%2220220919-29-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A8049%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22vpi%22%3A%22%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9558%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-u%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20-%20Feed%20Redesign%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20-%20Feed%20Redesign%22%2C%22cd%22%3A7902.25%2C%22mw%22%3A660%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22organic-thumbnails-rr-stream%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%20-%20Organic%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%20-%20Organic%22%2C%22cd%22%3A1176%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%2CBelow%20Article%20Thumbnails%20-%20Feed%20Redesign%3Dthumbnails-u%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%20-%20Organic%3Dorganic-thumbnails-rr-stream%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22aa_test_for_monitoring_var%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220919-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d6a6456f25d7729cf91bcce33de23e52d324a2e86fc8dde59a431cbc6f7d66a

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
857
date
Mon, 19 Sep 2022 17:26:28 GMT
content-encoding
gzip
server
nginx
x-timer
S1663608388.561050,VS0,VE857
x-served-by
cache-yul12832-YUL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
pmk-202002191.13.js
widget.perfectmarket.com/usatodaydemo/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/usatodaydemo/pmk-202002191.13.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/usatodaydemo/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df01c813a1afc16c8570d18db67c216942ebac119a2339bc84eb28cc0a72df39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
eV1dWizooeGEhNj7xzEDsqAiwZR.fWIA
content-encoding
gzip
etag
"aedbc3f638528fcb2b620ded2817932f"
age
22308908
x-cache
HIT, HIT
content-length
30942
x-amz-id-2
dsB76pVH7rPoa1IPQ987cSBAnBtWUsyI5M6C4CpUp7ZeeiQ3bYiBEv3a3nzZC70mn98zaniut1Q=
x-served-by
cache-lax10636-LGB, cache-yul12834-YUL
last-modified
Wed, 11 Mar 2020 08:48:12 GMT
server
AmazonS3
x-timer
S1663608388.556775,VS0,VE0
date
Mon, 19 Sep 2022 17:26:27 GMT
vary
Accept-Encoding,,
x-amz-request-id
YPKKF6ASCTQC5P8B
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
500, 19269
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6035223/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Server
18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Sep 2022 17:12:05 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
age
863
etag
W/"5b0f9f0704a703b8da651007721fac57"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
x-amz-cf-id
iSuhCzdh13jJyjXi50Fe_p1FgwkfaEHFanmS6EhwnwXcsY5MgMz3RQ==

Redirect headers

location
/internal-cs/default/beacon.js
date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
content-length
0
x-amz-cf-id
dZyGUYCWffQEP55_CY5lmSHq9KXrk0sWWizeOYJLOTcIrtZi1YCESQ==
x-cache
Miss from cloudfront
USAT-GCIAF-STANDARD
www.gannett-cdn.com/gciaf/prod/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.gannett-cdn.com/gciaf/prod/USAT-GCIAF-STANDARD
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 varnish
x-content-type-options
nosniff
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache
MISS
vary
Origin
x-xss-protection
1;mode=block
x-served-by
cache-yul12834-YUL, cache-yul12834-YUL
accept-ranges
bytes
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
same-origin
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.usatoday.com
origin-agent-cluster
?1
cache-control
no-store
feature-policy
autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
permissions-policy
autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
access-control-allow-credentials
true
timing-allow-origin
*
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2856
date
Mon, 19 Sep 2022 16:38:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 19 Sep 2022 18:38:51 GMT
js
www.googletagmanager.com/gtag/ 		183 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QQ6YP2J211
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13c244d25ba042da4e5a8e3d83a0e539ac13050a7ba44ec0aeb461c2e0b80215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68049
x-xss-protection
0
expires
Mon, 19 Sep 2022 17:26:27 GMT
p.js
cdn.parsely.com/keys/usatoday.com/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/usatoday.com/p.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.201.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-201-38.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
9d6ba6e6cbb253a4892d8d92c679cae1575a58ecebc0898657e46a779647e0a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
public
date
Mon, 19 Sep 2022 14:17:41 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 14:30:41 GMT
server
nginx
age
11326
etag
W/"609be691-11d9d"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
_2s4XGd7d3BKLZK2eNdw0UP23H9NM66fNKwkJTn713f7tqVgpXm4zA==
expires
Tue, 20 Sep 2022 14:17:41 GMT
suual7uwr.js
cdn.krxd.net/controltag/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/suual7uwr.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c97302ec51a0d6a168a6f974565bea551b90c4157b110e6929a569be67a05ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 varnish, 1.1 varnish
age
746
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
11135
x-served-by
config-service-a005-ash-prod.krxd.net, cache-iad-kjyo7100098-IAD, cache-yul12831-YUL
x-response-time
1
x-do-esi
esi
x-timer
S1663608388.616968,VS0,VE0
etag
"f9cd9884f3f8f2dcc90aaa9aa89177d6c9d4a9ff"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 28
v2
z-na.associates-amazon.com/onetag/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=d987ab8b-f962-42cf-a0eb-81c187032d94
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.210.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-210-231.phl50.r.cloudfront.net
Software
Server /
Resource Hash
3167e516e4093b233cb2095a7e5039e3f86bd461b39ac59976b51e5906d2f3c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:47:48 GMT
content-encoding
gzip
accept-charset
UTF-8
server
Server
age
27519
x-amz-rid
VF309MM4ZT48HA28E8FG
vary
accept-encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
utUMdw9msgDH_s5r9tk_i4QPtZvc6iWpw79szh4u29gvOqaWpQ3MOQ==
via
1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
h93fNYpswTZmPxboB8u4ZatJ154P2yH41UHWkBK07t/DRDh2h/rRmzQJ0Rbxn+VnCn6wlUkeDZv00+HmFsQSxQ==
x-fb-trip-id
1425083115
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:26:27 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15701
x-xss-protection
0
server
cafe
etag
15927311876428925992
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 17:26:27 GMT
v2_event.js
www.gstatic.com/retail/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/retail/v2_event.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab3eb0cc4af553940c3126bca328d001e51651098b3bec670395a2c879091706
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloud-ai-recommendation
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloud-ai-recommendation
content-encoding
gzip
x-content-type-options
nosniff
age
1003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
863
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 00:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloud-ai-recommendation"
date
Mon, 19 Sep 2022 17:09:44 GMT
vary
Accept-Encoding
report-to
{"group":"cloud-ai-recommendation","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloud-ai-recommendation"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:59:44 GMT
ktag.js
resources.xg4ken.com/js/v2/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.xg4ken.com/js/v2/ktag.js?tid=KT%E2%80%90N2B92%E2%80%903EB
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.100.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-100-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b2d2edfd67a8599f69483fd29240eaab4266233e8dff0767890a82dc0777b6a7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2022 12:45:42 GMT
server
nginx
etag
"6321ccf6-dd8"
content-type
text/plain
cache-control
max-age=86400, public
content-length
3544
x-xss-protection
1; mode=block
expires
Tue, 20 Sep 2022 17:26:27 GMT
A2920824-78d2-4593-b257-ae490811f1a01.js
d.impactradius-event.com/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.impactradius-event.com/A2920824-78d2-4593-b257-ae490811f1a01.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
56bd20c7592caa35f56a3f8bca3517937a0537b3ab1884aa4b05a028ad26695c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:23:21 GMT
content-encoding
gzip
age
186
x-guploader-uploadid
ADPycdt2DxV8LkvzprKmXiUNoTDOVewCn12nPoF0CS_WiLPhVLoV1x3Ipi3J6-hm54odwZXhwqpxDorxBC_JKD2QI4S3ww
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15526
last-modified
Thu, 21 Jul 2022 14:20:17 GMT
server
UploadServer
etag
"96de76dd1279d04d6b8c17ecc7213b13"
vary
Accept-Encoding
x-goog-hash
crc32c=jKxJqw==, md5=lt523RJ50E1rjBfsxyE7Ew==
x-goog-generation
1658413217786667
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
15526
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Mon, 19 Sep 2022 17:28:21 GMT
a-01aa.min.js
b-code.liadm.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-01aa.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:7600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
71a127d0a084e582a0b49104772f77ac88995258224862a8b2b8603894e1f028

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 11:09:01 GMT
via
1.1 534fd2eebbd6707fdf4614c97949ccac.cloudfront.net (CloudFront)
age
22646
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
PHL50-C1
content-encoding
gzip
x-amz-cf-id
uHBLnkK8qk9hGb5M3vT77tRBaaqC6vZmDaxTK5kRrHUWOWZmX2Vatw==
collect.js
10870841.collect.igodigital.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://10870841.collect.igodigital.com/collect.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.118.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-118-195.compute-1.amazonaws.com
Software
/
Resource Hash
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 17:32:13 GMT
vary
Accept-Encoding
content-type
application/javascript
scevent.min.js
sc-static.net/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-247.phl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
811f2e3d49494c1b9efce2da51082d3c79da94db5d80b8dc55504ff332aa3e46

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
PHL50-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
7961
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
x-amz-cf-id
bqq9jpKN_booKtvc5u58t58Mco2xd79HM2lc72gHkSW7vScFEyI6cQ==
tfa.js
cdn.taboola.com/libtrc/unip/1168/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4418c65239351eb99c41a5c0725a6eecd036b65147e3c51e3f995f136a6aafd1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
03xzAMXpalpB.R6uOGH5h6bQhS9NYafg
content-encoding
gzip
etag
"9d3d89435d85f0f7afaa7133eaa47108"
age
76
x-cache
HIT
x-amz-replication-status
PENDING
fastly-restarts
1
x-amz-id-2
p3ooUSCXO7wA3RSCrmJkozaAFUezs4GIwKRBg0wLiB8LJ5EyRTvs+IiULXbl0pxoyKawlWiBXjM=
x-served-by
cache-yul12832-YUL
accept-ranges
bytes
last-modified
Mon, 19 Sep 2022 17:25:05 GMT
server
AmazonS3
x-timer
S1663608388.569263,VS0,VE44
date
Mon, 19 Sep 2022 17:26:27 GMT
vary
Accept-Encoding
x-amz-request-id
TSHMY2SA5T564SJK
via
1.1 varnish
cache-control
private,max-age=14401
content-length
17600
content-type
application/javascript; charset=utf-8
abp
32
x-cache-hits
4
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-31.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 21:08:25 GMT
Via
1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
73083
ETag
"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
MLaqUTzQ281DZKP5yq8wQwMSUkeU8Rx17MLRmo-nN9Rvi9uIMU_udQ==
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 14:35:09 GMT
etag
"d4de8398858246712016031c834bb061+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15317
x-served-by
cache-iad-kjyo7100126-IAD
/
geo.privacymanager.io/ 		30 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-10.phl50.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:37:17 GMT
via
1.1 e71ab653feb8332f51edf19089ecf9fc.cloudfront.net (CloudFront), 1.1 e2aea636b5bbfa67100e8bdb9eda1cf6.cloudfront.net (CloudFront)
age
35350
x-amzn-requestid
ccd0dc89-08df-41e4-92c6-a9868b09852d
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-63281c2d-191eba8b43b42fe42533577e;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
IAD55-P4, PHL50-C1
x-amz-apigw-id
YslXGFuljoEFdoQ=
content-length
30
x-amz-cf-id
Kp4N9Xmvd28QQEiIgA_skfJWq0Is6VZEhDU_SWKEBBzz2ldEyic12Q==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
b
sb.scorecardresearch.com/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c2=6035223&c1=2&c5=tech&comscorekw=tech&c6=tech&c4=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&c15=176a75d8-ef36-4ff6-8ace-16a2bb816b37&cs_ucfr=&cs_it=b2&cv=3.8.0.210223&ns__t=1663608387665&ns_c=UTF-8&c7=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&c8=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&c9=
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-100.iad55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
x-amz-cf-id
XOLbLFHO1T6xhfV2OSjrHyFIqCss9exyHvkkd6DAEOU7EPi_1NfLfg==
x-cache
Miss from cloudfront
userEvents:collect
retail.googleapis.com/v2/projects/gannett-recommendations/locations/global/catalogs/default_catalog/ 		7 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retail.googleapis.com/v2/projects/gannett-recommendations/locations/global/catalogs/default_catalog/userEvents:collect?key=AIzaSyCiYeR-fmRSr595wMC03A9OjemIfGfcCbU&uri=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&user_event=%7B%22visitorId%22%3A%22d213d5ba-5e7a-461f-b5c7-c4e9117afb27%22%2C%22productDetails%22%3A%5B%7B%22product%22%3A%7B%22id%22%3A%2210419761002%22%7D%7D%5D%2C%22eventType%22%3A%22detail-page-view%22%2C%22attributes%22%3A%7B%22platform%22%3A%7B%22text%22%3A%5B%22tangent%22%5D%7D%2C%22site_code%22%3A%7B%22text%22%3A%5B%22USAT%22%5D%7D%7D%2C%22referrerUri%22%3A%22%22%2C%22userInfo%22%3A%7B%22userId%22%3A%22176a75d8-ef36-4ff6-8ace-16a2bb816b37%22%7D%7D&ets=1663608387666
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
server-timing
gfet4t7; dur=124
vary
Origin, X-Origin, Referer
content-length
7
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
controltag.js.387e8802bbd0d9fbfa52c1546d7297df
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/suual7uwr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
age
12484437
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
3463359
content-length
84742
x-served-by
cache-yul12831-YUL
last-modified
Thu, 28 Apr 2022 05:17:05 GMT
x-timer
S1663608388.680442,VS0,VE0
etag
"387e8802bbd0d9fbfa52c1546d7297df"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 25 Apr 2032 05:17:04 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1395409686&t=pageview&_s=1&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ul=en-us&de=UTF-8&dt=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KHBAAEABEAAAAC~&jid=244324027&gjid=7759901&cid=130624166.1663608388&tid=UA-166840762-3&_gid=1610516932.1663608388&_r=1&_slc=1&cd177=light&cd166=1&cd5=5%3A00%20pm&cd6=0&cd26=frank%20bajak&cd59=Frank%20Bajak&cd65=tech&cd23=2022-09-18&cd24=16%3A22%3A48Z&cd25=Uber%20says%20services%20are%20operational%20following%20data%20breach&cd14=10419761002&cm9=1&cd58=uber%2Chacking%2Chacker%2Cride-hailing%2Cdata%20breach%2Coverall%20negative%2Ccybersecurity%2Ccomputer%20crime%2Cdefense%20and%20cybersecurity%2Ccomputer%20security&cd27=metered&cd94=Associated%20Press&cd61=tech&cd62=null&cd64=null&cd63=null&cd60=no%20story%20highlights&cd30=story%20pages&cd180=1166&cd1=pageview&cd72=18&cd128=18&cd129=18&cd126=88&cd127=88&cd159=88&cd2=gciAnalytics%3Aprod%3A0.245.0%3AUSAT-TEALIUM-TANGENT&cd3=0.245.0&cd108=f&cd76=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&cd176=kick%7C10%2Cspk%7C11%2Cspk%7C22%2Cspk%7C29%2Cspk%7C46%2Cspk&cd45=desktop&cd49=tangent&cd91=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&cd77=USAT-E&cd48=yes&cd178=no&cd50=2%7C1%2Ctwitter%2C10419761002%7C2%2Ctwitter%2C10419761002&cd95=McLean%2C%20VA&cd68=VA&cd67=usatoday&cd43=&cd28=USAT&cd99=Gannett&cd162=A&cd83=top%2Cbottom&cd79=USAT-TEALIUM-TANGENT&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&cd4=176a75d8-ef36-4ff6-8ace-16a2bb816b37&cd179=16276&cd11=na%7Canonymous%7Cna%7Cna%7Cna&cd165=na%7Canonymous%7Cna%7Cna%7Cna&cd169=000&cd170=000&cd40=1&cd160=null&cd42=control%3A18&cd8=unauthenticated&cd90=0&cd33=anonymous&cd7=130624166.1663608388.385320&cd44=130624166.1663608388&z=346767650
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1395409686&t=event&_s=2&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ul=en-us&de=UTF-8&dt=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=navigation&ea=scroll%20milestone&el=0&_u=KHBAAEABEAAAAC~&jid=&gjid=&cid=130624166.1663608388&tid=UA-166840762-3&_gid=1610516932.1663608388&cd177=light&cd166=1&cd5=5%3A00%20pm&cd6=0&cd14=10419761002&cd58=&cd61=tech&cd62=null&cd64=null&cd63=null&cd30=story%20pages&cd180=1166&cd1=custom&cd72=18&cd128=18&cd129=18&cd126=88&cd127=88&cd159=88&cd2=gciAnalytics%3Aprod%3A0.245.0%3AUSAT-TEALIUM-TANGENT&cd3=0.245.0&cd108=f&cd76=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&cd45=desktop&cd49=tangent&cd91=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&cd77=USAT-E&cd178=no&cd95=McLean%2C%20VA&cd68=VA&cd67=usatoday&cd43=&cd28=USAT&cd99=Gannett&cd162=A&cd79=USAT-TEALIUM-TANGENT&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&cd4=176a75d8-ef36-4ff6-8ace-16a2bb816b37&cd179=16276&cd11=na%7Canonymous%7Cna%7Cna%7Cna&cd165=na%7Canonymous%7Cna%7Cna%7Cna&cd169=000&cd170=000&cd40=1&cd160=null&cd42=control%3A18&cd8=unauthenticated&cd90=0&cd33=anonymous&cd7=130624166.1663608388.54215935&cd44=130624166.1663608388&cd92=scroll%20milestone&cd153=body%20nav&z=42976791
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 18:53:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81165
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
unip
trc.taboola.com/1168/log/3/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1168/log/3/unip?sourceurl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&user_type=guest&en=page_view&unified_id=176a75d8-ef36-4ff6-8ace-16a2bb816b37&paywall=false&tim=1663608387692&ref=null&cv=20220919-29-RELEASE&tos=2&ssd=1&scd=12&mrir=u&vi=1663608387534
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
19
pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 varnish
server
nginx
x-timer
S1663608388.713012,VS0,VE19
x-served-by
cache-yul12832-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1663608387716&plid=60818095&idsite=usatoday.com&url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22userStatus%22%3A%22unauthenticated%22%2C%22userType%22%3A%22anonymous%22%2C%22sevenDayReturn%22%3Afalse%7D&tagManager=gciAnalytics%3Aprod%3A0.245.0%3AUSAT-TEALIUM-TANGENT&sid=1&surl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&sref=&sts=1663608387712&slts=0&title=Uber+data+breach%3A+Employee+apparently+tricked+into+sharing+credentials&date=Mon+Sep+19+2022+17%3A26%3A27+GMT%2B0000+(GMT)&action=pageview&urlRef=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&js=1&pvid=42377895&u=pid%3D03fa5397937c69a57beab88073393dc8
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-161-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:26:27 GMT
Cache-Control
no-cache
Last-Modified
Monday, 19-Sep-2022 17:26:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QQ6YP2J211&gtm=2oe9e0&_p=1395409686&cid=130624166.1663608388&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&uid=176a75d8-ef36-4ff6-8ace-16a2bb816b37&cu=USD&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&dr=&sid=1663608387&sct=1&seg=0&dt=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QQ6YP2J211
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-166840762-3&cid=130624166.1663608388&jid=244324027&gjid=7759901&_gid=1610516932.1663608388&_u=KHBAAEAAEAAAAC~&z=1007699045
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 19 Sep 2022 17:26:27 GMT
content-type
text/plain
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
14143
gannett.sjv.io/xur/ 		114 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gannett.sjv.io/xur/14143
Requested by
Host: d.impactradius-event.com
URL: https://d.impactradius-event.com/A2920824-78d2-4593-b257-ae490811f1a01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.211.136 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
136.211.227.35.bc.googleusercontent.com
Software
/
Resource Hash
14e3a532ec50c4fd9911be4de0fd91ae09a40ed911fcdef41202833626419232

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin
https://www.usatoday.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Sep 2022 17:26:27 GMT
andoncord
assoc-na.associates-amazon.com/onetag/ 		16 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assoc-na.associates-amazon.com/onetag/andoncord
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=d987ab8b-f962-42cf-a0eb-81c187032d94
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
Server /
Resource Hash
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:26:27 GMT
Server
Server
x-amz-rid
2Z0R63AM2T25MENHR8YF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.usatoday.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
16
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.83
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-xss-protection
0
pragma
public
x-fb-debug
f1ufQOBfNYQsBItUqTjjO/Qhx/PLbchqfeWumtWzMuaAxCpp848SZovjtC6gBu9YcC0wOg7Gu7s76NvG25ckow==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:26:27 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1613278598987210
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1613278598987210?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
86001e634a10fcc6b960136f0cf8f28320e6875cf461a2e371eea54917eb93b6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86374
x-xss-protection
0
pragma
public
x-fb-debug
9r33saYLEFqFwdS6JtKvjZI2WWbpfL24rZUI9cFvzCns6ksUgoRakEZfKXtwjq1KIGS0kmTaNXO5K00pJKIF9Q==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:26:27 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/994302621/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994302621/?random=1663608387814&cv=9&fst=1663608387814&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&tiba=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
339616cc3be456efc2da65983afe69ee0dc196e3334408db4b7cf6b93dc65b3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1083
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 5E78 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
40458908
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
525
content-type
text/html
date
Mon, 19 Sep 2022 17:26:27 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
expires
Fri, 19 Feb 2027 17:50:50 GMT
last-modified
Tue, 21 Feb 2017 17:50:54 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1077377
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by
cache-yul12831-YUL
x-timer
S1663608388.854092,VS0,VE0
iu3
s.amazon-adsystem.com/ Frame 645B
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_rbd_n-emx_ppt_n-vmg_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_rbd_n-emx_ppt_n-vmg_an-db5_3lift&dcc=t
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_rbd_n-emx_ppt_n-vmg_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
328
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 19 Sep 2022 17:26:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
RBT3TGRXBXRWJSY5WCVP

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 19 Sep 2022 17:26:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_rbd_n-emx_ppt_n-vmg_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
TZF72462PW5QX0EMVTJ9
update_item
nova.collect.igodigital.com/c2/10870841/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nova.collect.igodigital.com/c2/10870841/update_item?payload=%5B%7B%22author%22%3A%22Frank%20Bajak%22%2C%22name%22%3A%22Uber%20says%20services%20are%20operational%20following%20data%20breach%22%2C%22item%22%3A%2210419761002%22%2C%22category%22%3A%22tech%22%2C%22item_type%22%3A%22story%20pages%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%7D%5D
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.118.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-118-195.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
track_page_view
nova.collect.igodigital.com/c2/10870841/ 		43 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nova.collect.igodigital.com/c2/10870841/track_page_view?payload=%7B%22category%22%3A%22tech%22%2C%22title%22%3A%22Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22referrer%22%3A%22%22%7D
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.118.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-118-195.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-runtime
0.005871
date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"98b3d9d20e032f90aca49e9b116225d5"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
a77fd607-cde7-420f-9717-b81d43107fd5
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.usatoday.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		363 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3849175039062455&correlator=1710643979505159&eid=31068929%2C31069473%2C31069671&output=ldjh&gdfp_req=1&vrg=2022091501&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=7103%2Cusatoday%2Chigh_impact%2Ctech%2Cnative-article_link%2Cposter%2Cposter_scroll%2Cleaderboard_btf&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F4%2F3%2C0%2F1%2F4%2F3%2C0%2F1%2F4%2F3%2C0%2F1%2F5%2F3%2C0%2F1%2F6%2F3%2C0%2F1%2F6%2F3%2C0%2F1%2F6%2F3%2C0%2F1%2F6%2F3%2C0%2F1%2F7%2F3&prev_iu_szs=970x250%7C970x90%7C970x66%7C728x90%7C1x2%7C2560x1440%2C320x50%7C640x360%7C300x250%7C3x3%7C1x1%2C320x50%7C640x360%7C300x250%7C3x3%7C1x1%2C320x50%7C640x360%7C300x250%7C3x3%7C1x1%2C300x250%7C300x600%2C300x250%7C300x600%7C300x1050%2C300x250%7C300x600%7C300x1050%2C300x250%7C300x600%7C300x1050%2C300x250%7C300x600%7C300x1050%2C728x90&fluid=0%2Cheight%2Cheight%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=2675892286%2C3163588119%2C3163588112%2C3163588113%2C2753249855%2C1961648847%2C1961648846%2C1961648845%2C1961648844%2C1758763108&sfv=1-0-38&fsapi=false&prev_scp=position%3Dhigh_impact%26adCount%3D1%26id%3D312d7bd9-3840-11ed-9208-02813368eb05%26vw%3D40%26grm%3D40%26nsf%3Dparamount%2Cparamount-high_impact%7Cposition%3Dnative-article_link%26adCount%3D1%26amznbid%3Dhg02dc%26amzniid%3DJCE4DwJntgHKN-BZloeTL04AAAGDVsl4iwEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICB1mfEa%26amznsz%3D300x250%26amznp%3D1s4lr0g%26id%3D312d7bda-3840-11ed-9208-02813368eb05%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%26MVPlacementKey%3Dtangent-spike%26features%3Dnoautoplay%2CheavyAds%2Cpolarcirc%26nsf%3Dparamount%2Cparamount-16_9%7Cposition%3Dnative-article_link%26adCount%3D2%26amznbid%3Dhg02dc%26amzniid%3DJL3bNe7bQ7go2irVLzsLC2AAAAGDVsl4jAEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICAeBUzp%26amznsz%3D300x250%26amznp%3D1s4lr0g%26id%3D312d7bdb-3840-11ed-9208-02813368eb05%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%26MVPlacementKey%3Dtangent-spike%26features%3Dnoautoplay%2CheavyAds%2Cpolarcirc%26nsf%3Dparamount%2Cparamount-16_9%7Cposition%3Dnative-article_link%26adCount%3D3%26amznbid%3D1ledlhc%26amzniid%3DJBrOWK_uJCfh_OSPt2AN3v0AAAGDVsl4jAEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICANASn2%26amznsz%3D300x250%26amznp%3D1s4lr0g%26id%3D312d7bdc-3840-11ed-9208-02813368eb05%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%26MVPlacementKey%3Dtangent-spike%26features%3Dnoautoplay%2CheavyAds%2Cpolarcirc%26nsf%3Dparamount%2Cparamount-16_9%7Cposition%3Dposter%26adCount%3D1%26amznbid%3Dz7a2v4%26amzniid%3DJG7zcp36syEpREzetXyP-RUAAAGDVsl4jAEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICDCLykM%26amznsz%3D300x600%26amznp%3D1s4lr0g%26id%3D312d7bdd-3840-11ed-9208-02813368eb05%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7Cposition%3Dposter_scroll%26adCount%3D1%26amznbid%3Dz7a2v4%26amzniid%3DJExM6nXGR4cKBpKvpT5hQSwAAAGDVsl4jAEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICAg0erT%26amznsz%3D300x600%26amznp%3D1s4lr0g%26id%3D312d7bde-3840-11ed-9208-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%2C70%7Cposition%3Dposter_scroll%26adCount%3D2%26amznbid%3Dz7a2v4%26amzniid%3DJHi8XbIoAfKl0_gmo64wmCUAAAGDVsl4jQEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICBGggr9%26amznsz%3D300x600%26amznp%3D1s4lr0g%26id%3D312d7bdf-3840-11ed-9208-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%2C70%7Cposition%3Dposter_scroll%26adCount%3D3%26amznbid%3Dhg02dc%26amzniid%3DJGjsGafp2TniyYzePEKzfRIAAAGDVsl4jQEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICCNJ2pM%26amznsz%3D300x600%26amznp%3D1s4lr0g%26id%3D312d7be0-3840-11ed-9208-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%2C70%7Cposition%3Dposter_scroll%26adCount%3D4%26amznbid%3Dhg02dc%26amzniid%3DJP2xp0YzGBlst6bAb0KPKQ8AAAGDVsl4jQEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICDLdHhH%26amznsz%3D300x600%26amznp%3D1s4lr0g%26id%3D312d7be1-3840-11ed-9208-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%2C70%7Cposition%3Dleaderboard_btf%26adCount%3D1%26id%3D312d7be2-3840-11ed-9208-02813368eb05&eri=1&cust_params=aam_props%3Dtangent-desktop%257Cdesktop%257Cstory%2520pages%26alerttype%3D%26build%3Dtangent-desktop%26content_category%3Dcomputers-electronics%252Ccomputer-security%26contentid%3D10419761002%26cst_section%3Dtech%26features%3Dnoautoplay%252CheavyAds%26gnt_sb%3D18%26gnt_ub%3D88%26hls%3Dhttps%253A%252F%252Fwww.usatoday.com%252Fgannett-web%252Fapps%252Fteal%252Fdist%252Fvendor%252Fhls%252Fhls.0.14.9.min.js%26ksg%3D%26kuid%3D%26navigationtype%3Ddirect%26origin%3DAssociated%2520Press%26pageType%3Dstory%26privacy%3DNA%26property%3DUSAT%26sitepage%3DUSAT%252Ftech%26sgrp%3Da%26ssts_section%3Dtech%26topic%3Duber%252Chacking%252Chacker%252Cride-hailing%252Cdata-breach%252Coverall-negative%252Ccybersecurity%252Ccomputer-crime%252Cdefense-and-cybersecurity%252Ccomputer-security%26userguid%3D176a75d8-ef36-4ff6-8ace-16a2bb816b37%26utm_props%3D%257C%257C%26variant%3Dad-control%26categoryvalue%3Ddisasters%252Ccustom-verizon%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_1506123_PG%252CIAS_1785_KW%252CIAS_3006647_PG%252CIAS_4858_KW%252CIAS_8809_KW%252CIAS_1500690_PG%252CIAS_1500693_PG%252CIAS_1507080_PG%252CIAS_6676_KW%252CIAS_1507654_PG%252CIAS_1507653_PG%26ss%3Dnon%252Ca%26swgt%3Dna%26dolookalike%3DNA%26user_traits%3Dcontrol%253A18%26excl_cat%3Ddisasters%252Ccustom-verizon&sc=1&cookie_enabled=1&abxe=1&dt=1663608387945&lmt=1663608387&dlt=1663608386745&idt=722&adxs=-12245933%2C-9%2C-9%2C-9%2C1010%2C-9%2C-9%2C-9%2C-9%2C436&adys=-12245933%2C-9%2C-9%2C-9%2C544%2C-9%2C-9%2C-9%2C-9%2C8756&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C0%7C-1%7C-1%7C-1%7C-1%7C1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&frm=20&vis=1&psz=1600x268%7C0x-1%7C0x-1%7C0x-1%7C300x268%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C880x108&msz=970x250%7C0x-1%7C0x-1%7C0x-1%7C300x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C728x90&fws=4%2C2%2C2%2C2%2C516%2C2%2C2%2C2%2C2%2C4&ohw=1600%2C0%2C0%2C0%2C1600%2C0%2C0%2C0%2C0%2C728&ga_vid=130624166.1663608388&ga_sid=1663608388&ga_hid=1395409686&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGMPypba1MEgAUgIIaw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71496ce5513afbeaf59dba30bfb3d27f9b5b8010563198d06bbba16a5d169cf8
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15744942358174629888/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15744942358174629888/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CInIkpiwofoCFUoLTwgd3yAEvQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/15744942358174629888/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15744942358174629888/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15744942358174629888/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CInIkpiwofoCFUoLTwgd3yAEvQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/15744942358174629888/index.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
google-creative-id
-1,-1,138212667844,138212667847,138212742965,138212695899,138212695896,138212695902,138212695905,138402022046
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52392
x-xss-protection
0
google-lineitem-id
-1,-1,4441645603,4441645600,4442091026,4442091026,4442091026,4442091020,4442091020,6095185387
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Mon, 19 Sep 2022 17:26:28 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ffe23ab977ed4d082aa81c53cd0ea023.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E9AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ffe23ab977ed4d082aa81c53cd0ea023.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:26:28 GMT
expires
Tue, 19 Sep 2023 17:26:28 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync-container.js
b-code.liadm.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01aa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:7600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 17 Sep 2022 11:50:41 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 11:48:07 GMT
server
AmazonS3
age
192947
etag
W/"ae5e94de938b0387eda6df8f20da811a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
via
1.1 534fd2eebbd6707fdf4614c97949ccac.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
gRBOjTxuysCnmoSiKZPyySpwUmGhnhLTYFsGdgyXezMHSfZ7iP0tkw==
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-166840762-3&cid=130624166.1663608388&jid=244324027&_u=KHBAAEAAEAAAAC~&z=232122117
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-166840762-3&cid=130624166.1663608388&jid=244324027&_u=KHBAAEAAEAAAAC~&z=232122117
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
onetag
assoc-na.associates-amazon.com/ 		64 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22reviewedcom03-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%7D&u=https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=d987ab8b-f962-42cf-a0eb-81c187032d94
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
Server /
Resource Hash
788ea5797ec14418de602f6f0a886c49360970c07ffdc25f28fdefc39f854f38

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:26:28 GMT
Server
Server
x-amz-rid
HC7CBWTB4BGFDX52KCSW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.usatoday.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
64
e88225a2-3b7b-45e3-9cc2-a3130b91f0db
consumer.krxd.net/consent/get/ 		222 B
282 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/e88225a2-3b7b-45e3-9cc2-a3130b91f0db?idt=device&dt=kxcookie&callback=Krux.ns.gannett.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f150b0743942f9d0a6df2878c3573fab4ba287f576ee11d8319a727a5f3bef89

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:28 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a020-ash-prod.krxd.net, cache-yul12822-YUL
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1663608388.007371,VS0,VE0
content-length
184
x-cache-hits
0, 1
adsct
t.co/i/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=a397cedb-0b17-49c9-bdfc-c7fc4618c1ef&events=%5B%5B%22pageview%22%2C%7B%22currency%22%3A%22USD%22%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=450cbeb2-67dc-426d-90ef-5ccd700ebc21&tw_document_href=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6it1&type=javascript&version=2.3.27
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
6
date
Mon, 19 Sep 2022 17:26:27 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
10ef614f3e2ed4f4e2b92b49920635a0417f6ff59df3db7856665ae31e6bd4ac
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a397cedb-0b17-49c9-bdfc-c7fc4618c1ef&events=%5B%5B%22pageview%22%2C%7B%22currency%22%3A%22USD%22%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=450cbeb2-67dc-426d-90ef-5ccd700ebc21&tw_document_href=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6it1&type=javascript&version=2.3.27
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
7
date
Mon, 19 Sep 2022 17:26:27 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
d1d2fe94fb6fa1b803d6495ad4835043b3bb683c1446d764ae7e51980d5c4b81
content-length
43
init
tr.snapchat.com/ 		126 B
491 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/init?pids=83ed99d9-8377-45aa-ba76-e017d4d8e602
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2f69e78584888f6169761ee7c96cd73d26b6b72127b4f8fea25763d6bf35232e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:28 GMT
content-encoding
gzip
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google, 1.1 google
is_enabled
tr.snapchat.com/collector/ 		78 B
166 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=83ed99d9-8377-45aa-ba76-e017d4d8e602&tld=com
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
22a1e454ab88130ab3e742afb5eb58bbf6f496a64f659372c0f0fdd850e31682
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:28 GMT
content-encoding
gzip
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google, 1.1 google
i
tr.snapchat.com/cm/ Frame 6140 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=83ed99d9-8377-45aa-ba76-e017d4d8e602&u_scsid=465d2b64-2690-4115-8644-71d6db0fa732&u_sclid=018276db-d139-4b3f-a40d-34e007103ed1
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
gzip
content-type
text/html
date
Mon, 19 Sep 2022 17:26:28 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
9
/
www.google.com/pagead/1p-user-list/994302621/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/994302621/?random=1663608387814&cv=9&fst=1663606800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&tiba=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&async=1&fmt=3&is_vtc=1&random=2392945136&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/994302621/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/994302621/?random=1663608387814&cv=9&fst=1663606800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&tiba=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&async=1&fmt=3&is_vtc=1&random=2392945136&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
444277530343501
connect.facebook.net/signals/config/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/444277530343501?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844a8cf7ed1d736fb3d0b85d05a9619449d99a367269d524c7fbea096e1a1a15
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86450
x-xss-protection
0
pragma
public
x-fb-debug
rNz+6r0jFIyBHBKQA4IRcwgO3lgzHPYjM5LS5hCjPzjzX7F2DRJyUYhSslNwGsMP/xPwdgGEBIZuk6Uu/CbPOw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:26:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1613278598987210&ev=PageView&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&rl=&if=false&ts=1663608388050&cd[currency]=USD&cd[content_type]=product&sw=1600&sh=1200&ud[external_id]=b741dedeaf639d9c17bd2e88bb2d45b82e702f598c9e68b11002cc11699bd430&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663608387548.7584408797&it=1663608387810&coo=false&eid=pageview-3bc7d275-fdba-467a-aec1-b088998c4434&tm=1&rqm=GET
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 17:26:28 GMT
/
www.facebook.com/tr/ 		44 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1613278598987210&ev=ViewContent&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&rl=&if=false&ts=1663608388052&cd[currency]=USD&cd[content_type]=product&sw=1600&sh=1200&ud[external_id]=b741dedeaf639d9c17bd2e88bb2d45b82e702f598c9e68b11002cc11699bd430&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663608387548.7584408797&it=1663608387810&coo=false&eid=pageview-3bc7d275-fdba-467a-aec1-b088998c4434&tm=1&rqm=GET
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 17:26:28 GMT
p
tr.snapchat.com/ 		68 B
573 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryP7omgXWy0wTmRzNe

Response headers

date
Mon, 19 Sep 2022 17:26:28 GMT
via
1.1 google, 1.1 google
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-type
text/html
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1663608388092&aid=a-01aa&se=e30&duid=bf719b866c77--01gdbcjyccrc83hbd3x1vky1f6&tna=v2.4.2&pu=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-...
  • https://rp4.liadm.com/j?dtstmp=1663608388092&aid=a-01aa&se=e30&duid=bf719b866c77--01gdbcjyccrc83hbd3x1vky1f6&tna=v2.4.2&pu=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data...
45 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1663608388092&aid=a-01aa&se=e30&duid=bf719b866c77--01gdbcjyccrc83hbd3x1vky1f6&tna=v2.4.2&pu=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ext_gup_anonid=176a75d8-ef36-4ff6-8ace-16a2bb816b37&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPlViZXIgZGF0YSBicmVhY2g6IEVtcGxveWVlIGFwcGFyZW50bHkgdHJpY2tlZCBpbnRvIHNoYXJpbmcgY3JlZGVudGlhbHM8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGRhdGEgYnJlYWNoIGF0IFViZXIgcHV0cyB0aGUgc3BvdGxpZ2h0IG9uIGFuIGVmZmVjdGl2ZSBicmVhay1pbiByb3V0aW5lOiB0cmlja2luZyBhbiBlbXBsb3llZSBpbnRvIHNoYXJpbmcgdGhlaXIgY3JlZGVudGlhbHMuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNhdG9kYXkuY29tL3N0b3J5L3RlY2gvMjAyMi8wOS8xOC91YmVyLWRhdGEtYnJlYWNoLWhhY2tlZC1waGlzaGluZy8xMDQxOTc2MTAwMi8iPjxoMSBjbGFzcz0iZ250X2FyX2hsIiBlbGVtZW50dGltaW5nPSJhci1oZWFkbGluZSI-VWJlciBzYXlzIHNlcnZpY2VzIGFyZSBvcGVyYXRpb25hbCBmb2xsb3dpbmcgZGF0YSBicmVhY2g8L2gxPjx0aXRsZSBpZD0icGxheV90ZWFscGxheWVyX3N2ZyI-UGxheTwvdGl0bGU-PHRpdGxlIGlkPSJwYXVzZV90ZWFscGxheWVyX3N2ZyI-UGF1c2U8L3RpdGxlPjx0aXRsZSBpZD0ibXV0ZV90ZWFscGxheWVyX3N2ZyI-U291bmQgT248L3RpdGxlPjx0aXRsZSBpZD0idW5tdXRlX3RlYWxwbGF5ZXJfc3ZnIj5Tb3VuZCBPZmY8L3RpdGxlPjx0aXRsZSBpZD0iY2xvc2VkQ2FwdGlvbl90ZWFscGxheWVyX3N2ZyI-Q2xvc2VkQ2FwdGlvbjwvdGl0bGU-PHRpdGxlIGlkPSJzaGFyZV90ZWFscGxheWVyX3N2ZyI-T3BlbiBTaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJmdWxsc2NyZWVuX3RlYWxwbGF5ZXJfc3ZnIj5FbnRlciBGdWxsIFNjcmVlbjwvdGl0bGU-PHRpdGxlIGlkPSJleGl0RnVsbHNjcmVlbl90ZWFscGxheWVyX3N2ZyI-RXhpdCBGdWxsIFNjcmVlbjwvdGl0bGU-&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjE1&n3pc=true
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Server
52.207.19.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-19-117.compute-1.amazonaws.com
Software
/
Resource Hash
eb27d5196cca3fe422ace69d7a4d4b0f4f5d38cab34d75a3cb66eb3edd1fef85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:28 GMT
x-pixel-event-id
4b3612ab-507e-46da-9d51-23a3f7466e1c
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
null
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
860cecd646d0558c
request-time
0
content-length
45
x-content-type-options
nosniff

Redirect headers

date
Mon, 19 Sep 2022 17:26:28 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
location
https://rp4.liadm.com/j?dtstmp=1663608388092&aid=a-01aa&se=e30&duid=bf719b866c77--01gdbcjyccrc83hbd3x1vky1f6&tna=v2.4.2&pu=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ext_gup_anonid=176a75d8-ef36-4ff6-8ace-16a2bb816b37&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPlViZXIgZGF0YSBicmVhY2g6IEVtcGxveWVlIGFwcGFyZW50bHkgdHJpY2tlZCBpbnRvIHNoYXJpbmcgY3JlZGVudGlhbHM8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGRhdGEgYnJlYWNoIGF0IFViZXIgcHV0cyB0aGUgc3BvdGxpZ2h0IG9uIGFuIGVmZmVjdGl2ZSBicmVhay1pbiByb3V0aW5lOiB0cmlja2luZyBhbiBlbXBsb3llZSBpbnRvIHNoYXJpbmcgdGhlaXIgY3JlZGVudGlhbHMuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNhdG9kYXkuY29tL3N0b3J5L3RlY2gvMjAyMi8wOS8xOC91YmVyLWRhdGEtYnJlYWNoLWhhY2tlZC1waGlzaGluZy8xMDQxOTc2MTAwMi8iPjxoMSBjbGFzcz0iZ250X2FyX2hsIiBlbGVtZW50dGltaW5nPSJhci1oZWFkbGluZSI-VWJlciBzYXlzIHNlcnZpY2VzIGFyZSBvcGVyYXRpb25hbCBmb2xsb3dpbmcgZGF0YSBicmVhY2g8L2gxPjx0aXRsZSBpZD0icGxheV90ZWFscGxheWVyX3N2ZyI-UGxheTwvdGl0bGU-PHRpdGxlIGlkPSJwYXVzZV90ZWFscGxheWVyX3N2ZyI-UGF1c2U8L3RpdGxlPjx0aXRsZSBpZD0ibXV0ZV90ZWFscGxheWVyX3N2ZyI-U291bmQgT248L3RpdGxlPjx0aXRsZSBpZD0idW5tdXRlX3RlYWxwbGF5ZXJfc3ZnIj5Tb3VuZCBPZmY8L3RpdGxlPjx0aXRsZSBpZD0iY2xvc2VkQ2FwdGlvbl90ZWFscGxheWVyX3N2ZyI-Q2xvc2VkQ2FwdGlvbjwvdGl0bGU-PHRpdGxlIGlkPSJzaGFyZV90ZWFscGxheWVyX3N2ZyI-T3BlbiBTaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJmdWxsc2NyZWVuX3RlYWxwbGF5ZXJfc3ZnIj5FbnRlciBGdWxsIFNjcmVlbjwvdGl0bGU-PHRpdGxlIGlkPSJleGl0RnVsbHNjcmVlbl90ZWFscGxheWVyX3N2ZyI-RXhpdCBGdWxsIFNjcmVlbjwvdGl0bGU-&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjE1&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://www.usatoday.com
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
48212f7fc617d4ba
request-time
0
content-length
0
x-content-type-options
nosniff
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=444277530343501&ev=PageView&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&rl=&if=false&ts=1663608388140&cd[currency]=USD&cd[content_type]=product&sw=1600&sh=1200&ud[external_id]=b741dedeaf639d9c17bd2e88bb2d45b82e702f598c9e68b11002cc11699bd430&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663608387548.7584408797&it=1663608387810&coo=false&eid=pageview-3bc7d275-fdba-467a-aec1-b088998c4434&tm=1&rqm=GET
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 17:26:28 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=444277530343501&ev=ViewContent&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&rl=&if=false&ts=1663608388141&cd[currency]=USD&cd[content_type]=product&sw=1600&sh=1200&ud[external_id]=b741dedeaf639d9c17bd2e88bb2d45b82e702f598c9e68b11002cc11699bd430&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663608387548.7584408797&it=1663608387810&coo=false&eid=pageview-3bc7d275-fdba-467a-aec1-b088998c4434&tm=1&rqm=GET
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 17:26:28 GMT
a-01aa
i.liadm.com/s/c/ Frame 8208 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-01aa?s=&cim=&ps=true&ls=true&duid=bf719b866c77--01gdbcjyccrc83hbd3x1vky1f6&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.124.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-124-102.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
697
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 17:26:28 GMT
ETag
1.61803398874
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
baker
sli.usatoday.com/ 		19 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sli.usatoday.com/baker?dtstmp=1663608388308
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.34.59.30 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-34-59-30.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Expires
Mon, 19 Sep 2022 17:26:28 GMT
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.5/ 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.9.5/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220919-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92f452014c4bd081f4e3395e0423c9f5088e12f20b456f60c8b0d6b51a118127

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:28 GMT
via
1.1 5da360f23ca6a5d9a9a5e95b0b553be0.cloudfront.net (CloudFront), 1.1 varnish
age
548463
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
30400
x-served-by
cache-yul12832-YUL
last-modified
Tue, 13 Sep 2022 09:04:05 GMT
server
AmazonS3
x-timer
S1663608388.480399,VS0,VE0
etag
"61c09a3e99bef5074941c5ea63321376"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
06iT85FXYVv5EZwz82s8k4JJsG24riv9D9fNTwegBwyoYjiBUnqnRw==
x-cache-hits
65799
feed-card-placeholder.20220919-29-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20220919-29-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca2e9669d0cc6319cbefa68c880fbf59f06141c190fb30b1922ee88a11e4f64a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
QqcqXTfNLjZBbyOkoAN5sf02Xk0Sr_bI
content-encoding
gzip
etag
"7aa21c42eda65f471860308033598cb9"
age
10
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1264
x-amz-id-2
Hswrvjr0g0GkCjPPVMiTNdBmsKgozPf4RIk3dCbgweY3wRvY5YpAArvB9NVDY9nRXcJ0Kd5tikg=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 19 Sep 2022 17:26:16 GMT
server
AmazonS3
x-timer
S1663608388.480047,VS0,VE0
date
Mon, 19 Sep 2022 17:26:28 GMT
vary
Accept-Encoding
x-amz-request-id
VDSZPZW0NZNK2XHG
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
16
x-cache-hits
24
cta-component.20220919-29-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20220919-29-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a737e3f66a346ee9e475bb77fbec472b519714c9c8c3b544435af89782a0edaf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
QPw0cS2VcxKyjTlIr6uRqqHGND24bNBf
content-encoding
gzip
etag
"07191a19ea572ebde5ecd445300f9077"
age
20
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5109
x-amz-id-2
fw0paszH+UPYduNZDjlptNFDsI4Dka+7ux3nw7C0oroWklb2b/CjpSiBx1ru2A9s4uZeni6d+N0=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 19 Sep 2022 17:26:06 GMT
server
AmazonS3
x-timer
S1663608388.497614,VS0,VE0
date
Mon, 19 Sep 2022 17:26:28 GMT
vary
Accept-Encoding
x-amz-request-id
DDH8HC3D0T2DHSMD
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
16
x-cache-hits
4
userx.20220919-29-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220919-29-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f36fa0a282c376f2979a7958b50bf9dec790f9d18ad9071f99401b6abeabb81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
hhCCKDAXetuOQCXV5yMEOCQRIGPhJPzZ
content-encoding
gzip
etag
"a2de6bb2cdeb556a13b6aede27212c0f"
age
99
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5399
x-amz-id-2
96YNUmunYc+c1AEOPOCklfIMYTYsWi6R2A+gsm8UgUvJZmkRRpc/VSA4Q5Wnzihjkcpvh8gcjHw=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 19 Sep 2022 17:24:47 GMT
server
AmazonS3
x-timer
S1663608388.497568,VS0,VE0
date
Mon, 19 Sep 2022 17:26:28 GMT
vary
Accept-Encoding
x-amz-request-id
VJREQ7PDBZPE3ARV
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
16
x-cache-hits
68
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/
Redirect Chain
  • https://us-east-sync.bidswitch.net/sync?ssp=taboola&dsp_id=366&imp=1
  • https://us-east-sync.bidswitch.net/ul_cb/sync?ssp=taboola&dsp_id=366&imp=1
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=&consent=&usp=&ssp=taboola&bsw=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=&consent=&usp=&ssp=taboola&bsw=a43d1664-bc25-4fd3-bd32-f6be759dd4f2&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NTYzMTY2MTY5ZWVhOWNiNg&gdpr=&gdpr_consent=&us_privacy=&ssp=taboola&bsw_param=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18124

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
Date
Mon, 19 Sep 2022 17:26:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
prod-use.perf-serving.com/imp_notice_c2s/v1/C-MdMHE61DaFXIBezv57wBwqi8cKgkcitImVXCNAOHv_BQ5ZWCLbTIJLK--3ZFXigFTUXjln7s3yL9TpnpweKA56TvPMI73K-EqyNkUFdw9rJzNUjkHT_Hnhi4nyKNbFzt-MmfWX9pO_n2COLXmWi-mEB... 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-use.perf-serving.com/imp_notice_c2s/v1/C-MdMHE61DaFXIBezv57wBwqi8cKgkcitImVXCNAOHv_BQ5ZWCLbTIJLK--3ZFXigFTUXjln7s3yL9TpnpweKA56TvPMI73K-EqyNkUFdw9rJzNUjkHT_Hnhi4nyKNbFzt-MmfWX9pO_n2COLXmWi-mEBdReq2HxXBA9H4_5de45k5MPdp64-C1tt8bwCxyFdUbey1dMKIML5FEARbcoJvb2lqWcnN6pkB-rDIJG7Bjk-CkcU589qL4iR9p1YTd8Yk9mYYHEqx1CtI90q-XB2XnYDt_ZD19pAsjk7ZZhDXT3DBSQRU8jXuY51F9bBiJVApvYBp2Ja3soXyb0fLaKvV7HLyK9Dqk2Gvxil284pNZo992MUIPrtgydnTjXZn_etCbsrIS0dU3Ionv1n9SJq_CiDDoFzO-KFwlXc6ZwGtTrR75CoRXnYIXyxZHhD3ZDuJpglcUkTEhiouHFsBUfap07twEYuQTOnkk3qszyAaJTIpl8AEIxTtzVZJ1YNXYKvNqyEpbD5xT7viJB6qQKe0LEEHAPlZLcKL1A9tVwbxwSQu7CNh9Hb0DRUoBSV_htIn8lRkNV9gRMJ2MQr6nDhXmALRZKD-YWBvZLIdBhAonwoYNGpC4O95Js7Fa-mZWtloWXAiZmt1IZy22omNKVsTx7aXIbtEhhY9Noo2yCbisY37yEcKMzYz-XbpJVN-rLEwxk-UJV6EvkZd_n8Y-VzrWlPvmS3SG2w8i3rz4OIp7G9SppTYI2otNwMJmPt2aQZWgh1VZxL0LqF1kaBun-cXYgc7s020lwjIBA6vTJdKpyaWffaCDy2obM3WUOQkFw-xTGM7fv5MTCU8yc9c9h2k92rit1s7K2RQjJ4kXZ7X7N6O4wlCVIUHE706xUWDwNeFhYbkN37xMrcMNxqeVOiJ8EIKC2lk6Uk9anpKKq3NhhVofUS2CdwDltkj4K15xRe29fnaOuHLFBQrJgI32EbiKRqyPs6C9zayFUB51vwYdRqWXazVI96rUadgmfn-RqWHDcX8vL6o_rUa8W9xohcWaeaEhrFj7PsM1_z_-hUMt_I-7RiHp8j3EKkOu9LWW6eWLoXeKJ8r95N0XDLPyw0m5J6R3taXKtBHhsWRGu-VMSAbGIUU8mAcD2RgHg45yUa2tGf0aUKLoxrmzi6Op5jWLQTLMkFxyUtIeIALWjR9fl74DkSKQ7Z3IoStx_Q4qVqKUv4q-1WDIhwTk/
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.20.91 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
91.20.211.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:28 GMT
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
social
us-trc-events.taboola.com/usatodaydemo/log/3/ 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/usatodaydemo/log/3/social?route=US:US:V&lti=aa_test_for_monitoring_var&ri=f5e1a9280546d3690bed1fe2b1679e61&sd=v2_46d9fb9fc26dbcd267c404d7e1a4515a_ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3_1663608387_1663608387_CNawjgYQkAkYzu-ltrUwIAEoATAmOInoB0Dq9QdIp8vZA1CuzAdYAGAAaN6m7pak_O37ywFwAQ&ui=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&pi=/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/&wi=5356780592502002784&pt=text&vi=1663608387534&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Uber%20says%20services%20are%20operational%20following%20data%20breach%22%2C%22sec%22%3A%22tech%22%2C%22aut%22%3A%5B%22Frank%20Bajak%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.gannett-cdn.com%2Fpresto%2F2022%2F09%2F18%2FUSAT%2Fff9d0fe9-65c0-4de6-b9e9-00b83ec760bf-AP_Uber.jpg%3Fcrop%3D3544%2C1994%2Cx0%2Cy180%26width%3D3200%26height%3D1801%26format%3Dpjpg%26auto%3Dwebp%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=17%3A26%3A28.495&id=8479&llvl=2&cv=20220919-29-RELEASE&
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 19 Sep 2022 17:26:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
social
us-trc-events.taboola.com/usatodaydemo/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/usatodaydemo/log/3/social?route=US:US:V&lti=aa_test_for_monitoring_var&ri=f5e1a9280546d3690bed1fe2b1679e61&sd=v2_46d9fb9fc26dbcd267c404d7e1a4515a_ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3_1663608387_1663608387_CNawjgYQkAkYzu-ltrUwIAEoATAmOInoB0Dq9QdIp8vZA1CuzAdYAGAAaN6m7pak_O37ywFwAQ&ui=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&pi=/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/&wi=5356780592502002784&pt=text&vi=1663608387534&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22ln%22%3A%22below-fold%22%2C%22lx%22%3A290%2C%22ly%22%3A710%2C%22m%22%3A%22video%22%2C%22v%22%3A3%2C%22md%22%3A%7B%22ap%22%3Anull%2C%22vd%22%3Anull%7D%7D%5D%7D&tim=17%3A26%3A28.495&id=8200&llvl=2&cv=20220919-29-RELEASE&
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 19 Sep 2022 17:26:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
34
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
mNc0QtgGEk5fjAEs86GntrS7BlEyDR/AohLDyBTk/uNsgQOkRrtnlEkJn1cYLIkWHL896HRkEbs=
x-served-by
cache-yul12832-YUL
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1663608389.524621,VS0,VE0
date
Mon, 19 Sep 2022 17:26:28 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
3FDSYTBK3X1PQKQQ
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
16
x-cache-hits
38
jsvid
pixel.adsafeprotected.com/ 		237 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jsvid?videoId=e5ae0ffa895ab110455e6d367b7f9f11&anId=922805&campId=660x371&placementId=6060303800&pubCreative=138398796146
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/gannett-web/apps/teal/dist/vendor/ias/ias-3.5.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.231.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-231-143.compute-1.amazonaws.com
Software
/
Resource Hash
14a15c67a6eb7abd8f39a93c5954e7f6115c731c8a417569b1a76845693f9ccd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:28 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
/
www.facebook.com/tr/ Frame C584 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.usatoday.com
Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.usatoday.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:26:28 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
apple-store-fifth-avenue-new-york.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gannett-cdn.com/-mm-/9a59bb524ec9ca36e003815a74d768f534167181/c%3D0-85-1632-1... 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gannett-cdn.com/-mm-/9a59bb524ec9ca36e003815a74d768f534167181/c%3D0-85-1632-1003/local/-/media/2022/07/27/USATODAY/usatsports/apple-store-fifth-avenue-new-york.jpg
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9d0a3c574548100590f52b50b6c93e176208fbe0a15082c838c78ca8c09179

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 19 Sep 2022 17:26:28 GMT
via
1.1 varnish, 1.1 varnish
age
2725496
edge-cache-tag
305756504726627978296296530595431687273,405550598551822833538911228744018708920,29ecf9b93bbf306179626feeda1fab70
cache-tag
305756504726627978296296530595431687273,405550598551822833538911228744018708920,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
107
x-cache
MISS, HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gannett-cdn.com/-mm-/9a59bb524ec9ca36e003815a74d768f534167181/c%3D0-85-1632-1003/local/-/media/2022/07/27/USATODAY/usatsports/apple-store-fifth-avenue-new-york.jpg
content-length
2834
x-request-id
b327de0804f15a5adfd1dcf3f6b8226b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 19 Aug 2022 04:15:39 GMT
server
nginx
x-timer
S1663608389.662253,VS0,VE0
etag
"9b049a1e3af7c6709f522ccb456aae5d"
x-served-by
cache-iad-kjyo7100179-IAD, cache-iad-kiad7000061-IAD, cache-lga21965-LGA, cache-iad-kcgs7200123-IAD, cache-yul12832-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 2
imageforentry27-5xc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gannett-cdn.com/-mm-/b2b05a4ab25f4fca0316459e1c7404c537a89702/c%3D0-0-1365-76... 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gannett-cdn.com/-mm-/b2b05a4ab25f4fca0316459e1c7404c537a89702/c%3D0-0-1365-768/local/-/media/2022/02/25/USATODAY/usatsports/imageforentry27-5xc.jpg
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d66eed0070f47e880b8b8bf9fc435f869679e84e20f1e8a0dcab4cda9b37bb26

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 17:26:28 GMT
via
1.1 varnish, 1.1 varnish
age
964813
edge-cache-tag
522486655064364855793925727771951672414,405550598551822833538911228744018708920,29ecf9b93bbf306179626feeda1fab70
cache-tag
522486655064364855793925727771951672414,405550598551822833538911228744018708920,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
347
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gannett-cdn.com/-mm-/b2b05a4ab25f4fca0316459e1c7404c537a89702/c%3D0-0-1365-768/local/-/media/2022/02/25/USATODAY/usatsports/imageforentry27-5xc.jpg
content-length
3468
x-request-id
b53750c9c1b86b494ff1918dbe076ee0
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 08 Sep 2022 13:25:43 GMT
server
nginx
x-timer
S1663608389.662183,VS0,VE1
etag
"2d41f2b6ea2468878c204f9eef212262"
x-served-by
cache-iad-kjyo7100123-IAD, cache-iad-kcgs7200083-IAD, cache-chi-klot8100097-CHI, cache-iad-kiad7000165-IAD, cache-yul12832-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
fe86f929d933f0fdb665e895519f139c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe86f929d933f0fdb665e895519f139c.jpg
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f85b5234360033591c0451b482214f92cb9d0f28e9708519e324461af6a4a532

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 19 Sep 2022 17:26:28 GMT
via
1.1 varnish, 1.1 varnish
age
2845360
edge-cache-tag
629806828606858352076350854679763646729,405550598551822833538911228744018708920,29ecf9b93bbf306179626feeda1fab70
cache-tag
629806828606858352076350854679763646729,405550598551822833538911228744018708920,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
96
expiration
expiry-date="Sat, 17 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe86f929d933f0fdb665e895519f139c.jpg
content-length
12070
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Wed, 17 Aug 2022 17:31:05 GMT
server
nginx
x-timer
S1663608389.662093,VS0,VE2
etag
"89422f12e6d505862b175e2b73845d84"
x-served-by
cache-iad-kcgs7200158-IAD, cache-iad-kiad7000029-IAD, cache-sna10730-LGB, cache-iad-kjyo7100070-IAD, cache-yul12832-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 1
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~l891hawf&c=3438591691981&slotId=1719295845990.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r3---sn-quxapm-3c2e.gvt1.com/videoplayback/id/2fd7b80018412b55/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1663629988/sparams/acao,ctie...
Redirect Chain
  • https://redirector.gvt1.com/videoplayback/id/2fd7b80018412b55/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1663629988/sparams/ip,ipbits,...
  • https://r3---sn-quxapm-3c2e.gvt1.com/videoplayback/id/2fd7b80018412b55/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1663629988/sparams/a...
378 KB
378 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-quxapm-3c2e.gvt1.com/videoplayback/id/2fd7b80018412b55/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1663629988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/3DC1A0303CA1252A795499FCA587AAE0B7901490.1EF37FE8BC2FCA7190483FD7265787BBCC1D1C14/key/cms1/cms_redirect/yes/mh/vp/mip/2607:5300:60:7867::15/mm/28/mn/sn-quxapm-3c2e/ms/nvh/mt/1663608021/mv/m/mvi/3/pl/32/file/file.mp4
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H3
Server
2a00:1588:d801::10 , Ukraine, ASN36040 (YOUTUBE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
0059e434ab6eb363bd000ed2c3274dc56bc15dec1421914739d972f4f062d3af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Jul 2022 20:32:11 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-387474/387475
client-protocol
quic
cache-control
private, max-age=21299
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
387475
expires
Mon, 19 Sep 2022 17:26:29 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:28 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r3---sn-quxapm-3c2e.gvt1.com/videoplayback/id/2fd7b80018412b55/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1663629988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/3DC1A0303CA1252A795499FCA587AAE0B7901490.1EF37FE8BC2FCA7190483FD7265787BBCC1D1C14/key/cms1/cms_redirect/yes/mh/vp/mip/2607:5300:60:7867::15/mm/28/mn/sn-quxapm-3c2e/ms/nvh/mt/1663608021/mv/m/mvi/3/pl/32/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
703
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 70C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.usatoday.com
Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.usatoday.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:26:28 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sca.17.5.12.js
static.adsafeprotected.com/ Frame 0920 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 08:34:48 GMT
content-encoding
gzip
age
1759900
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
KN8WduaP5g_GcOhyV-9jimospzehA4L2ATaG7NFOHsBRO79KGneK-g==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=2662dfc8-e4d0-36da-ba5f-4e9fa453126e&tv=%7Bc:oGmDoO,pingTime:-8,time:28,type:l,vv:3.5.1,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:29,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:290.710.660.371,am:v,cc:290.710.660.371,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B22~100%5D,as:%5B22~660.371%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jsvid,dtt:0,fm:thTZgau+1*.922805%7C11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C19%7C1a%7C1b,idMap:1*,rmeas:1,rend:1,renddet:env,siq:28%7D&br=c
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:e6aa:3af:c2cf:659f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:28 GMT
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=2662dfc8-e4d0-36da-ba5f-4e9fa453126e&tv=%7Bc:oGmDpq,pingTime:-2,time:66,type:a,im:%7BpBlk:50,sf:0,pom:1,prf:%7BbeA:2055,beZ:2057,mfA:2058,cmA:2060,inA:2060,inZ:2068,prA:2068,prZ:2076,si:2082,poA:2085,bl:2105,poZ:2106,cmZ:2106,mfZ:2106,loA:2115,loZ:2117,ltA:2121,ltZ:2121%7D%7D,env:%7Bgca:false,cca:true,ccd:%7BuspString:1---,version:1%7D,gca2:false%7D,clog:%5B%7Bpiv:100,vs:o,r:v,w:660,h:371,t:26%7D%5D,ve:%7BvEventCount:1,vEvents:%5B%7Bt:-100,tp:adLoaded,sl:o,volume:0,ad_duration:6,height:360,width:640%7D%5D%7D,vv:3.5.1,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:66,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:290.710.660.371,am:v,cc:290.710.660.371,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B59~100%5D,as:%5B59~660.371%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jsvid,dtt:0,fm:thTZgau+1*.922805%7C11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C19%7C1a%7C1b,idMap:1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:env,siq:28,slid:%5B%5D,sinceFw:35,readyFired:true%7D&br=c
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:e6aa:3af:c2cf:659f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:28 GMT
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=2662dfc8-e4d0-36da-ba5f-4e9fa453126e&tv=%7Bc:oGmDqc,time:114,type:e,im:%7BpWait:4%7D,vv:3.5.1,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:114,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:290.710.660.371,am:v,cc:290.710.660.371,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B107~100%5D,as:%5B107~660.371%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jsvid,dtt:0,fm:thTZgau+1*.922805%7C11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C19%7C1a%7C1b,idMap:1*,rmeas:1,rend:1,renddet:env,siq:28%7D&br=c
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:e6aa:3af:c2cf:659f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:28 GMT
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
st
imprnjmp.taboola.com/ Frame B28F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7dD8CFgORPa5NNEDZMgSRPa5NNEDZMgUAAAAGBvQHJGVzDme-jcut2viWa9FgsltLbC6TWznbjRyWwcKyMk6GQFI253Dm27jcqo1vuRYNJru1xOYyuZWz3chhGSwsK-NkCi_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs9BLZCxXCaDpGVyeZ4-uxu40HQ6fK57ve73u6s-D9Pf5HDeNX63X3P6W55_0ctj9EsGk8lesNwrhnvVxWV5ixymh1tieTk8RrfQ4fG6TG7B0ek5Ou0-v2IwWix3s8VgMNnLAQAAAODh____HwIAAAAgAgAAAEACAAAAgCKg4t9C4AIAAAAA4____18DwGRDIDrkQGi_3XR5Ocz-AAAAAAABAAAAIAEgQKgpAejgnjn5_________48ZoM-8kfn___-_UegBePABeBACAAC4GAITwZCMdoUeJyIYK2IEAAAAUImTqXs0qRMqi6r___9-K4ArAICAQatkvIos3UGJtzAAAICDsQV6WPx-s8Ou8btd9v________9v9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUDMdrMDgAAAODu____Xw-EZiPnzOKceSyzkcVjssx2G9NgNPKtHAvTarFaeA_JrCDWCCieuS9GWGa_76CgnJ4es8sgKrreFrvDafYc1AIZy2UySFoml-fpsxvEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWjSYrEajyWIyXI0mq9lysdttkKJVq9loMxiuZpPZbrcaDobL0QgnbDFaTSab5XC2XEwGw9FwNBoiTJhsK4trs1rLBoPJWjSzzNYK33K0lm18M4dvN1yubKa16PUxPSyTycTj2aJgQNReJE-LdKLZzBYOy265nFh2w-VgMFkshruRbbgZDRcOj2M2EUs0J4t0IrvsS7ORc2ZxzjyW2cjiMVlmu41pMBr5Vo6FabVYLfwNk21lcW1Wa9lgMFmLZpbZWuFbjtayjW_m8O2Gy5XNtBa9PqaHZTKZeDz7xmy2mQ2Gm-Fu35jNNrPBcDPc7Tt0hu_qcza6Dq6z-nqLTZdX78lg8R2kBtvPpPsthBHjuSg5CcfZtcHYsK4PkrPBYzAYdtraN3h4_X3Obvm78R6MilgiuEgnqs_D9Dc5nCeX228RS5Smi3Si15z-ludf9PIY_ZLBZLIXLPeK4V51cVneIofp4ZZYXg6P0S10eLwuk1twdHqOTrvPrxiMFsvdbDEYTPYSsURwukgnopfxdFH_0SFGy7lqNlesNnPFcLZKAAAAAAAAAABLmDJvAgAAAHAayGw0Ga3WeRDL1Wy5WC0XAIAAUvdHfewv-_9gb1fpaiNyKJkarLjxY4b6PEx_k8N5crn9VgYAEPhg3vyZINZqtawBAAAEsAEAAAK4dfMWiA7F_____8cBAADIyNEDAADQ7wMxqffAjV4r8BPgaLMY!&cmcv=&pix=undefined&cb=1663608388849&uv=3226&tms=1663608388849&abt=ecp_vC!inc_all_video_vA!scec11_vA!spa2_vA!t45!ufm_vE!ul118513-590_vB!vzr_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=ef98f7ce-5c79-4027-bfed-967da20a2e82&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 19 Sep 2022 17:26:28 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12832-YUL
x-timer
S1663608389.893623,VS0,VE22
sync
us-match.taboola.com/ Frame B3E3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V7dD8CFgORPa5NNEDZMgSRPa5NNEDZMgUAAAAGBvQHJGVzDme-jcut2viWa9FgsltLbC6TWznbjRyWwcKyMk6GQFI253Dm27jcqo1vuRYNJru1xOYyuZWz3chhGSwsK-NkCi_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs9BLZCxXCaDpGVyeZ4-uxu40HQ6fK57ve73u6s-D9Pf5HDeNX63X3P6W55_0ctj9EsGk8lesNwrhnvVxWV5ixymh1tieTk8RrfQ4fG6TG7B0ek5Ou0-v2IwWix3s8VgMNnLAQAAAODh____HwIAAAAgAgAAAEACAAAAgCKg4t9C4AIAAAAA4____18DwGRDIDrkQGi_3XR5Ocz-AAAAAAABAAAAIAEgQKgpAejgnjn5_________48ZoM-8kfn___-_UegBePABeBACAAC4GAITwZCMdoUeJyIYK2IEAAAAUImTqXs0qRMqi6r___9-K4ArAICAQatkvIos3UGJtzAAAICDsQV6WPx-s8Ou8btd9v________9v9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUDMdrMDgAAAODu____Xw-EZiPnzOKceSyzkcVjssx2G9NgNPKtHAvTarFaeA_JrCDWCCieuS9GWGa_76CgnJ4es8sgKrreFrvDafYc1AIZy2UySFoml-fpsxvEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWjSYrEajyWIyXI0mq9lysdttkKJVq9loMxiuZpPZbrcaDobL0QgnbDFaTSab5XC2XEwGw9FwNBoiTJhsK4trs1rLBoPJWjSzzNYK33K0lm18M4dvN1yubKa16PUxPSyTycTj2aJgQNReJE-LdKLZzBYOy265nFh2w-VgMFkshruRbbgZDRcOj2M2EUs0J4t0IrvsS7ORc2ZxzjyW2cjiMVlmu41pMBr5Vo6FabVYLfwNk21lcW1Wa9lgMFmLZpbZWuFbjtayjW_m8O2Gy5XNtBa9PqaHZTKZeDz7xmy2mQ2Gm-Fu35jNNrPBcDPc7Tt0hu_qcza6Dq6z-nqLTZdX78lg8R2kBtvPpPsthBHjuSg5CcfZtcHYsK4PkrPBYzAYdtraN3h4_X3Obvm78R6MilgiuEgnqs_D9Dc5nCeX228RS5Smi3Si15z-ludf9PIY_ZLBZLIXLPeK4V51cVneIofp4ZZYXg6P0S10eLwuk1twdHqOTrvPrxiMFsvdbDEYTPYSsURwukgnopfxdFH_0SFGy7lqNlesNnPFcLZKAAAAAAAAAABLmDJvAgAAAHAayGw0Ga3WeRDL1Wy5WC0XAIAAUvdHfewv-_9gb1fpaiNyKJkarLjxY4b6PEx_k8N5crn9VgYAEPhg3vyZINZqtawBAAAEsAEAAAK4dfMWiA7F_____8cBAADIyNEDAADQ7wMxqffAjV4r8BPgaLMY!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 19 Sep 2022 17:26:28 GMT
machineid
3106
server
nginx
st
us-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7dD8CFgORPa5NNEDZMgSRPa5NNEDZMgUAAAAGBvQHJGVzDme-jcut2viWa9FgsltLbC6TWznbjRyWwcKyMk6GQFI253Dm27jcqo1vuRYNJru1xOYyuZWz3chhGSwsK-NkCi_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs9BLZCxXCaDpGVyeZ4-uxu40HQ6fK57ve73u6s-D9Pf5HDeNX63X3P6W55_0ctj9EsGk8lesNwrhnvVxWV5ixymh1tieTk8RrfQ4fG6TG7B0ek5Ou0-v2IwWix3s8VgMNnLAQAAAODh____HwIAAAAgAgAAAEACAAAAgCKg4t9C4AIAAAAA4____18DwGRDIDrkQGi_3XR5Ocz-AAAAAAABAAAAIAEgQKgpAejgnjn5_________48ZoM-8kfn___-_UegBePABeBACAAC4GAITwZCMdoUeJyIYK2IEAAAAUImTqXs0qRMqi6r___9-K4ArAICAQatkvIos3UGJtzAAAICDsQV6WPx-s8Ou8btd9v________9v9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUDMdrMDgAAAODu____Xw-EZiPnzOKceSyzkcVjssx2G9NgNPKtHAvTarFaeA_JrCDWCCieuS9GWGa_76CgnJ4es8sgKrreFrvDafYc1AIZy2UySFoml-fpsxvEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4GYrAa4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWjSYrEajyWIyXI0mq9lysdttkKJVq9loMxiuZpPZbrcaDobL0QgnbDFaTSab5XC2XEwGw9FwNBoiTJhsK4trs1rLBoPJWjSzzNYK33K0lm18M4dvN1yubKa16PUxPSyTycTj2aJgQNReJE-LdKLZzBYOy265nFh2w-VgMFkshruRbbgZDRcOj2M2EUs0J4t0IrvsS7ORc2ZxzjyW2cjiMVlmu41pMBr5Vo6FabVYLfwNk21lcW1Wa9lgMFmLZpbZWuFbjtayjW_m8O2Gy5XNtBa9PqaHZTKZeDz7xmy2mQ2Gm-Fu35jNNrPBcDPc7Tt0hu_qcza6Dq6z-nqLTZdX78lg8R2kBtvPpPsthBHjuSg5CcfZtcHYsK4PkrPBYzAYdtraN3h4_X3Obvm78R6MilgiuEgnqs_D9Dc5nCeX228RS5Smi3Si15z-ludf9PIY_ZLBZLIXLPeK4V51cVneIofp4ZZYXg6P0S10eLwuk1twdHqOTrvPrxiMFsvdbDEYTPYSsURwukgnopfxdFH_0SFGy7lqNlesNnPFcLZKAAAAAAAAAABLmDJvAgAAAHAayGw0Ga3WeRDL1Wy5WC0XAIAAUvdHfewv-_9gb1fpaiNyKJkarLjxY4b6PEx_k8N5crn9VgYAEPhg3vyZINZqtawBAAAEsAEAAAK4dfMWiA7F_____8cBAADIyNEDAADQ7wMxqffAjV4r8BPgaLMY!&cmcv=&pix=31589837&cb=1663608388849&uv=3226&tms=1663608388849&abt=ecp_vC!inc_all_video_vA!scec11_vA!spa2_vA!t45!ufm_vE!ul118513-590_vB!vzr_vA&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1663608386667.3!ts:1663608388849&mntl=1
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:28 GMT
content-length
0
server
nginx
container.html
ffe23ab977ed4d082aa81c53cd0ea023.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 383C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ffe23ab977ed4d082aa81c53cd0ea023.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/main-q1a2z3ec888503.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:26:28 GMT
expires
Tue, 19 Sep 2023 17:26:28 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame FF13 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw3Q6FOth3BULt-tJrfuMKhbP4x-6FEGmddrbfBWAOg-7phbfVKmffTuSTJtEwF5b9DKxU3aCl5L4USFpGEQuYH9oJeBNp5fB8VFaO3NbCUVbyNCeDTva6cIXriGv81d8-3D85llnry7Cg49td6SOfcnZor4hdyyJJzjcA4A0LjvFLjIaDI9qg-aPZpoIhpuslrGB4Mod0WYcYVXjVa647NvdB5y4BSvGknZiV0RTkJZnhgkkPyMe0p_mW4EU7ag4NlZS7ZB6aVvF_DN3JJa7ETSEMxl8BuMBIdD-bKfdRBkb2zGEgijRRQDPWlb45ALIYYM6z&sai=AMfl-YQ4v24GqxuAz59G21wXYC6uQQphPWszh2gQPlX65B0BtwpwbJMh7pw9-ymOxLhKwOw-heUDFj5whnLlBEhw_UT4mnTTcOnv3PghB71Rt5KwTR1-JHcwi0bJTMB1iB4&sig=Cg0ArKJSzF6eiHttgJIiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:26:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FF13 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:26:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8B2C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxOiKnRJ_RyXT6wc0BGIJV_QyCI13ppop4OpYmyH7bGFfzqRnAU5lObf7WOwdHm18D8L4M6VifuOx6DTIpWh2dFfS30zO06zNOMsSDjpHC1xrtiHJgWoZZ1wSKz72qeMEiZ7i_PH4VKxt4Ne2acYZoMeb1bzhpZHykd0qFDq7wcWRRO2gvIW9XARlFDzqMRXiX1Xm07qurnw5yBWEqvDpTmLNtsB4fhf0aUANQ8tBmsbYx_c95sOXvkELrCxrZyHXDUUrnQdVqCnaB5b4mIgUO5PJvfZgCK8_bkkRMNSbCh546j4LhcidQ6ts_OZuYxErgMzfFzX5lg_-Ooaq3tS9zcutdqzSg0fvv&sai=AMfl-YQijIlBbdbLaK92lc7EPCFiILLHP9i4vZgrrJFyyL0Bpod8RpC8axUQ8yaB4e7kD32QSyOiw_ztdtAoeqmyW190Eiri3hAqyDFpNbT-j5OEAgrGcmnVHUIrfp4RfYU&sig=Cg0ArKJSzD062-ntq_YfEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:26:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 8B2C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 17:24:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8B2C 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:26:29 GMT
14666882633797710717
tpc.googlesyndication.com/simgad/ Frame 8B2C 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14666882633797710717
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78e936749dfc9c3f451f7eadcf13c7d14567d89b6bd6bfa2d607c5c8ad551c04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 04:00:04 GMT
x-content-type-options
nosniff
age
566785
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86272
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 19:57:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Sep 2023 04:00:04 GMT
truncated
/ Frame 8B2C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d649d017d4391b2da523dd2ffb04d7c39698c20f748761b4ba01c4a0ae9f566

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
091322_USAT40th_entrance
cm.usatoday.com/overlay/ Frame EA93 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.usatoday.com/overlay/091322_USAT40th_entrance
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/main-q1a2z3ec888503.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors https://usatoday.com https://*.usatoday.com https://*.gannettdigital.com https://*.usatodaynetworkservice.com https://*.usatodaynetwork.com 'self';default-src 'none';script-src 'unsafe-inline';style-src 'unsafe-inline';worker-src 'none';style-src-elem 'unsafe-inline';connect-src https://reporting-api.gannettinnovation.com https://api.parsely.com;font-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';img-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com https://images.parsely.com data: 'self';prefetch-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';form-action https://*.usatoday.com 'self' 'unsafe-hashes';sandbox allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms;report-sample;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
339841
cache-control
public, max-age=3600, stale-while-revalidate=7200
content-encoding
gzip
content-length
86281
content-security-policy
upgrade-insecure-requests;frame-ancestors https://usatoday.com https://*.usatoday.com https://*.gannettdigital.com https://*.usatodaynetworkservice.com https://*.usatodaynetwork.com 'self';default-src 'none';script-src 'unsafe-inline';style-src 'unsafe-inline';worker-src 'none';style-src-elem 'unsafe-inline';connect-src https://reporting-api.gannettinnovation.com https://api.parsely.com;font-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';img-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com https://images.parsely.com data: 'self';prefetch-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';form-action https://*.usatoday.com 'self' 'unsafe-hashes';sandbox allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms;report-sample;report-uri https://reporting-api.gannettinnovation.com;report-to default
content-type
text/html
cross-origin-resource-policy
same-site
date
Mon, 19 Sep 2022 17:26:29 GMT
etag
"94043d897680bb622d622a3da7ca775f"
expires
Thu, 15 Sep 2022 19:02:27 GMT
feature-policy
autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
last-modified
Thu, 15 Sep 2022 18:28:49 GMT
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
origin-agent-cluster
?1
permissions-policy
autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
strict-transport-security
max-age=63072000;includeSubDomains;preload
timing-allow-origin
*
vary
X-AbVariant,Accept-Encoding
x-cache
HIT, HIT
x-content-type-options
nosniff
x-goog-generation
1663266529634091
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
128823
x-robots-tag
noindex
x-timer
S1663608389.176524,VS0,VE1
x-xss-protection
1;mode=block
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=2662dfc8-e4d0-36da-ba5f-4e9fa453126e&tv=%7Bc:oGmDwz,pingTime:-10,time:509,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1663608389231%7C%7C11f7a68838676fd881cd51a7d2f5e52f%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7Cbf19ea5ff403c7f30c3e961708c824c4%7C%7Cfcd1a1e74109453b727b235c875cde91%7C%7C6ecc3850232eff7d528811fc44040f6a%7C%7Ca9c5be0ab226b1d636b274e777435517%7C%7C4ea8a1cf59926b70a6fe63262ca39a35%7C%7C1629390669%7D
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:e6aa:3af:c2cf:659f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:29 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
14143
gannett.sjv.io/cur/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gannett.sjv.io/cur/14143
Requested by
Host: d.impactradius-event.com
URL: https://d.impactradius-event.com/A2920824-78d2-4593-b257-ae490811f1a01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.211.136 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
136.211.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:29 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Mon, 19 Sep 2022 17:26:29 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1395409686&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ul=en-us&de=UTF-8&dt=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscribe&ea=overlay%20impression&el=acquisition-entrance%20a0802e&_u=KHBAAEABEAAAAC~&jid=&gjid=&cid=130624166.1663608388&tid=UA-166840762-3&_gid=1610516932.1663608388&cd177=light&cd166=1&cd5=5%3A00%20pm&cd6=0&cd14=10419761002&cd58=&cd61=tech&cd62=null&cd64=null&cd63=null&cd30=story%20pages&cd180=1166&cd1=custom&cd72=18&cd128=18&cd129=18&cd126=88&cd127=88&cd159=88&cd2=gciAnalytics%3Aprod%3A0.245.0%3AUSAT-TEALIUM-TANGENT&cd3=0.245.0&cd108=f&cd76=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&cd45=desktop&cd49=tangent&cd91=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&cd77=USAT-E&cd178=no&cd95=McLean%2C%20VA&cd68=VA&cd67=usatoday&cd43=&cd28=USAT&cd99=Gannett&cd162=A&cd79=USAT-TEALIUM-TANGENT&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&cd4=176a75d8-ef36-4ff6-8ace-16a2bb816b37&cd179=16276&cd11=na%7Canonymous%7Cna%7Cna%7Cna&cd165=na%7Canonymous%7Cna%7Cna%7Cna&cd169=000&cd170=000&cd40=1&cd160=null&cd42=control%3A18&cd8=unauthenticated&cd90=0&cd33=anonymous&cd7=130624166.1663608388.90178820&cd44=130624166.1663608388&cd92=overlay%20impression&cd153=content%20entrance%20overlay&z=1975339632
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 18:53:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81167
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame FF13 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b86037a1be1b281d9131dc23070c186111eb9a783f75e7574e6c699092f44cc4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 3FBC 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=922805&campId=300x600&pubId=76839168&chanId=35441208&placementId=4442091026&pubCreative=138212742965&pubOrder=2154910521&cb=175373668&adsafe_par&impId=312d7bdd-3840-11ed-9208-02813368eb05&custom2=direct&custom3=story
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.231.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-231-143.compute-1.amazonaws.com
Software
/
Resource Hash
d7364bbce4ecb5eba798249006ddced0b879729ed5ee4d1ed35f8179989827e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:29 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
admi
aax-us-east.amazon-adsystem.com/e/dtb/ Frame F28D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JG7zcp36syEpREzetXyP-RUAAAGDVsl4jAEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICDCLykM&rnd=9403776339161663608389124&pp=z7a2v4&p=1s4lr0g&crid=519816_ssl&ep=%7B%22ce%22%3A%221%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
10529
Content-Type
text/html;charset=UTF-8
Date
Mon, 19 Sep 2022 17:26:29 GMT
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
4TH60BWRZBGH9KTVA9D2
csm_othersv5.js
c.amazon-adsystem.com/bao-csm/direct/ Frame FF13 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/direct/csm_othersv5.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
Server /
Resource Hash
ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:39:36 GMT
content-encoding
gzip
server
Server
age
28013
x-amz-rid
1AGP4BKBP8T6TPK9BNQ1
etag
cea0ea9972e073858d8de90ee4cf862f
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
NrcrBRhYoyhvhoCKzTufe7nzST2CrV9B
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
FAc4s5LbIT902gl0VeCBgiuwT2__X3CF4rac8Oe-7_zq7ZaAYxPL3Q==
unip
trc.taboola.com/1168/log/3/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1168/log/3/unip?en=pre_d_eng_tb&tos=1629&scd=12&ssd=1&est=1663608387690&ver=35&isls=true&src=i&invt=1500&tim=1663608389320&mrir=u&vi=1663608387534&ui=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&ref=null&cv=20220919-29-RELEASE
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
26
pragma
no-cache
date
Mon, 19 Sep 2022 17:26:29 GMT
via
1.1 varnish
server
nginx
x-timer
S1663608389.328910,VS0,VE26
x-served-by
cache-yul12832-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8B2C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupsni9Lk3PhStSjE6hZYiiGNzb1paVijfnArxt1cgGXcLNmr13ksFa4nZYewc2MfaVJB6QmleK8TIfDqw1tg4fC_EgrVpCUph2o1ouHIqldgmF8Z2rczO0ioWELRjqg7J-v2qsCdfkqyGvwDmrY4A3IOErQollirXZYLeb1rPygXDO-H7G5yG9ka2krqzWGb-M78HS5MRKJO7WzUSlzEu-fLe_BGxboGylxwOZLU1ElqezzG08K0hSubVY8nmEiGSegp0AXqj8D1Y7FOh3hgww-b2oog2JHCFa4nwmVtzhK8nVXvFFQX3kXehPlZpY2WvR1WvW1y3XuiOswHcm&sai=AMfl-YTEUgj9LSO4Dwb4nMivJmxiumJL0_7YcN7tD3i6PrXdKFGrxS0Wkf8GJ1eLthnervDnzzmBKBTV88FlyLJVMdBB-Uio4lzFPpCESEvXD4cqhDV-fKomXHFfifkDcrg&sig=Cg0ArKJSzKYf3bC8boNcEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:26:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 19 Sep 2022 17:26:29 GMT
main.19.8.352.js
static.adsafeprotected.com/ Frame 3FBC 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=300x600&pubId=76839168&chanId=35441208&placementId=4442091026&pubCreative=138212742965&pubOrder=2154910521&cb=175373668&adsafe_par&impId=312d7bdd-3840-11ed-9208-02813368eb05&custom2=direct&custom3=story
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:52:08 GMT
content-encoding
gzip
age
261262
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
uc7_NBU6kZAaWYS9PfFxopiPKFlagl9dODEiB58gR_TX1Ra4HLLi4A==
bulk
trc.taboola.com/usatodaydemo/log/3/ 		0
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/log/3/bulk?route=US%3AUS%3AV&lti=aa_test_for_monitoring_var&bulkSize=3
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
84
pragma
no-cache
date
Mon, 19 Sep 2022 17:26:29 GMT
via
1.1 varnish
server
nginx
x-timer
S1663608389.480197,VS0,VE84
x-served-by
cache-yul12832-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
sca.17.5.12.js
static.adsafeprotected.com/ Frame 196F 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 08:34:48 GMT
content-encoding
gzip
age
1759901
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
BFsQ-vBmMQw7wuOmsrk0x1ATkFoQmO2nOSYVQBsf6vy5YD35hmgzNw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=922805&campId=300x600&pubId=76839168&chanId=35441208&placementId=4442091026&pubCreative=138212742965&pubOrder=2154910521&cb=175373668&adsafe_par&impId=312d7bdd-3840-11ed-9208-02813368eb05&custom2=direct&custom3=story&adsafe_url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.usatoday.com%2F&adsafe_type=f&adsafe_jsinfo=,id:b6c9107f-e213-7cc9-d50a-75e5cf1e242e,c:oGmDAP,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-779cbf6c5b-7nkgm,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:110,mot:0,app:0,maw:0,fm:thTZgkQ+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C19%7C1a%7C1b1%7C1c1%7C1d1%7C1d2%7C1d3%7C1e*.922805%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:131,oid:32690907-3840-11ed-bf16-c2b5dba16a2a,v:19.8.352,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.231.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-231-143.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:29 GMT
x-server-name
app06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=b6c9107f-e213-7cc9-d50a-75e5cf1e242e&tv=%7Bc:oGmDBe,pingTime:0,time:156,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:131%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:156,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~100%5D,as:%5B42~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:thTZgkQ+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C19%7C1a%7C1b1%7C1c1%7C1d1%7C1d2%7C1d3%7C1e*.922805%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:132%7D&br=c
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:e6aa:3af:c2cf:659f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:29 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=b6c9107f-e213-7cc9-d50a-75e5cf1e242e&tv=%7Bc:oGmDBp,pingTime:-2,time:167,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:66,beZ:68,mfA:177,cmA:178,inA:178,inZ:182,prA:182,prZ:190,si:198,poA:198,poZ:216,cmZ:216,mfZ:216,loA:225,loZ:228,ltA:233,ltZ:233,mdA:69,mdZ:109%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7BuspString:1---,version:1%7D,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:131%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:167,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B53~100%5D,as:%5B53~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:thTZgkQ+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C19%7C1a%7C1b1%7C1c1%7C1d1%7C1d2%7C1d3%7C1e*.922805%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g,idMap:1e*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:132,slid:%5Bgoogle_ads_iframe_7103/usatoday/poster/tech_0,google_ads_iframe_7103/usatoday/poster/tech_0__container__,ad-slot-7103-usatoday-poster-tech-5%5D,sinceFw:35,readyFired:true%7D&br=c
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:e6aa:3af:c2cf:659f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:29 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=b6c9107f-e213-7cc9-d50a-75e5cf1e242e&tv=%7Bc:oGmDCk,time:224,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:224,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B110~100%5D,as:%5B110~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:33,fm:thTZgkQ+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C19%7C1a%7C1b1%7C1c1%7C1d1%7C1d2%7C1d3%7C1e*.922805%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:132,sis:207%7D&br=c
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:e6aa:3af:c2cf:659f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:29 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?videoId=e5ae0ffa895ab110455e6d367b7f9f11&anId=922805&campId=660x371&placementId=6060303800&pubCreative=138398796146&adsafe_url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.usatoday.com%2F&adsafe_type=f&adsafe_jsinfo=,id:2662dfc8-e4d0-36da-ba5f-4e9fa453126e,c:oGmDoM,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-779cbf6c5b-lzzw7,rg:va,pt:2-5-15,wc:0.0.1600.1200,ac:290.710.660.371,am:v,cc:290.710.660.371,piv:100,obst:0,th:0,reas:v,mu:10000,br:c,bru:c,an:n,oam:0,vc:jv3,scm:publ2.grpm2,mtim:3,mot:0,app:0,maw:0,fm:thTZgau+1*.922805%7C11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C19%7C1a%7C1b,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:jsvid,et:27,oid:32016cff-3840-11ed-a2a9-92fbf17f5efc,v:19.8.352,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,x_vv:3.5.1,x_vanstag:cm,x_xcamp:660x371,x_xplac:6060303800,x_xpc:ima
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.231.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-231-143.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:29 GMT
x-server-name
app14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
p
sb.scorecardresearch.com/ 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663608387275&ns_st_ec=3&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=end&ns_st_po=3&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=3&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=2316&ns_st_det=2313&ns_st_upc=3&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=3&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=3&ns_st_dlpc=0&ns_st_lpa=3&ns_st_dlpa=0&ns_st_pa=3&ns_ts=1663608389597&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=0&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-100.iad55.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:29 GMT
via
1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
content-length
43
x-amz-cf-id
iFFpP3H7tjMPlG12mwnVsf1daGX2ZX1lz2SPwPstyiAHXx629m5rcw==
x-cache
Miss from cloudfront
content-type
image/gif
p
sb.scorecardresearch.com/ 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663608387275&ns_st_ec=4&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=2&ns_st_ev=play&ns_st_po=0&ns_st_cl=6000&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=1&ns_st_ad=1&ns_st_ci=8764973002&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=3&ns_ts=1663608389597&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_st=*null&ns_st_pu=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&c8=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&c9=
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-100.iad55.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:29 GMT
via
1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
content-length
43
x-amz-cf-id
K25iVL7o4e0zuRHjxGYvEXuXXIIPXLaJ6stBYQ1pRJ7MRkeT-zOhcA==
x-cache
Miss from cloudfront
content-type
image/gif
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1395409686&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ul=en-us&de=UTF-8&dt=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=ad-start&el=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&_u=KHBAAEABEAAAAC~&jid=&gjid=&cid=130624166.1663608388&tid=UA-166840762-3&_gid=1610516932.1663608388&cd177=light&cd166=1&cd5=5%3A00%20pm&cd6=0&cd26=staff%20video&cd65=travel&cd25=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&cd14=8764973002&cd58=Travel%2COverall%20Positive%2CMoney%2CTips%20and%20Tricks%2CLyft%2CUber%2CVideo%20Syndication%20-%20USAT&cd94=USA%20TODAY&cd61=travel&cd62=null&cd64=null&cd63=null&cd30=video&cd1=video-ad-start&cd72=18&cd128=18&cd129=18&cd126=88&cd127=88&cd159=88&cd2=gciAnalytics%3Aprod%3A0.245.0%3AUSAT-TEALIUM-TANGENT&cd3=0.245.0&cd76=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&cd45=desktop&cd49=tangent&cd77=USAT-E&cd95=McLean%2C%20VA&cd68=VA&cd67=usatoday&cd43=&cd28=USAT&cd99=Gannett&cd162=A&cd79=USAT-TEALIUM-TANGENT&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&cd4=176a75d8-ef36-4ff6-8ace-16a2bb816b37&cd11=na%7Canonymous%7Cna%7Cna%7Cna&cd165=na%7Canonymous%7Cna%7Cna%7Cna&cd169=000&cd170=000&cd40=1&cd160=null&cd42=control%3A18&cd8=unauthenticated&cd90=0&cd33=anonymous&cd7=130624166.1663608388.79973357&cd44=130624166.1663608388&cd92=autoplay%7Cmuted%7Cpreroll%7Cteal-hero&cd55=&cd17=6060303800&cd13=50&cd18=USATODAY&cd16=autoplay%7Cmuted%7Cpreroll%7Cteal-hero&cd22=&cd15=teal&cd19=USA%20TODAY&cm6=0&cd21=&cd20=hero&cm7=1&z=809710448
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 18:53:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81167
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
7491
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
VNuE79zGkuG1WkYkook/LzjO6m8khshs44k88xUnWQ3oapFOdrvCIvii4035AZYl3g9EnhgUwco=
x-served-by
cache-yul12832-YUL
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1663608390.667119,VS0,VE0
date
Mon, 19 Sep 2022 17:26:29 GMT
x-amz-request-id
JFXX7NJ7M2FJYZ6M
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
16
x-cache-hits
17587
%7B%22_type%22%3A%22iframeRender%22%2C%22c%22%3A%22dtb%22%2C%22pid%22%3A%22Ex5jn4a8JatUx%22%2C%22crt%22%3A801%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223062%22%2C%22lv%22%3A%2222.9.81452%22%7D
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_type%22%3A%22iframeRender%22%2C%22c%22%3A%22dtb%22%2C%22pid%22%3A%22Ex5jn4a8JatUx%22%2C%22crt%22%3A801%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223062%22%2C%22lv%22%3A%2222.9.81452%22%7D
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:30 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
SJT14ER0JA5F5B74SW1C
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
view
securepubads.g.doubleclick.net/pcs/ Frame FF13 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstokgTd9xfpVLgJC77apJFyqz6STgkuZKHAh-MSYc1o-U_Iv7FTuz3fEnSofxFNZBNohhEJwyyzU2NI2htwL6_F-wF1moLMoVYpVYvhnyk5YVzlYFaawVXzoGZAsuau8VsIAuTH3isKwzquzWdW5tGHaTg_EElJDJBtSf7iWgK6Y-ZriQGOB5IW9-n29iYVRUnJTp8IzWdA2H35MsmVaKNSItFaQ2tlHknlDxqDU-PollqKIfmIHcLANrsRQPdPvI_ubqXAh9n9RWdVY12gq-KYbdOxWThXUiJ6YjpZy4YfsXRlGApxtPeNILGFuWhPGdFOWR6bV_o&sai=AMfl-YRnL02AUDrMDZhHXGOSFFwkGCnYdt6hBv5xzOX9XSJNSy0GleAi0ylgS2g46z-gb0jnkfsp_bCsrSTGWBZA0LdnmLYzoeRxVHff3D_cndVzFrfN-Nw-22KUOIAKS6I&sig=Cg0ArKJSzD8cIOukKUo3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:26:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 19 Sep 2022 17:26:30 GMT
syncframe
gum.criteo.com/ Frame E99F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.usatoday.com
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:26:29 GMT
server
Kestrel
server-processing-duration-in-ticks
1001422
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
optout_check
beacon.krxd.net/ 		80 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.gannett.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.160.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-160-212.compute-1.amazonaws.com
Software
/
Resource Hash
250a0111998a58f44b6561962439b216bedc0c47527d5ae4303544ea398d4439

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:30 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=34 t=1663608390
x-served-by
beacon-n008-ash-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/ 		363 B
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=e88225a2-3b7b-45e3-9cc2-a3130b91f0db&technographics=1&callback=Krux.ns.gannett.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ab735cadc5bc4b8d12493c0aef06c889e12f9de2642ce18809d39119f6b735e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Mon, 19 Sep 2022 17:26:30 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a011-ash-prod.krxd.net, cache-yul12831-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1663608390.451659,VS0,VE19
content-length
280
x-cache-hits
0, 0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34ee284e7fdd762a46d8082381a8d11c1ff211f1ec721c6550cea9e880203dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11335
x-xss-protection
0
/
www.ojrq.net/p/ 		50 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ojrq.net/p/?return=&cid=14143&tpsync=no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.127.121 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
121.127.95.34.bc.googleusercontent.com
Software
/
Resource Hash
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
expires
Mon, 19 Sep 2022 17:26:30 GMT
up
insight.adsrvr.org/track/ Frame E2BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=4bpffy2&ref=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&upid=zpgwcot&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 17:26:30 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame D338
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891HAY0-M-96V3
0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891HAY0-M-96V3
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
20
date
Mon, 19 Sep 2022 17:26:30 GMT
via
1.1 varnish
server
nginx
x-timer
S1663608391.582818,VS0,VE20
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-yul12832-YUL

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891HAY0-M-96V3
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame D338
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENO9dY5V7sEi4pV1lcg_gWM&google_cver=1
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENO9dY5V7sEi4pV1lcg_gWM&google_cver=1
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
75
date
Mon, 19 Sep 2022 17:26:30 GMT
via
1.1 varnish
server
nginx
x-timer
S1663608391.598968,VS0,VE75
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12832-YUL

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENO9dY5V7sEi4pV1lcg_gWM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D338 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3:$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame D338
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3
date
Mon, 19 Sep 2022 17:26:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23950
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame D338
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=78f21c37-dcdb-4918-9039-c36740a247bc
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=78f21c37-dcdb-4918-9039-c36740a247bc
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Mon, 19 Sep 2022 17:26:30 GMT
via
1.1 varnish
server
nginx
x-timer
S1663608391.677691,VS0,VE18
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12832-YUL

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=78f21c37-dcdb-4918-9039-c36740a247bc
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame D338
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 Katy, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame D338 		49 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-75d8c985f8-fm9t2
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame D338 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame D338 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:30 GMT
content-length
43
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D338
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=5a49d11a-2898-40db-bd18-1fddfc0ff060
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=5a49d11a-2898-40db-bd18-1fddfc0ff060
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22397

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=5a49d11a-2898-40db-bd18-1fddfc0ff060
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
10469346
content-length
0
expires
Mon, 19 Sep 2022 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame D338
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F464%2F2%2F6%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/2/6/2.gif?puid=1564471431995386053&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO3CitBYQ9hDdgreveTCtL2dIXnr5Q5brW0m8-9A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/5/3.gif?puid=de296328-a644-4900-b268-afe60d072d58&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=78f21c37-dcdb-4918-9039-c36740a247bc&ttl=%%TTL%%
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F3%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/429/3/5.gif?puid=9F923589-9F68-456D-A924-A117148FA4BF&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/464/434/2/6.gif?puid=8349d69f-a6b4-4368-8cf2-b97976354c14&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/464/108/1/7.gif?puid=39e78b65-55a0-46d3-ae80-2316a65b8a75&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F0%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F0%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/0/8.gif?puid=FD38CDB3D46C238B&gdpr=0&gdpr_consent=
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMO3CitBYQ9hDdgreveTCtL2dIXnr5Q5brW0m8-9A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMO3CitBYQ9hDdgreveTCtL2dIXnr5Q5brW0m8-9A
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:32 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22405

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMO3CitBYQ9hDdgreveTCtL2dIXnr5Q5brW0m8-9A
date
Mon, 19 Sep 2022 17:26:31 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame D338
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=969751683053626673&expires=30&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20702

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
Date
Mon, 19 Sep 2022 17:26:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame D338
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=be6e1553-7553-4630-9dd7-c29efe22c307
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=be6e1553-7553-4630-9dd7-c29efe22c307&tbid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&query=taboola_hm%3Dbe6e1553-7553-...
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=be6e1553-7553-4630-9dd7-c29efe22c307&tbid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&query=taboola_hm%3Dbe6e1553-7553-4630-9dd7-c29efe22c307&isDirect=0
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:30 GMT
via
1.1 varnish
server
nginx
x-timer
S1663608391.702385,VS0,VE19
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12832-YUL

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=be6e1553-7553-4630-9dd7-c29efe22c307&tbid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&query=taboola_hm%3Dbe6e1553-7553-4630-9dd7-c29efe22c307&isDirect=0
date
Mon, 19 Sep 2022 17:26:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21756
sd
u.openx.net/w/1.0/ Frame D338 		43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame D338 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&dongle=tbla
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame D338 		49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
57
content-type
image/gif
content-length
49
expires
0
/
s.uuidksinc.net/match/1135/ Frame D338 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/1135/?remote_uid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:30 GMT
server
nginx/1.19.0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame D338
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=FKnq1GizRFJavdhBCPN76JU4mbo
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=FKnq1GizRFJavdhBCPN76JU4mbo
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21756

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=FKnq1GizRFJavdhBCPN76JU4mbo
Date
Mon, 19 Sep 2022 17:26:30 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
match
ads.betweendigital.com/ Frame D338
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a43d1664-bc25-4fd3-bd32-f6be759dd4f2&crf=1
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a43d1664-bc25-4fd3-bd32-f6be759dd4f2&crf=1
Protocol
H2
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=22&external_user_id=a43d1664-bc25-4fd3-bd32-f6be759dd4f2&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
t.adx.opera.com/ Frame D338 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:31 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame D338
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=fc1ac4ef-77c3-0f1b-3274-39bd09d750cf
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=fc1ac4ef-77c3-0f1b-3274-39bd09d750cf
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20702

Redirect headers

date
Mon, 19 Sep 2022 17:26:30 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=fc1ac4ef-77c3-0f1b-3274-39bd09d750cf
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220919-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
NrP0zRqJgdqCAFOGjLJOgaX1BFZQx8TJ
content-encoding
gzip
etag
"8cbcf8a5c724c32aa9be09d14a4c624d"
age
1490
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
923
x-amz-id-2
E043v4cAlJxnnSXL9R3tp+CFTXw996vLrBDS3tyutnboFiGdeMV2jjChDnaXkTKEN54QsI6IDoo=
x-served-by
cache-yul12832-YUL
last-modified
Thu, 15 Sep 2022 14:11:45 GMT
server
AmazonS3
x-timer
S1663608391.542348,VS0,VE0
date
Mon, 19 Sep 2022 17:26:30 GMT
vary
Accept-Encoding
x-amz-request-id
158FYBNJ3HNDCNTT
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
16
x-cache-hits
8382
social
us-trc-events.taboola.com/usatodaydemo/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/usatodaydemo/log/3/social?route=US:US:V&lti=aa_test_for_monitoring_var&ri=f5e1a9280546d3690bed1fe2b1679e61&sd=v2_46d9fb9fc26dbcd267c404d7e1a4515a_ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3_1663608387_1663608387_CNawjgYQkAkYzu-ltrUwIAEoATAmOInoB0Dq9QdIp8vZA1CuzAdYAGAAaN6m7pak_O37ywFwAQ&ui=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&pi=/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/&wi=5356780592502002784&pt=text&vi=1663608387534&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Uber%20says%20services%20are%20operational%20following%20data%20breach%22%2C%22sec%22%3A%22tech%22%2C%22aut%22%3A%5B%22Frank%20Bajak%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.gannett-cdn.com%2Fpresto%2F2022%2F09%2F18%2FUSAT%2Fff9d0fe9-65c0-4de6-b9e9-00b83ec760bf-AP_Uber.jpg%3Fcrop%3D3544%2C1994%2Cx0%2Cy180%26width%3D3200%26height%3D1801%26format%3Dpjpg%26auto%3Dwebp%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=17%3A26%3A30.532&id=2772&llvl=2&cv=20220919-29-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=b6c9107f-e213-7cc9-d50a-75e5cf1e242e&tv=%7Bc:oGmDRA,pingTime:1,time:1170,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:131%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1170,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1057~100%5D,as:%5B1057~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:40,fm:thTZgkQ+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C19%7C1a%7C1b1%7C1c1%7C1d1%7C1d2%7C1d3%7C1e*.922805%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:132,sis:207%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:e6aa:3af:c2cf:659f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
x-server-name
dt28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=b6c9107f-e213-7cc9-d50a-75e5cf1e242e&tv=%7Bc:oGmDRB,pingTime:1,time:1171,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:131%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1171,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1057~100%5D,as:%5B1057~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:40,fm:thTZgkQ+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C19%7C1a%7C1b1%7C1c1%7C1d1%7C1d2%7C1d3%7C1e*.922805%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:132,sis:207%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:e6aa:3af:c2cf:659f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=b6c9107f-e213-7cc9-d50a-75e5cf1e242e&tv=%7Bc:oGmDRC,pingTime:1,time:1172,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:131%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1172,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1058~100%5D,as:%5B1058~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:40,fm:thTZgkQ+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C19%7C1a%7C1b1%7C1c1%7C1d1%7C1d2%7C1d3%7C1e*.922805%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:132,sis:207,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:e6aa:3af:c2cf:659f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=b6c9107f-e213-7cc9-d50a-75e5cf1e242e&tv=%7Bc:oGmDRC,pingTime:1,time:1172,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:131%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1172,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1058~100%5D,as:%5B1058~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:40,fm:thTZgkQ+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C19%7C1a%7C1b1%7C1c1%7C1d1%7C1d2%7C1d3%7C1e*.922805%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:132,sis:207,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:e6aa:3af:c2cf:659f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:26:30 GMT
/
pips.taboola.com/ 		64 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
7668c9941b80176513e853cc25b61b81a81f80417d52b4c2016deee3935b2b05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:30 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-yul12828-YUL
access-control-allow-methods
GET
access-control-allow-origin
https://www.usatoday.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A4E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
95558
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 14:53:52 GMT
expires
Mon, 18 Sep 2023 14:53:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 47FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZakAIsS1pSaNpZshYU13DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-ZakAIsS1pSaNpZshYU13DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:26:30 GMT
expires
Mon, 19 Sep 2022 17:26:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=2662dfc8-e4d0-36da-ba5f-4e9fa453126e&tv=%7Bc:oGmDT0,time:1900,type:e,im:%7BpLoad:1726%7D,vv:3.5.1,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1900,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:290.710.660.371,am:v,cc:290.710.660.371,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B1894~100%5D,as:%5B1894~660.371%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jsvid,dtt:33,fm:thTZgau+1*.922805%7C11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C19%7C1a%7C1b%7C1e.922805,idMap:1*,rmeas:1,rend:1,renddet:env,siq:28%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:e6aa:3af:c2cf:659f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=suual7uwr&_kpid=e88225a2-3b7b-45e3-9cc2-a3130b91f0db&_kcp_s=USATODAY.com-Web&_kcp_d=www.usatoday.com&_knifr=21&_kua_kx_tz=0&geo_country=ca&geo_region=qc&geo_dma=124462&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_web_user_anonymous_id=176a75d8-ef36-4ff6-8ace-16a2bb816b37&_kua_web_user_meter_state=na%7Canonymous%7Cna%7Cna%7Cna&_kua_web_user_status=unauthenticated&_kua_kx_tech_browser=Chrome%2010&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=ca&_kua_kx_geo_region=qc&_kua_kx_geo_dma=124462&_kua_kx_whistle=1&_kpa_kx_context_terms=MBjJ-xXv%3A1%2CMBjJ-fn7%3A6%2CMBjJ-YK9%3A3%2CMBjJ-R3u%3A2%2CMBlZcOw1%3A1%2CMBjJ-2dy%3A1%2CMBjJ-FZm%3A1%2CMBlZcJaq%3A1%2CMBjJ-XxB%3A1%2CMBjJ_RIM%3A1%2CMBjJ-fKT%3A1%2CMBjJ_aTn%3A1&_kpa_url_path_1=story&_kpa_url_path_2=tech&_kpa_url_path_3=2022&_kpa_domain=usatoday.com&_kpa_web_client_id=d213d5ba-5e7a-461f-b5c7-c4e9117afb27&_kpa_web_content_byline=Frank%20Bajak&_kpa_web_content_headline=Uber%20says%20services%20are%20operational%20following%20data%20breach&_kpa_web_content_id=10419761002&_kpa_web_content_keywords=uber%2Chacking%2Chacker%2Cride-hailing%2Cdata%20breach%2Coverall%20negative%2Ccybersecurity%2Ccomputer%20crime%2Cdefense%20and%20cybersecurity%2Ccomputer%20security&_kpa_web_content_s_s_t_s_section=tech&_kpa_web_content_type=story%20pages&_kpa_web_page_publishing_group=usatoday&_kpa_web_page_experience_type=desktop&_kpa_web_page_domain=www.usatoday.com&_kpa_web_page_has_video=yes&_kpa_web_page_analytics_implementation=gciAnalytics%3Aprod%3A0.245.0%3AUSAT-TEALIUM-TANGENT&_kpa_web_page_experience_version=tangent&_kpa_web_user_anonymous_id=176a75d8-ef36-4ff6-8ace-16a2bb816b37&_kpa_web_user_segmentation=control%3A18&_kpa_web_user_type=anonymous&t_navigation_type=0&t_dns=10&t_tcp=25&t_http_request=-1&t_http_response=3&t_content_ready=327&t_window_load=3726&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=xs308beps&userdata_user=PFrWOSau%2Cxs308beps&sview=1&kplt0=44647&kplt1=33512&kplt2=33513&kplt3=34784&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2Fe88225a2-3b7b-45e3-9cc2-a3130b91f0db%2C67%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C127%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C134
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.160.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-160-212.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:30 GMT
cache-control
private, no-cache, no-store
x-request-time
D=61 t=1663608390
x-served-by
beacon-n018-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&uad=d072346c8db79fd6f2ceecdb0d73cb8a94262461c336c967531048a4d7ce0f27
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 17:26:30 GMT
cache-control
no-store
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=b6c9107f-e213-7cc9-d50a-75e5cf1e242e&tv=%7Bc:oGmDW9,pingTime:-10,time:1453,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1663608389231%7C%7C11f7a68838676fd881cd51a7d2f5e52f%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7Cbf19ea5ff403c7f30c3e961708c824c4%7C%7Cfcd1a1e74109453b727b235c875cde91%7C%7C6ecc3850232eff7d528811fc44040f6a%7C%7Ca9c5be0ab226b1d636b274e777435517%7C%7C4ea8a1cf59926b70a6fe63262ca39a35%7C%7C1629390669,sca:%7Bspg:2662dfc8-e4d0-36da-ba5f-4e9fa453126e%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:e6aa:3af:c2cf:659f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0060 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31965
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 19 Sep 2022 17:26:30 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 180527
X-Served-By
cache-lga21963-LGA, cache-yul12822-YUL
X-Timer
S1663608391.948614,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 66E6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.248 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-248.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 17:26:30 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C051 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 17:26:30 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=de296328-a644-4900-b268-afe60d072d58
49 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=de296328-a644-4900-b268-afe60d072d58
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:30 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-109
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 19 Sep 2022 17:26:30 GMT
Server
MT3 4447 e18e916 master iad-pixel-x15 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=de296328-a644-4900-b268-afe60d072d58
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 17:26:29 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=969751683053626673
49 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=969751683053626673
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:30 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-109
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=969751683053626673
Date
Mon, 19 Sep 2022 17:26:30 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pbsync
ads.yieldmo.com/
Redirect Chain
  • https://colossusssp.com/?c=o&m=cookie
  • https://sync.colossusssp.com/hms.gif
  • https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]=&us_privacy=[CCPA]&redirectUri=4007f5de-7fc0-4b98-9a72-43e6f8f2b24d
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]=&us_privacy=[CCPA]&redirectUri=4007f5de-7fc0-4b98-9a72-43e6f8f2b24d
Protocol
H2
Server
3.220.24.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-24-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:31 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:31 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Location
https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]=&us_privacy=[CCPA]&redirectUri=4007f5de-7fc0-4b98-9a72-43e6f8f2b24d
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=8349d69f-a6b4-4368-8cf2-b97976354c14&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=iHZNEvf3QN9k
49 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=iHZNEvf3QN9k
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:30 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-109
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=iHZNEvf3QN9k
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-75d8c985f8-fm9t2
expires
-1
ProfilesEngineServlet
api.intentiq.com/profiles_engine/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=092ac5c683&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=78f21c37-dcdb-4918-9039-c36740a247bc&pubid=092ac5c683
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=8349d69f-a6b4-4368-8cf2-b97976354c14
0
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=8349d69f-a6b4-4368-8cf2-b97976354c14
Protocol
H2
Server
13.224.214.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-78.phl50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:26:31 GMT
via
1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
PHL50-C1
vary
Origin
access-control-allow-methods
POST, GET
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.usatoday.com/
access-control-max-age
3600
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
content-length
0
x-amz-cf-id
YkIF274Dx2cPsN4Do2scODL8uOTUwyDoNqYLAn15kJhBIbR5RGVLVg==

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:30 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-109
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=8349d69f-a6b4-4368-8cf2-b97976354c14
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=themediagrid
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6757255381717511957&ssp=themediagrid
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=6757255381717511957&ssp=themediagrid
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:26:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:30 GMT
server
nginx
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=6757255381717511957&ssp=themediagrid
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
sofia.trustx.org/
Redirect Chain
  • https://sofia.trustx.org/push_sync?us_privacy=1---
  • https://sofia.trustx.org/ul_cb/push_sync?us_privacy=1---
  • https://creativecdn.com/cm-notify?pi=trustx
  • https://creativecdn.com/cm-notify?pi=trustx&tc=1
  • https://sofia.trustx.org/sync?tp_id=22&tp_uid=Gavh1sYbCaRTYaRm86mY&pi=trustx&tc=1
43 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sofia.trustx.org/sync?tp_id=22&tp_uid=Gavh1sYbCaRTYaRm86mY&pi=trustx&tc=1
Protocol
HTTP/1.1
Server
35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
6.168.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:26:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://sofia.trustx.org/sync?tp_id=22&tp_uid=Gavh1sYbCaRTYaRm86mY&pi=trustx&tc=1
pragma
no-cache
date
Mon, 19 Sep 2022 17:26:31 GMT, Mon, 19 Sep 2022 17:26:31 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=a43d1664-bc25-4fd3-bd32-f6be759dd4f2&google_hm=YTQzZDE2NjQtYmMyNS00ZmQzLWJkMzItZjZiZTc1OWRkNGYy
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPuM9C4NjaqJk2XEBDiC9dQ&google_cver=1&ssp=sonobi&bsw_param=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
49 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:31 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-109
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=a43d1664-bc25-4fd3-bd32-f6be759dd4f2
Date
Mon, 19 Sep 2022 17:26:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FF13 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNjD7xU-GZCGIR3uMFc3J9p1X1ayjKlII3EN-SdjTTwTR3KbZTLiZCs7ggYNmgRgXtt0fvS42fEElq5phOQmzJPuIRRFKrTlvOaPMaeIpAKfj_p1pX&sig=Cg0ArKJSzFynRhhEffHREAE&id=lidar2&mcvt=1000&p=544,1010,1144,1310&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2753249855&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663608389095&rpt=1183&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091501&jk=3849175039062455&bg=!bW6lbirNAAZqQh0mSkI7ACkAdvg8WsglU2hIu8NXIQVGx6JM4BWZjabBQD4wHMoDCubG-kxHJaEFtQIAAACEUgAAAAloAQeZAu6kMYUvsRm-feSvBGK3OoHRy_bA2rBfGOFYkvagx9jrEKX3OHY2-5ct9AHkpPeeW2QFnk48qMBpjXPDyEaOTOLE4_zS--UdJlpJOfxvP61tQqxbKBcIOAlbIeZZwGHSLQwa856UVEkOkqjn8Whzj_C7ePUM3A9A6CR7XW--PS2XyNezEtansuPRI1PefiQDxrQPDYFnMssE2p1Z9WUQBOicbyFGcsCqLp9TRbpFVY6peqHg6eXLh2L0jCBKYxqGNZTzcp1zjbTvmpqLv-TpSdkBKHV3Jji3EAKrNPW4j6BNd5gU_Gjt9yMknlS7t8ASoym7IPQX3ncmuQ4hXvSWWuqZFO62JKOD3rjE9Ukm3MLSVz0tgf2qhezrrY9dqJnG13yZ70QdbwxQbH3KFdsTpqCR026rHCl3OXrtdUqRFRve4wuCNvpY5tVd23SxkMDI3gh714kaAot2TFJLpYPYNz850u_PsJ3KmB4juG_EpAkylRVxZArLKi19wPya2OI48lRGq-Il7upeNNGegIsyMtd7glvjM7TSHJ91LPEEpz3oyN_QG2iB9UgPyXwv2JhgxEG5xBl7cShcyNVa9nb71ScOJPjLnRGBsace8AvYMlRunmknlMD-mZ4init3bpc4WF8jrdrkYw4XqX298jBhYmvkRIv8Tlsf1AWqA1xdB3CdD7JBxLDeVs8LuGWcqqbDbRgM0NCxy2lYYd1dFgEdpw25CsXttUGGfO3hL7_5Xmkqwj7waRHBWSbNWvXD4uzAYxBvr81c8zUC1MY5JEr_WbJYIH5XB99f3UI2wDu1w6vI8nZbSdKa4RoiWxMXTTs6yj4FpvltNvYShbpvn4Zwu0lvBvuf73814l9DeayWrtcO_3e3CrnXsa8Ty_FDtdSj-n06ehz8V5GcoDH6mI0Qc6OODBW4OAU0gmDImbA9qg3kgbdT-ESAuaRAbWL8O8vfRy6Y7vB2IsQbPpCdVluaRT_Tj0ff_cfKFQoDt0fj2ZY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~l891hc1e&c=3438591691981&slotId=1719295845990.5&met.4=hvd_lc.l891hc1e~hvd_src.l891hc1e&ps=660x371
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
%7B%22adCsm%22:[%7B%22tld%22:%22www.usatoday.com%22%7D,%7B%22ns%22:1663608389095,%22st%22:%22207.60%22,%22re%22:%22236.90%22,%22ldTot%22:%2229.30%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.00%2...
aax.amazon-adsystem.com/x/px/JG7zcp36syEpREzetXyP-RUAAAGDVsl4jAEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICDCLykM/ Frame FF13 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/JG7zcp36syEpREzetXyP-RUAAAGDVsl4jAEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICDCLykM/%7B%22adCsm%22:[%7B%22tld%22:%22www.usatoday.com%22%7D,%7B%22ns%22:1663608389095,%22st%22:%22207.60%22,%22re%22:%22236.90%22,%22ldTot%22:%2229.30%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.10%22,%22lths%22:%220.10%22,%22ltpm%22:%220.10%22,%22ltdm%22:%220.30%22,%22ltdb%22:%220.00%22,%22csmTot%22:%225.30%22%7D],%22pixelId%22:%22ph62fsk0mn%22,%22ts%22:1663608391880,%22ver%22:%22d-1.20%22%7D?cb=4102720
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:26:31 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
VSF5QSWPKQSGM556X25A
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
unip
trc.taboola.com/1168/log/3/ 		0
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1168/log/3/unip?en=pre_d_eng_tb&tos=4630&scd=12&ssd=1&est=1663608387690&ver=35&isls=true&src=i&invt=3000&tim=1663608392321&mrir=u&vi=1663608387534&ui=ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3&ref=null&cv=20220919-29-RELEASE
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
20
pragma
no-cache
date
Mon, 19 Sep 2022 17:26:32 GMT
via
1.1 varnish
server
nginx
x-timer
S1663608392.330216,VS0,VE20
x-served-by
cache-yul12832-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QQ6YP2J211&gtm=2oe9e0&_p=1395409686&cid=130624166.1663608388&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&uid=176a75d8-ef36-4ff6-8ace-16a2bb816b37&dt=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&cu=USD&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&dr=&sid=1663608387&sct=1&seg=1&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QQ6YP2J211
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:26:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

244 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| gnt object| g$ function| __uspapi object| OneTrust object| googletag object| __iasPET object| confiant object| pbjs object| twttr object| Scroll object| gciAnalytics string| gciAnalyticsUAID object| Criteo object| criteo_pubtag object| criteo_pubtag_prebid_116 object| Criteo_prebid_116 function| pbjsChunk object| _pbjsGlobals object| googleImaVansAdapter object| Teal object| ns_ function| Hls function| setPlayerSettings function| setPageData function| setVideoData object| Utils string| version object| diagPixSentCodes object| __iasAdRefreshConfig object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| apstagLOADED object| apstag object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_813064 object| PARSELY object| _taboola object| TRC object| _tblConsole undefined| msg object| _comscore number| taboola_view_id string| pm_pgtp boolean| creativeVendorLibraryLoaded object| closure_lm_239496 object| __iasADX object| __core-js_shared__ object| core function| snaptr undefined| google_measure_js_timing object| COMSCORE function| udm_ object| ns_p function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| gciKruxData function| fbq function| _fbq function| google_trackConversion object| _gre function| ktag object| liQ object| _tfa function| twq function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| pi object| _pm_mcg boolean| _tb_vd_pg object| ats object| $jscomp object| cloud_retail function| Krux function| ga object| gaplugins object| gaGlobal object| gaData function| _typeof object| google_tag_manager object| dataLayer function| gtag object| Ktag_Constants object| Ktag_Toggles object| Ktag_Amp_Helpers object| Ktag_Helpers object| Ktag_Functions function| setup function| ImpactRadiusEvent function| ire object| irEvent function| isAnExcludedLink function| GooglemKTybQhCsO object| GooglebQhCsO function| ttd_dom_ready function| TTDUniversalPixelApi object| _etmc object| _etmc_temp string| func_name object| args string| collect_url function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id object| LI object| __li__evt_bus object| snaptrContext boolean| triedToSendCookieToNative object| WebJSBridge object| regeneratorRuntime object| tbopt function| _typeof2 function| __liSync object| placementData string| nam object| cmTag function| __IntegralASDiagnosticCall object| __IntegralASConfig object| __IASScope boolean| isDomless object| __IASOmidVerificationClient undefined| __IntegralAS_2662dfc8e4d036daba5f4e9fa453126e_4198 object| _cm_wfCounters function| confiantDfpWrap object| __IntegralASExec object| GoogleGcLKhOms object| google_image_requests

185 Cookies

Domain/Path Name / Value
www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002 Name: _liChk
Value: 0.25363445224024783
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
.taboola.com/usatodaydemo/ Name: taboola_session_id
Value: v2_46d9fb9fc26dbcd267c404d7e1a4515a_ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3_1663608387_1663608387_CNawjgYQkAkYzu-ltrUwIAEoATAmOInoB0Dq9QdIp8vZA1CuzAdYAGAAaN6m7pak_O37ywFwAQ
i.liadm.com/s Name: _li_ss
Value: MgUIBhCkEzIFCAoQpBMyBQgLEKQTMgUIfhCkEzIGCIsBEKQTMgUIeRCkEzIGCIEBEKQT
.usatoday.com/ Name: gup_anonid
Value: 176a75d8-ef36-4ff6-8ace-16a2bb816b37
.usatoday.com/ Name: gup_clientid
Value: d213d5ba-5e7a-461f-b5c7-c4e9117afb27
.usatoday.com/ Name: gnt_ub
Value: 88
.usatoday.com/ Name: gnt_sb
Value: 18
.usatoday.com/ Name: gnt_eid
Value: control:18
.www.usatoday.com/ Name: gnt_w
Value: f~83~6-q1a2z336db9d4f~Mostly%20Cloudy
.usatoday.com/ Name: gnt_i
Value: 98513050814386780888*16276*CA~QC
www.usatoday.com/ Name: usprivacy
Value: 1---
cdn.taboola.com/ Name: abLdr
Value: 18
.usatoday.com/ Name: gup_lng
Value: %7B%22ret-usr%22%3A%20false%2C%20%22ret-sub%22%3A%20false%2C%20%22auth%22%3A%20false%2C%20%22name%22%3A%20%22%22%2C%20%22hma%22%3A%20false%2C%20%22lic%22%3A%20%22none%22%2C%20%22lpf%22%3A%20false%2C%20%22updated%22%3A%201663608386%2C%20%223PID%22%3A%20null%2C%20%22ips%22%3A%20false%7D
.teads.tv/ Name: tt_viewer
Value: 5cc78cd4-4cb9-4dfd-ace1-e23a3cc51a9e
.spotxchange.com/ Name: audience
Value: 313408a6-3840-11ed-860c-17cd3d5a0003
.scorecardresearch.com/ Name: UID
Value: 1CFd267a13b962d6afc4efa1663608387
.yahoo.com/ Name: A3
Value: d=AQABBEOmKGMCEEkxbLfnh_Q1uwx46XA5Gw0FEgEBAQH3KWMyYwAAAAAA_eMAAA&S=AQAAAuTQR4iR3Fu4R21yxSd6-vs
.openx.net/ Name: i
Value: a88c1895-3445-01bb-1a0c-f0d3cc8dc786|1663608387
.go.sonobi.com/ Name: __uis
Value: 8349d69f-a6b4-4368-8cf2-b97976354c14
.go.sonobi.com/ Name: _usd_usatoday.com
Value: ba12b064-32ab-4c20-af85-833fa7f5de91
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.go.sonobi.com/ Name: HAPLB8A
Value: s85151|Yyijx
.rubiconproject.com/ Name: khaos
Value: L891HAY0-M-96V3
.usatoday.com/ Name: gca_lcu
Value: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
.usatoday.com/ Name: _fbp
Value: fb.1.1663608387548.7584408797
www.usatoday.com/ Name: _tb_sess_r
Value:
www.usatoday.com/ Name: _tb_t_ppg
Value: https%3A//www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
.usatoday.com/ Name: _gid
Value: GA1.2.1610516932.1663608388
.usatoday.com/ Name: _gat_gciAnalytics
Value: 1
.usatoday.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/%22%2C%22sref%22:%22%22%2C%22sts%22:1663608387712%2C%22slts%22:0}
.usatoday.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=03fa5397937c69a57beab88073393dc8%22%2C%22session_count%22:1%2C%22last_session_ts%22:1663608387712}
.usatoday.com/ Name: _ga
Value: GA1.1.130624166.1663608388
.usatoday.com/ Name: IR_gbd
Value: usatoday.com
.usatoday.com/ Name: IR_14143
Value: 1663608387785%7C0%7C1663608387785%7C%7C
.sjv.io/ Name: brwsr
Value: 61035259-4a37-319c-9bdb-e6b9c4b93688
.sjv.io/ Name: irtps
Value: 1
.igodigital.com/ Name: igodigitaltc2
Value: 3191959a-3840-11ed-b0ff-06ad4138ec15
.igodigital.com/ Name: igodigitalst_10870841
Value: 31919d06-3840-11ed-b0ff-06ad4138ec15
.igodigital.com/ Name: igodigitalstdomain
Value: 24765
.krxd.net/ Name: _kuid_
Value: PFrWOSau
.usatoday.com/ Name: _li_dcdm_c
Value: .usatoday.com
.usatoday.com/ Name: _lc2_fpi
Value: bf719b866c77--01gdbcjyccrc83hbd3x1vky1f6
www.usatoday.com/ Name: _lr_geo_location
Value: CA
.usatoday.com/ Name: IR_PI
Value: 61035259-4a37-319c-9bdb-e6b9c4b93688%7C1663694787785
.usatoday.com/ Name: _scid
Value: 28869848-d32d-4586-bd23-804ee647f6ca
.amazon-adsystem.com/ Name: ad-id
Value: A3-OQt0rTkM6ngVyIy6r0o0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.t.co/ Name: muc_ads
Value: 2402bf6d-0065-473a-a7f9-923dcdc752d5
.twitter.com/ Name: personalization_id
Value: "v1_QfoveIl3lvhg4b5KOM9Akg=="
.liadm.com/ Name: lidid
Value: 0c923394-e60c-4785-b904-7513c680893c
.eyeota.net/ Name: mako_uid
Value: 18356c97a41-31d30000010a4328
.eyeota.net/ Name: SERVERID
Value: 17192~DM
.facebook.com/ Name: fr
Value: 030824KtRdm3x7B5G..BjKKZE...1.0.BjKKZE.
.contextweb.com/ Name: V
Value: iHZNEvf3QN9k
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4f1ecaa16b9fdc5e
.3lift.com/ Name: tluid
Value: 2279566661412600160610
.sharethrough.com/ Name: stx_user_id
Value: 3d2bc8ae-9460-4db1-9d74-6c38a56c230a
.analytics.yahoo.com/ Name: IDSYNC
Value: 18y3~2795
.smaato.net/ Name: SCM
Value: 0b823e89
.smaato.net/ Name: SCMaps
Value: 0b823e89
.mathtag.com/ Name: uuid
Value: de296328-a644-4900-b268-afe60d072d58
.agkn.com/ Name: ab
Value: 0001%3AgI2lYgYxWVhqmYF1zpEcfPhRjiFmMe88
.emxdgt.com/ Name: uid
Value: 56771663608388239011b1
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GwQ0AIAgEsIlIQOAAt9GoUzi8X/uq5rCYManJZrIzNpUDtE61YF/ihSvGXQAFp2ber/wASWbvTkAAAAA=
.surveywall-api.survata.com/ Name: svResp
Value: 94910632-48f0-18b5-04ac-29391443795b
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 9F923589-9F68-456D-A924-A117148FA4BF
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156011:2
.pubmatic.com/ Name: DPSync3
Value: 1664755200%3A201_197%7C1664150400%3A164%7C1663632000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1664755200%3A54_220_21_13_22%7C1664150400%3A2
.tapad.com/ Name: TapAd_TS
Value: 1663608388329
.tapad.com/ Name: TapAd_DID
Value: 39e78b65-55a0-46d3-ae80-2316a65b8a75
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-14a9ead4-68b3-4452-5abd-d84108f37be8.h5A%2BViMw2OFGZeXLIcqLFDGmT1He33f7sr7v3fWxOlA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFKnq1GizRFJavdhBCPN76JU4mbo.zHo3kLnLw9OQVafym%2F1oWzMUML6F9HmDbnmmHnw9GB0
.simpli.fi/ Name: suid
Value: 0564B9D9848B48FEB63098A842B5D539
.rlcdn.com/ Name: pxrc
Value: CMTMopkGEgUI6EcQAA==
.taboola.com/ Name: t_gid
Value: ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3
.casalemedia.com/ Name: CMID
Value: YyimREzVuBeJzUVosL6ZhgAA
.casalemedia.com/ Name: CMPS
Value: 088
.casalemedia.com/ Name: CMPRO
Value: 088
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
www.usatoday.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3
.adform.net/ Name: C
Value: 1
.adsrvr.org/ Name: TDID
Value: 78f21c37-dcdb-4918-9039-c36740a247bc
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:0564B9D9848B48FEB63098A842B5D539
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEJ5qViMNTOjI5eKXuKxr7f4&KRTB&22987-CAESEJ5qViMNTOjI5eKXuKxr7f4&KRTB&23025-CAESEJ5qViMNTOjI5eKXuKxr7f4&KRTB&23386-CAESEJ5qViMNTOjI5eKXuKxr7f4
.zemanta.com/ Name: zuid
Value: x9hOZHYhAbmbE0NNi6qt
.turn.com/ Name: uid
Value: 8014990772988918218
.adform.net/ Name: uid
Value: 6757255381717511957
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-78f21c37-dcdb-4918-9039-c36740a247bc&KRTB&22918-78f21c37-dcdb-4918-9039-c36740a247bc&KRTB&23031-78f21c37-dcdb-4918-9039-c36740a247bc
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8014990772988918218&KRTB&23150-8014990772988918218
.pubmatic.com/ Name: PugT
Value: 1663608388
.usatoday.com/ Name: _sctr
Value: 1|1663545600000
.addthis.com/ Name: na_id
Value: 2022091917262800075618125671
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 6328a644534a2da1
.addthis.com/ Name: ouid
Value: 6328a6440001f5f7747a38471e163168944344b37dd7e650e14b
.bidswitch.net/ Name: c
Value: 1663608388
.bidswitch.net/ Name: tuuid_lu
Value: 1663608388
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&10f0619c-2e49-4c5b-863f-19e65ac6a11f"
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2725:u=1:x=1:i=1663608388:t=1663694788:v=2:sig=AQFADSAcN0lz78npK2Z8GDmcuaVkiTee"
.bidswitch.net/ Name: tuuid
Value: a43d1664-bc25-4fd3-bd32-f6be759dd4f2
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.demdex.net/ Name: demdex
Value: 40359747717428213541404317703356555924
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 40359747717428213541404317703356555924
sync-dmp.mobtrakk.com/ Name: pid
Value: NTYzMTY2MTY5ZWVhOWNiNg
.doubleclick.net/ Name: IDE
Value: AHWqTUnIu4Mhp7i9tqCtiS9om83v-qblHlpwddGy4f8mhOTwakHoUY7XpRB7lJy7MVo
.usatoday.com/ Name: __gads
Value: ID=8cda035abcd8e59d:T=1663608387:S=ALNI_MY9lXXHxB6Op5vbRBNMG4s15rrw4w
.usatoday.com/ Name: __gpi
Value: UID=00000575ea1d6ae6:T=1663608387:RT=1663608387:S=ALNI_Mbug57kKeBzqLC1EDhHocbjUrUMHQ
.pippio.com/ Name: did
Value: KP96OXJ1_JuqH-lb
.pippio.com/ Name: didts
Value: 1663608389
.pippio.com/ Name: nnls
Value:
.tremorhub.com/ Name: tv_UISTB
Value: <taboolaUserId>
.tremorhub.com/ Name: tvid
Value: b6ccfab165584848bf9c5223f690dce6
.tremorhub.com/ Name: tvssa
Value: 1663608389072
.usatoday.com/ Name: _ga_QQ6YP2J211
Value: GS1.1.1663608387.1.1.1663608389.0.0.0
.pippio.com/ Name: pxrc
Value: CMXMopkGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: 66cac18d-e782-4c03-81e4-946688c6dcfd
.linksynergy.com/ Name: icts
Value: 2022-09-19T17:26:29Z
.rlcdn.com/ Name: rlas3
Value: eJNoA7iaxZMOr2JSz1GdGVmlJW+cuqP/mFpaJpR/8+4=
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mfadsrvr.com/ Name: tuuid
Value: be6e1553-7553-4630-9dd7-c29efe22c307
.mfadsrvr.com/ Name: c
Value: 1663608389
.mfadsrvr.com/ Name: tuuid_lu
Value: 1663608389
.emxdgt.com/ Name: dt
Value: 262
.pubmatic.com/ Name: SPugT
Value: 1663608389
.criteo.com/ Name: uid
Value: 5a49d11a-2898-40db-bd18-1fddfc0ff060
.ojrq.net/ Name: brwsr
Value: 33257a90-3840-11ed-a143-9169d9a043cd
.lijit.com/ Name: ljt_reader
Value: FV-WbQZHE8iJZXjZSXWauK4-
.lijit.com/ Name: _ljtrtb_42
Value: ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bEZRWR9SlBpze1WuCoMxA8a+JUixCbOKdokEu2gZrfHPiFEULyQaBPG02ETFkYD+M+u8EDtSFya3GjYHTlS9mMvxs5tJW3SAJg81De9lxpTwEoh1chh9FND
.mfadsrvr.com/ Name: ssh
Value: !taboola,1663608390!emx,1663608389
.usatoday.com/ Name: cto_bundle
Value: N3-wD19WREFSUUVjbldYM1hkenBzSyUyRjRLcTV2JTJGU3M3SklMdlE4JTJCZWxtSG9HdWVxMlVrakozeGV2aENwSGo5VUdPNyUyQjhPTHZWUDRlRjBPOGpoYWZxaSUyQnlZVzJrVFByMU1ZJTJCU1RNUkxxOTVMUzhrRW56SFZDJTJGQWtaeG8xaU5EUUxURUVGSGJDdFU1Q3dBWGN4TFl6dGhYVFBMQSUzRCUzRA
.smartadserver.com/ Name: pid
Value: 5392195796836816430
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 107:ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzNDc1NLMwNjA1NjMyMzM3FuIz1PWsdEwyKi139HQx8gcAA7ChUiQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzNDc1NLMwNjA1NjMyMzM3FuIz1PWsdEwyKi139HQx8gcAA7ChUiQAAAA
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 4af3bb75-167a-5306-a631-6559c519c31f
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: YyimRgAL_lDZssTlpciFmDQrKSqXPkXoD06S4A==
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmZsZmBhbGlgZmG6ShSJb2loDgAC-ygfIAAAAA
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1g70|4is.0.CAESEPA9xIsctFTWGxJmah_Hf0Q|7TY.0|7LJ.0.8349d69f-a6b4-4368-8cf2-b97976354c14|2N.0.AAAHZZ7FpnHzgANHwLHuAAAAAAA|3oy.0|5Ql.0.ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3
.omnitagjs.com/ Name: ayl_visitor
Value: 6d387ddbbac9cb159e72a73e1aa9a6ea
.id5-sync.com/ Name: id5
Value: 1bcfcaf9-87cb-4c65-be4b-93c0b55f291b#1663608390790#2
.adnxs.com/ Name: uuid2
Value: 1564471431995386053
.go.sonobi.com/ Name: __uin_zt
Value: 969751683053626673
.go.sonobi.com/ Name: __uin_mm
Value: de296328-a644-4900-b268-afe60d072d58
.go.sonobi.com/ Name: __uin_td
Value: 78f21c37-dcdb-4918-9039-c36740a247bc
.go.sonobi.com/ Name: __uin_pp
Value: iHZNEvf3QN9k
sofia.trustx.org/ Name: tuuid
Value: ecf80564-e3e4-463a-b2ed-627e6f0a1322
sofia.trustx.org/ Name: c
Value: 1663608391
sofia.trustx.org/ Name: tuuid_lu
Value: 1663608391
.go.sonobi.com/ Name: __uin_bw
Value: a43d1664-bc25-4fd3-bd32-f6be759dd4f2
.dotomi.com/ Name: DotomiTest
Value: 7084c36f11db13dd
.colossusssp.com/ Name: gtm_usr
Value: 4007f5de-7fc0-4b98-9a72-43e6f8f2b24d
.colossusssp.com/ Name: lmg_r
Value: 1
.adx.opera.com/ Name: UID
Value: 8d73974537bb48e9aeb9afa474307e1d
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 99c412fa-a515-43a0-b14e-e0c8cb3ddba0
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 5uxDukUrHTjjccdY5qJLe5rfMO77PGeVXinV6hkqepKQYrBRWfVkSN0EU%2F8cOfKBi%2B4GMMU6CobTSqZjJOW5cw%3D%3D
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjKptHlw5uNOxAFEhkKCmxpdmVpbnRlbnQSCwimtbbnw5uNOxAFEhYKB3J1Ymljb24SCwjKs7H6w5uNOxAFEhcKCGFwcG5leHVzEgsIyrOx-sObjTsQBRIVCgZnb29nbGUSCwiolff7w5uNOxAFEhUKBmNhc2FsZRILCPjEooDEm407EAUYASABKAIyCwiWsNSu2puNOxAFOAFaBzhoOXUxMWhgAg..
.casalemedia.com/ Name: CMTS
Value: 126
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.creativecdn.com/ Name: u
Value: Gavh1sYbCaRTYaRm86mY
.creativecdn.com/ Name: ts
Value: 1663608391
.go.sonobi.com/ Name: HAPLB8S
Value: s85109|YyinK
sofia.trustx.org/ Name: um2
Value: !22,Gavh1sYbCaRTYaRm86mY,433211191
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQCDate
Value: 1663608391675
.semasio.net/ Name: SEUNCY
Value: FD38CDB3D46C238B
.id5-sync.com/ Name: 3pi
Value: 464#1663608390892#1904087871#ad6eb535-6002-4f26-a794-6c7fa7789ef4-tucta222bc3|112#1663608391961#-2091658435#FD38CDB3D46C238B|2#1663608391046#-1048184916#1564471431995386053|434#1663608391563#964826350|3#1663608391178#-891179185#de296328-a644-4900-b268-afe60d072d58|264#1663608391308#996356471#78f21c37-dcdb-4918-9039-c36740a247bc|108#1663608391705#998797302|429#1663608391437#-992612595#9F923589-9F68-456D-A924-A117148FA4BF
.id5-sync.com/ Name: callback
Value:

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: camera, display-capture, geolocation, microphone, payment, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
network error URL: https://nova.collect.igodigital.com/c2/10870841/update_item?payload=%5B%7B%22author%22%3A%22Frank%20Bajak%22%2C%22name%22%3A%22Uber%20says%20services%20are%20operational%20following%20data%20breach%22%2C%22item%22%3A%2210419761002%22%2C%22category%22%3A%22tech%22%2C%22item_type%22%3A%22story%20pages%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%7D%5D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]=&us_privacy=[CCPA]&redirectUri=4007f5de-7fc0-4b98-9a72-43e6f8f2b24d
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10870841.collect.igodigital.com
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.betweendigital.com
ads.yieldmo.com
adservice.google.com
analytics.twitter.com
apex.go.sonobi.com
api.intentiq.com
assoc-na.associates-amazon.com
ats.rlcdn.com
b-code.liadm.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.krxd.net
cdn.parsely.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
cm.usatoday.com
colossusssp.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
consumer.krxd.net
creativecdn.com
csi.gstatic.com
d.impactradius-event.com
dis.criteo.com
dt.adsafeprotected.com
e1.emxdgt.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
ffe23ab977ed4d082aa81c53cd0ea023.safeframe.googlesyndication.com
gannett-d.openx.net
gannett.sjv.io
geo.privacymanager.io
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
hlsmedia.gannett-cdn.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprnjmp.taboola.com
insight.adsrvr.org
js-sec.indexww.com
js.adsrvr.org
match.adsrvr.org
match.taboola.com
nova.collect.igodigital.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
prebid-server.rubiconproject.com
prod-use.perf-serving.com
r3---sn-quxapm-3c2e.gvt1.com
redirector.gvt1.com
resources.xg4ken.com
retail.googleapis.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.uuidksinc.net
s0.2mdn.net
sb.scorecardresearch.com
sc-static.net
search.spotxchange.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sli.usatoday.com
sofia.trustx.org
static.ads-twitter.com
static.adsafeprotected.com
static.scroll.com
stats.g.doubleclick.net
sync-dmp.mobtrakk.com
sync-t1.taboola.com
sync.colossusssp.com
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
t.adx.opera.com
t.co
tlx.3lift.com
tpc.googlesyndication.com
tr.snapchat.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
us-east-sync.bidswitch.net
us-match.taboola.com
us-trc-events.taboola.com
us-vid-events.taboola.com
user.usatoday.com
vidstat.taboola.com
visitor.omnitagjs.com
widget.perfectmarket.com
www.facebook.com
www.gannett-cdn.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ojrq.net
www.usatoday.com
x.bidswitch.net
z-na.associates-amazon.com
104.18.18.126
104.244.42.5
104.244.42.67
104.36.115.111
107.178.246.49
13.224.201.38
13.224.202.36
13.224.205.195
13.224.205.31
13.224.207.247
13.224.210.231
13.224.214.10
13.224.214.52
13.224.214.78
141.226.224.32
141.226.224.48
141.95.98.64
142.250.80.34
142.251.40.130
146.75.32.157
151.101.1.108
151.101.129.44
151.101.130.133
151.101.194.62
151.101.65.194
151.101.65.44
18.154.227.100
18.214.193.123
185.167.164.49
185.184.8.90
185.255.84.153
192.35.249.142
198.148.27.139
199.187.193.192
199.232.194.217
199.38.167.128
2001:4860:4802:38::178
209.54.180.72
23.192.31.127
23.200.168.248
23.205.77.192
23.34.59.30
23.92.190.69
2600:1f18:1aca:4281:e6aa:3af:c2cf:659f
2600:1f18:730:b140:d4dd:8728:eb33:a60d
2600:9000:20ed:5400:8:48e:53c0:93a1
2600:9000:20ed:7600:8:8845:1500:93a1
2602:803:c002:200::32
2606:2800:220:131d:1d30:1f1d:238b:1e56
2607:f8b0:4004:c09::9b
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200a
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::200a
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::2006
2620:100:a001::c
2a00:1588:d801::10
2a03:2880:f03a:1c:face:b00c:0:3
2a03:2880:f13a:83:face:b00c:0:25de
2a04:4e42::300
3.135.132.32
3.210.118.195
3.220.24.121
3.224.231.143
3.89.234.15
31.220.27.134
34.193.160.212
34.194.161.83
34.95.127.121
34.98.64.218
35.186.249.72
35.190.43.134
35.207.24.140
35.211.165.199
35.211.168.6
35.211.178.172
35.211.20.91
35.227.211.136
44.196.211.13
50.57.31.206
52.207.19.117
52.223.22.214
52.223.40.198
52.4.33.45
52.46.155.104
52.72.124.102
54.152.100.45
54.204.108.135
68.67.179.155
69.166.1.12
69.166.1.15
69.173.151.100
72.21.195.65
74.119.119.129
74.119.119.150
74.121.140.14
8.2.111.121
8.2.111.124
8.28.7.81
8.28.7.83
82.145.213.8
96.46.183.20
0059e434ab6eb363bd000ed2c3274dc56bc15dec1421914739d972f4f062d3af
006ee7e32a22e8922606f970edd4b35582030acdac670a67476653ce721667d9
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0ab735cadc5bc4b8d12493c0aef06c889e12f9de2642ce18809d39119f6b735e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d9d0a3c574548100590f52b50b6c93e176208fbe0a15082c838c78ca8c09179
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b
139ed1e4e05d314894b9ac6d42f352b8c81de7785bda5d0a0a554410d56513cc
13c244d25ba042da4e5a8e3d83a0e539ac13050a7ba44ec0aeb461c2e0b80215
14a15c67a6eb7abd8f39a93c5954e7f6115c731c8a417569b1a76845693f9ccd
14e3a532ec50c4fd9911be4de0fd91ae09a40ed911fcdef41202833626419232
1612b60f989de0a97671f56dd902f2c588750f09e2918c22f2f39791ff560d6d
16fe769b2edcb8b600e58c0907b8275182c09fc886c265681b94d50a56adb5ad
205921d4b8c37e9533528462950ba51ce45191e5ca94e7af31fb341e1592503c
21f3087f8e2217e913da0fc11ae868b86acfd75f75d48d1941002b669bfacebc
22a1e454ab88130ab3e742afb5eb58bbf6f496a64f659372c0f0fdd850e31682
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
250a0111998a58f44b6561962439b216bedc0c47527d5ae4303544ea398d4439
27e83793f50bb31fc8e9fd687a90b7472f979f925993f597db551450c423487a
2838ada1a2e98ea67fbff5622ae6dbc293c5cae3f50be29febaa03b9a4bd8627
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2d6a6456f25d7729cf91bcce33de23e52d324a2e86fc8dde59a431cbc6f7d66a
2f36fa0a282c376f2979a7958b50bf9dec790f9d18ad9071f99401b6abeabb81
2f69e78584888f6169761ee7c96cd73d26b6b72127b4f8fea25763d6bf35232e
30623623e69f4fa9ba32604465e40d014eddddb5d2631d14be07e5638d62d2f1
3167e516e4093b233cb2095a7e5039e3f86bd461b39ac59976b51e5906d2f3c6
339616cc3be456efc2da65983afe69ee0dc196e3334408db4b7cf6b93dc65b3b
34ee284e7fdd762a46d8082381a8d11c1ff211f1ec721c6550cea9e880203dcf
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3de6ca902e365219c2ffd5ff7a1e7aeff4c58adc609b9a03c2e11c8f6ee1bbd0
3ea740e57f9785ad345e20ed0296c58503096ae56e99aaa3a6ebc49072629732
40a3b348ffce5e680fa64715fd255db4f2aca4c828ab4c9ba1b92862c3a2d891
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
4418c65239351eb99c41a5c0725a6eecd036b65147e3c51e3f995f136a6aafd1
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4d649d017d4391b2da523dd2ffb04d7c39698c20f748761b4ba01c4a0ae9f566
4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53ac178a13cbc64c08579f847369d14c4eed2cfe568b3506a5fc0dec487fb701
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54971b9873487362bcd62428147b363437fb915bc4c2e7188e639771be182e73
56bd20c7592caa35f56a3f8bca3517937a0537b3ab1884aa4b05a028ad26695c
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5a9cea524c6f479a225fa748059f2e504aa8f7ddf75adc47530c6309f1523688
5c0e8032448feed73a00d6ded147a500990327e7391ec952b96586bd1f5cd32e
5dc2126badc2388a068241f4626986e59ec0709aa1e0199b24b78786c937e842
5e0b8168c8f161da80b731b5602cb3752c3505182c171dfe5336850075880e2d
5e0f3e088896d15c5b2d1a0396fe84159eeee608a535c6f4e62992c927e8434f
60fe545b3bf07b8dd89fe466a0cf2bc3bcc60508ef6c6d2e3544b490c8cdd2ae
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e
66d804a1bf1e9a9d5b2f423a246a65f57a6236f07fd0ef7f4d23c8b995eab7f2
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6a3797a6218d83df324666123c0238510887109571ccf2a9f46f380ba25e34c4
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6e8a6be1ddac59b849eb4bb2650b704fb768f1a99ff0292673432479ba48d99a
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
71496ce5513afbeaf59dba30bfb3d27f9b5b8010563198d06bbba16a5d169cf8
71a127d0a084e582a0b49104772f77ac88995258224862a8b2b8603894e1f028
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7475c05506be64a3776f01a8983debdb2776e64807042516043ca861986cad40
7668c9941b80176513e853cc25b61b81a81f80417d52b4c2016deee3935b2b05
788ea5797ec14418de602f6f0a886c49360970c07ffdc25f28fdefc39f854f38
78e936749dfc9c3f451f7eadcf13c7d14567d89b6bd6bfa2d607c5c8ad551c04
794afd020d65d819e404ec6e59d3ca4ce8850c36821ddd79fb53f37d184f395a
7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d
7dbbf29eff26fea66f7f6fb4a5842f3375c109533b29865b2b9a078a5a80364e
7f462305b0fa1cf6b138314840673fc57278fe4a22a4c041f7c7002e507fd8e9
8065b63060a4e481a54a3d0219d9a6ca666965ac28f08f6c44cf1624ab72ae33
811f2e3d49494c1b9efce2da51082d3c79da94db5d80b8dc55504ff332aa3e46
819a24b02a20da3c978b602367b54a3eefee761c357771d2b29bffdc4e6ba5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844a8cf7ed1d736fb3d0b85d05a9619449d99a367269d524c7fbea096e1a1a15
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
86001e634a10fcc6b960136f0cf8f28320e6875cf461a2e371eea54917eb93b6
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c97302ec51a0d6a168a6f974565bea551b90c4157b110e6929a569be67a05ae
8f18a8cfe23d9332dc159cb923ff59be65a8c3f7502cadf96816041a3a697b64
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9256207262db320310e9e194b9174e6e26c21b6e474fc1b22ebcce71526c08a0
92f452014c4bd081f4e3395e0423c9f5088e12f20b456f60c8b0d6b51a118127
97e6939bd37c94f8532ab3151190b0ba154c1932437b3ad86cde2e5e9c6439ce
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ad0625d88437e6716ee45ded63759a9c5f60c588a9f361971e38761d6bdd969
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9d6ba6e6cbb253a4892d8d92c679cae1575a58ecebc0898657e46a779647e0a6
9efb51af16021c2c2818c91225e5e954c3a11b7affd7e2935b9ef7d9053e4e22
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3fdf333d2e97c0f0dfc85a5b2d93216ce560fd3e973165219c624532249b38b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b4318b593211376d1911f208751f1c90ce53c0121c46202de0a79bebce959e
a6ab3d025d76e18b3c5b3eaf86c8c64151f1ce4348244650c9a229d45316a9b3
a737e3f66a346ee9e475bb77fbec472b519714c9c8c3b544435af89782a0edaf
a79c612cc102529a9f9e24e48781a78dbb98e5383492bdde0e197d047088fe09
ab3eb0cc4af553940c3126bca328d001e51651098b3bec670395a2c879091706
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d2edfd67a8599f69483fd29240eaab4266233e8dff0767890a82dc0777b6a7
b86037a1be1b281d9131dc23070c186111eb9a783f75e7574e6c699092f44cc4
b998e7c77cb959ba45b4566808901a718db8136d7f9464a0fc1ca3bc97ebfee8
ba390a736698135d0c3c8dc84b37c04887ad263fbc5ade658888ca74b9cb59e5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9a87b2ec740ad773b8f65de5c6e2d65f3eafedbb99b8daaa41817136052645
bee20447aa0e1293049d65c522a290c718d0d93ba582f9aabb391ad2e1187ac0
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c9b0f1855be4e7643aec0d94cb50421424f43226b62ef823c41fd32f7a4f9bfc
ca2e9669d0cc6319cbefa68c880fbf59f06141c190fb30b1922ee88a11e4f64a
ceba4d461c9ed764d77585e64ab6d5776577854523e21a1422a0c4701e7a3b69
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d
d37d1a94b4521a61b7215155160a8f59effd2e5300e47ae0183222db46da92fc
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d66eed0070f47e880b8b8bf9fc435f869679e84e20f1e8a0dcab4cda9b37bb26
d7364bbce4ecb5eba798249006ddced0b879729ed5ee4d1ed35f8179989827e3
df01c813a1afc16c8570d18db67c216942ebac119a2339bc84eb28cc0a72df39
e04dfd12d2b3bf73b41efda54e92bd7f193859e98f188acbe515d74d37d2057c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb27d5196cca3fe422ace69d7a4d4b0f4f5d38cab34d75a3cb66eb3edd1fef85
ebb6c50cb9844218a00fa4978bbf426284ce5be59dc100d817decce4a443aa31
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
ec7fb38dc02cbe463429e410e7dc633ce5ab60c62c0315a39402594fbea4bf39
ece6bb68f58dc2e38e1995e2d34566679c5126ea21d40dba61308655c7e4e7e3
ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc1feac35e089b632417f7f1c2cfddb46d4b16c234407a9d98ed2d64261f21d
f150b0743942f9d0a6df2878c3573fab4ba287f576ee11d8319a727a5f3bef89
f4a0264f0dbec6232658dd0ffb9e44c69c8f6f173de038ee99020cc672dba9b1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f85b5234360033591c0451b482214f92cb9d0f28e9708519e324461af6a4a532
f8f6a09bfb74ce4f6cb03274735b9b3bbe661a73998414796bdd5216d59c6bd0
fca848faee8095a7b1dcc41981d0cd0ebd285e3f06c5ed4e7b1c9d4b17f2d157