urlscan.io logo urlscan.io
SecurityTrails logo

www.post-gazette.com Open in urlscan Pro
208.103.124.88  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Submission: On August 13 via manual from GB — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 128 IPs in 8 countries across 92 domains to perform 505 HTTP transactions. The main IP is 208.103.124.88, located in Pittsburgh, United States and belongs to DQECOM, US. The main domain is www.post-gazette.com. The Cisco Umbrella rank of the primary domain is 115524.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on August 11th 2023. Valid for: a year.
This is the only time www.post-gazette.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 208.103.124.88 33154 (DQECOM)
37 104.94.116.129 16625 (AKAMAI-AS)
1 23.212.249.74 20940 (AKAMAI-ASN1)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 172.67.155.215 13335 (CLOUDFLAR...)
2 146.75.40.157 54113 (FASTLY)
7 2607:f8b0:400... 15169 (GOOGLE)
1 5 35.244.159.8 396982 (GOOGLE-CL...)
9 108.138.115.149 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.160.158.95 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 104.18.223.248 13335 (CLOUDFLAR...)
3 208.103.124.87 33154 (DQECOM)
1 7 44.209.159.194 14618 (AMAZON-AES)
1 13.35.93.5 16509 (AMAZON-02)
9 3.224.111.103 14618 (AMAZON-AES)
18 142.251.167.156 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.36.224.135 16509 (AMAZON-02)
6 173.194.207.97 15169 (GOOGLE)
4 44.193.57.62 14618 (AMAZON-AES)
28 2606:2800:21f... 15133 (EDGECAST)
3 99.84.108.32 16509 (AMAZON-02)
2 209.85.232.157 15169 (GOOGLE)
4 34.98.64.218 396982 (GOOGLE-CL...)
1 2600:9000:207... 16509 (AMAZON-02)
3 108.138.106.56 16509 (AMAZON-02)
8 18.160.20.121 16509 (AMAZON-02)
3 2602:803:c002... 26667 (RUBICONPR...)
4 172.64.151.101 13335 (CLOUDFLAR...)
2 5 3.224.185.54 14618 (AMAZON-AES)
5 8 68.67.161.182 29990 (ASN-APPNEX)
3 2607:f8b0:400... 15169 (GOOGLE)
6 104.16.143.111 13335 (CLOUDFLAR...)
3 2600:1408:c40... 20940 (AKAMAI-ASN1)
15 173.194.66.139 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 142.251.16.106 15169 (GOOGLE)
5 3.232.184.20 14618 (AMAZON-AES)
3 52.46.128.147 16509 (AMAZON-02)
2 142.251.167.155 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:24f... 16509 (AMAZON-02)
4 2600:9000:207... 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
16 172.66.42.247 13335 (CLOUDFLAR...)
23 209.85.144.156 15169 (GOOGLE)
1 3.218.85.192 14618 (AMAZON-AES)
1 104.18.176.126 13335 (CLOUDFLAR...)
1 145.40.89.32 54825 (PACKET)
3 172.64.152.89 13335 (CLOUDFLAR...)
1 2600:9000:23c... 16509 (AMAZON-02)
7 142.251.174.138 15169 (GOOGLE)
1 108.138.64.85 16509 (AMAZON-02)
1 2 2600:9000:26f... 16509 (AMAZON-02)
7 173.194.66.132 15169 (GOOGLE)
2 162.19.138.117 16276 (OVH)
1 4 35.244.193.51 15169 (GOOGLE)
1 208.103.124.64 33154 (DQECOM)
1 34.230.157.150 14618 (AMAZON-AES)
16 21 162.19.138.118 16276 (OVH)
1 209.85.232.154 15169 (GOOGLE)
1 34.96.70.202 396982 (GOOGLE-CL...)
3 2600:9000:251... 16509 (AMAZON-02)
5 45.133.44.4 39572 (ADVANCEDH...)
3 3 35.71.131.137 16509 (AMAZON-02)
2 8 2607:f350:3:2... 27630 (AS-XFERNET)
2 2 3.218.120.1 14618 (AMAZON-AES)
5 9 54.242.231.86 14618 (AMAZON-AES)
1 1 104.36.113.112 62713 (AS-PUBMATIC)
2 2 52.4.115.89 14618 (AMAZON-AES)
1 2600:1408:ec0... 20940 (AKAMAI-ASN1)
3 172.240.45.75 7979 (SERVERS-COM)
1 2 3.223.73.16 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
5 23.215.0.43 20940 (AKAMAI-ASN1)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 52.7.252.0 14618 (AMAZON-AES)
4 23.227.151.242 55081 (24SHELLS)
4 173.194.207.148 15169 (GOOGLE)
2 2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 6 2606:4700:10:... 13335 (CLOUDFLAR...)
8 104.94.117.85 16625 (AKAMAI-AS)
2 108.138.128.34 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3.233.130.32 14618 (AMAZON-AES)
4 2600:9000:207... 16509 (AMAZON-02)
2 2600:1f18:1ac... 14618 (AMAZON-AES)
1 172.240.45.81 7979 (SERVERS-COM)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 3 34.36.216.150 396982 (GOOGLE-CL...)
2 2 100.24.111.98 14618 (AMAZON-AES)
4 4 34.111.113.62 396982 (GOOGLE-CL...)
1 1 69.173.146.5 26667 (RUBICONPR...)
3 4 35.211.178.172 19527 (GOOGLE-2)
1 1 216.219.92.22 19318 (IS-AS-1)
3 5 172.253.122.155 15169 (GOOGLE)
1 54.173.65.180 14618 (AMAZON-AES)
1 172.217.222.157 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
4 23.62.164.208 16625 (AKAMAI-AS)
1 1 3.84.48.98 14618 (AMAZON-AES)
3 172.240.45.78 7979 (SERVERS-COM)
1 1 52.223.22.214 16509 (AMAZON-02)
4 172.240.45.70 7979 (SERVERS-COM)
2 2606:ae80:147... 25751 (VALUECLICK)
1 23.227.151.194 55081 (24SHELLS)
2 74.119.117.6 19750 (AS-CRITEO)
1 147.75.195.77 54825 (PACKET)
1 2607:f350:3:2... 27630 (AS-XFERNET)
1 3.226.55.46 14618 (AMAZON-AES)
1 185.184.8.90 204995 (RTB-HOUSE...)
2 18.235.181.156 14618 (AMAZON-AES)
1 2600:9000:251... 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 130.211.23.194 396982 (GOOGLE-CL...)
1 23.212.248.20 20940 (AKAMAI-ASN1)
1 34.36.214.49 396982 (GOOGLE-CL...)
2 2 23.50.124.22 16625 (AKAMAI-AS)
10 23.227.146.18 55081 (24SHELLS)
2 2 67.202.105.24 32748 (STEADFAST)
2 67.202.105.33 32748 (STEADFAST)
2 2 37.157.6.232 198622 (ADFORM)
1 3.162.125.71 16509 (AMAZON-02)
2 51.222.39.185 16276 (OVH)
1 1 69.194.240.13 26120 (RHYTHMONE)
1 1 8.2.110.161 46636 (NATCOWEB)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 1 137.74.6.209 16276 (OVH)
21 207.65.37.179 62713 (AS-PUBMATIC)
7 69.194.240.11 26120 (RHYTHMONE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 10 52.37.26.15 16509 (AMAZON-02)
1 1 8.28.7.83 62713 (AS-PUBMATIC)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 1 2620:112:f008... 26120 (RHYTHMONE)
1 142.251.16.105 15169 (GOOGLE)
1 1 54.152.171.142 14618 (AMAZON-AES)
1 1 54.158.148.215 14618 (AMAZON-AES)
1 1 178.250.7.11 44788 (ASN-CRITE...)
3 63.251.28.231 13789 (INTERNAP-...)
1 2600:9000:247... 16509 (AMAZON-02)
1 34.149.139.129 396982 (GOOGLE-CL...)
1 147.28.146.89 54825 (PACKET)
1 72.44.56.160 14618 (AMAZON-AES)
1 1 198.8.71.131 54312 (ROCKETFUEL)
1 1 216.200.232.249 30419 (PAEDAE-INC)
1 1 52.54.28.112 14618 (AMAZON-AES)
1 104.18.7.198 13335 (CLOUDFLAR...)
1 1 198.148.27.131 19189 (PULSEPOINT)
505 128
5    208.103.124.88 (Pittsburgh, United States)

ASN33154 (DQECOM, US)
www.post-gazette.com
37    104.94.116.129 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-94-116-129.deploy.static.akamaitechnologies.com
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
17d6e16423fe4184bd12-27077f269a6e794fab2c2ee00760c8a9.ssl.cf2.rackcdn.com
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com
1    23.212.249.74 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-249-74.deploy.static.akamaitechnologies.com
s.ntv.io
3    2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:20::ac43:4731 (United States)

ASN13335 (CLOUDFLARENET, US)
www.queryly.com
1    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.67.155.215 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
2    146.75.40.157 (Seattle, United States)

ASN54113 (FASTLY, US)
platform.twitter.com
7    2607:f8b0:4004:c07::65 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
pittpostgazette-d.openx.net
9    108.138.115.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-149.jfk50.r.cloudfront.net
c.amazon-adsystem.com
1    2607:f8b0:400d:c02::9d (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2606:4700:10::6816:19f5 (United States)

ASN13335 (CLOUDFLARENET, US)
datawrapper.dwcdn.net
1    34.160.158.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.158.160.34.bc.googleusercontent.com
aswpsdkus.com
1    2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    104.18.223.248 (None, )

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
id.tinypass.com
buy.tinypass.com
3    208.103.124.87 (Pittsburgh, United States)

ASN33154 (DQECOM, US)
api2.post-gazette.com
7    44.209.159.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-159-194.compute-1.amazonaws.com
www.civicscience.com
1    13.35.93.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-5.jfk50.r.cloudfront.net
launcher.spot.im
9    3.224.111.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-111-103.compute-1.amazonaws.com
open-api.spot.im
api-2-0.spot.im
18    142.251.167.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f156.1e100.net
securepubads.g.doubleclick.net
6    2607:f8b0:400d:c09::9c (Morganton, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700::6812:a07e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tinypass.com
1    52.36.224.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-224-135.us-west-2.compute.amazonaws.com
postrelease.com
6    173.194.207.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f97.1e100.net
www.googletagmanager.com
4    44.193.57.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-57-62.compute-1.amazonaws.com
direct-events-collector.spot.im
pix.spot.im
28    2606:2800:21f:c274:341c:8ae0:45ce:f2b1 (United States)

ASN15133 (EDGECAST, US)
static-cdn.spot.im
3    99.84.108.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-32.iad79.r.cloudfront.net
publisher-assets.spot.im
2    209.85.232.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f157.1e100.net
googleads.g.doubleclick.net
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    2600:9000:2073:d600:f:c7b3:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2zqfs55y95cft.cloudfront.net
3    108.138.106.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-56.jfk50.r.cloudfront.net
config.aps.amazon-adsystem.com
8    18.160.20.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-20-121.iad12.r.cloudfront.net
aax.amazon-adsystem.com
3    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum.casalemedia.com
5    3.224.185.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-185-54.compute-1.amazonaws.com
ap.lijit.com
8    68.67.161.182 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    2607:f8b0:400d:c1d::8a (Morganton, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
6    104.16.143.111 (None, )

ASN13335 (CLOUDFLARENET, US)
api-esp.piano.io
c2.piano.io
3    2600:1408:c400:780::268b (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
15    173.194.66.139 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f139.1e100.net
www.google-analytics.com
3    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    142.251.16.106 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f106.1e100.net
www.google.com
5    3.232.184.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-184-20.compute-1.amazonaws.com
api-2-0.spot.im
3    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    142.251.167.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f155.1e100.net
securepubads.g.doubleclick.net
2    2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)
b5b2446c1fd38d2daed2ae03f2fa7775.safeframe.googlesyndication.com
cbdf5d4f9ce42ab1d77be4c58877683e.safeframe.googlesyndication.com
1    2600:9000:24f1:e200:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
4    2600:9000:2073:7200:f:c7b3:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.civicscience.com
6    2607:f8b0:4004:c06::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
16    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3004.infolinks.com
23    209.85.144.156 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f156.1e100.net
pagead2.googlesyndication.com
1    3.218.85.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-85-192.compute-1.amazonaws.com
ping.chartbeat.net
1    104.18.176.126 (None, )

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
1    145.40.89.32 (Ashburn, United States)

ASN54825 (PACKET, US)
id.cxense.com
3    172.64.152.89 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    2600:9000:23cb:2a00:1c:2afd:fb00:93a1 (United States)

ASN16509 (AMAZON-02, US)
d-code.liadm.com
7    142.251.174.138 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f138.1e100.net
fundingchoicesmessages.google.com
1    108.138.64.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-85.iad12.r.cloudfront.net
api.intentiq.com
2    2600:9000:26fa:a600:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
7    173.194.66.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f132.1e100.net
tpc.googlesyndication.com
2    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    208.103.124.64 (Pittsburgh, United States)

ASN33154 (DQECOM, US)
d.post-gazette.com
1    34.230.157.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-157-150.compute-1.amazonaws.com
idx.liadm.com
21    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    209.85.232.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f154.1e100.net
googleads.g.doubleclick.net
1    34.96.70.202 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 202.70.96.34.bc.googleusercontent.com
ox-rtb-us-west1.openx.net
3    2600:9000:2511:4e00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
5    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.spotim.market
player.adtelligent.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
8    2607:f350:3:2569:0:10:0:200c (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    3.218.120.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-120-1.compute-1.amazonaws.com
ice.360yield.com
9    54.242.231.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-242-231-86.compute-1.amazonaws.com
ce.lijit.com
1    104.36.113.112 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    52.4.115.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-115-89.compute-1.amazonaws.com
rtb.gumgum.com
1    2600:1408:ec00:1f::1735:23c8 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
3    172.240.45.75 (United States)

ASN7979 (SERVERS-COM, US)
track1.aniview.com
2    3.223.73.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-73-16.compute-1.amazonaws.com
fw.adsafeprotected.com
2    2607:f8b0:4004:c07::94 (Washington, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    23.215.0.43 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-215-0-43.deploy.static.akamaitechnologies.com
player.aniview.com
1    2600:1f18:730:b150:12d9:2b5:9ece:c551 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    52.7.252.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-252-0.compute-1.amazonaws.com
rp4.liadm.com
4    23.227.151.242 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sghb.spotim.market
4    173.194.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f148.1e100.net
ad.doubleclick.net
2    2606:4700:10::6816:36e8 (United States)

ASN13335 (CLOUDFLARENET, US)
c.aaxads.com
6    2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
8    104.94.117.85 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-94-117-85.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    108.138.128.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-34.jfk50.r.cloudfront.net
tags.crwdcntrl.net
3    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    3.233.130.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-130-32.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
4    2600:9000:2073:d000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2600:1f18:1aca:4282:e19:1ba3:b531:d604 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    172.240.45.81 (United States)

ASN7979 (SERVERS-COM, US)
go1.aniview.com
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
3    34.36.216.150 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com
pixel-sync.sitescout.com
2    100.24.111.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-111-98.compute-1.amazonaws.com
sync.crwdcntrl.net
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    216.219.92.22 (United States)

ASN19318 (IS-AS-1, US)
inv-nets.admixer.net
5    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
cm.g.doubleclick.net
1    54.173.65.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-65-180.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    172.217.222.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f157.1e100.net
googleads4.g.doubleclick.net
4    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
4    23.62.164.208 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-164-208.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    3.84.48.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-84-48-98.compute-1.amazonaws.com
ap.lijit.com
3    172.240.45.78 (United States)

ASN7979 (SERVERS-COM, US)
sync.aniview.com
1    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
4    172.240.45.70 (United States)

ASN7979 (SERVERS-COM, US)
s2ssc.aniview.com
2    2606:ae80:1471:16::820 (United States)

ASN25751 (VALUECLICK, US)
proc.ad.cpe.dotomi.com
1    23.227.151.194 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    74.119.117.6 (United States)

ASN19750 (AS-CRITEO, US)
grid.bidswitch.net
bidder.criteo.com
1    147.75.195.77 (Parsippany, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2607:f350:3:2569:0:10:0:a (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    3.226.55.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-55-46.compute-1.amazonaws.com
ads.yieldmo.com
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
2    18.235.181.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-181-156.compute-1.amazonaws.com
ad.360yield.com
1    2600:9000:2511:9e00:7:aedc:4e00:93a1 (United States)

ASN16509 (AMAZON-02, US)
hb.openwebmp.com
3    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
pixels.ad.gt
2    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    23.212.248.20 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-248-20.deploy.static.akamaitechnologies.com
sli.post-gazette.com
1    34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com
pa.openx.net
2    23.50.124.22 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-124-22.deploy.static.akamaitechnologies.com
hbx.media.net
10    23.227.146.18 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.spotim.market
sync.adtelligent.com
2    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
2    37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    3.162.125.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-71.iad61.r.cloudfront.net
public.servenobid.com
2    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
1    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    8.2.110.161 (United States)

ASN46636 (NATCOWEB, US)
cm-x.mgid.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
1    137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.radius.technology
a4p.adpartner.pro
21    207.65.37.179 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    69.194.240.11 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
1    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
p.ad.gt
10    52.37.26.15 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-26-15.us-west-2.compute.amazonaws.com
ids.ad.gt
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:112:f008:200::101 (United States)

ASN26120 (RHYTHMONE, US)
d.turn.com
1    142.251.16.105 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f105.1e100.net
www.google.com
1    54.152.171.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-171-142.compute-1.amazonaws.com
sync.ipredictive.com
1    54.158.148.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-148-215.compute-1.amazonaws.com
match.prod.bidr.io
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
3    63.251.28.231 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
1    2600:9000:247b:ea00:3:7df3:55c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.decide.dev
1    34.149.139.129 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 129.139.149.34.bc.googleusercontent.com
decide.dev
1    147.28.146.89 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    72.44.56.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-56-160.compute-1.amazonaws.com
ads.yieldmo.com
1    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    216.200.232.249 (Frederick, United States)

ASN30419 (PAEDAE-INC, US)
sync.mathtag.com
1    52.54.28.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-28-112.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    104.18.7.198 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
Apex Domain
Subdomains		 Transfer
50 spot.im
launcher.spot.im — Cisco Umbrella Rank: 6778
open-api.spot.im — Cisco Umbrella Rank: 10863
direct-events-collector.spot.im — Cisco Umbrella Rank: 6374
static-cdn.spot.im — Cisco Umbrella Rank: 6183
publisher-assets.spot.im — Cisco Umbrella Rank: 6623
api-2-0.spot.im — Cisco Umbrella Rank: 3396
pix.spot.im — Cisco Umbrella Rank: 6668
642 KB
39 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
ad.doubleclick.net — Cisco Umbrella Rank: 210
cm.g.doubleclick.net — Cisco Umbrella Rank: 363
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 1000
331 KB
38 googlesyndication.com
b5b2446c1fd38d2daed2ae03f2fa7775.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
cbdf5d4f9ce42ab1d77be4c58877683e.safeframe.googlesyndication.com
407 KB
37 rackcdn.com
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 155115
814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 147808
17d6e16423fe4184bd12-27077f269a6e794fab2c2ee00760c8a9.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 163252
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 101076
1 MB
27 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 1487
ads.pubmatic.com — Cisco Umbrella Rank: 855
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 744
image2.pubmatic.com — Cisco Umbrella Rank: 1373
2 KB
23 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 645
cdn.id5-sync.com — Cisco Umbrella Rank: 1233
58 KB
23 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 394
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 999
aax.amazon-adsystem.com — Cisco Umbrella Rank: 501
s.amazon-adsystem.com — Cisco Umbrella Rank: 399
93 KB
22 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
23 KB
17 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2902
track1.aniview.com — Cisco Umbrella Rank: 4530
go1.aniview.com — Cisco Umbrella Rank: 7282
sync.aniview.com — Cisco Umbrella Rank: 2915
s2ssc.aniview.com — Cisco Umbrella Rank: 7173
346 KB
16 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2328
a.ad.gt — Cisco Umbrella Rank: 2521
p.ad.gt — Cisco Umbrella Rank: 2796
ids.ad.gt — Cisco Umbrella Rank: 2348
pixels.ad.gt — Cisco Umbrella Rank: 2702
20 KB
16 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 9368
router.infolinks.com — Cisco Umbrella Rank: 4312
rt3004.infolinks.com — Cisco Umbrella Rank: 103935
135 KB
15 spotim.market
player.spotim.market — Cisco Umbrella Rank: 10325
sghb.spotim.market — Cisco Umbrella Rank: 11895
sync.spotim.market — Cisco Umbrella Rank: 6094
157 KB
15 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
analytics.google.com — Cisco Umbrella Rank: 238
www.google.com — Cisco Umbrella Rank: 10
76 KB
15 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1228
ce.lijit.com — Cisco Umbrella Rank: 1396
18 KB
11 civicscience.com
www.civicscience.com — Cisco Umbrella Rank: 11630
cdn.civicscience.com — Cisco Umbrella Rank: 16195
48 KB
11 openx.net
pittpostgazette-d.openx.net — Cisco Umbrella Rank: 160030
us-u.openx.net — Cisco Umbrella Rank: 864
ox-rtb-us-west1.openx.net — Cisco Umbrella Rank: 8071
pa.openx.net — Cisco Umbrella Rank: 5140
60 KB
10 post-gazette.com
www.post-gazette.com — Cisco Umbrella Rank: 115524
api2.post-gazette.com — Cisco Umbrella Rank: 160121
d.post-gazette.com — Cisco Umbrella Rank: 199213
sli.post-gazette.com — Cisco Umbrella Rank: 332376
171 KB
9 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1537
apex.go.sonobi.com — Cisco Umbrella Rank: 4003
8 KB
9 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1594
lexicon.33across.com — Cisco Umbrella Rank: 2352
ssc-cms.33across.com — Cisco Umbrella Rank: 1474
9 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
866 KB
8 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1622
106 KB
8 btloader.com
btloader.com — Cisco Umbrella Rank: 1573
api.btloader.com — Cisco Umbrella Rank: 1813
19 KB
8 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1248
static.adsafeprotected.com — Cisco Umbrella Rank: 1040
dt.adsafeprotected.com — Cisco Umbrella Rank: 974
123 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 383
secure.adnxs.com — Cisco Umbrella Rank: 764
8 KB
7 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 1255
1 KB
6 piano.io
api-esp.piano.io — Cisco Umbrella Rank: 21829
c2.piano.io — Cisco Umbrella Rank: 7249
44 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 499
grid.bidswitch.net — Cisco Umbrella Rank: 1853
2 KB
5 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 12536
ghb.adtelligent.com — Cisco Umbrella Rank: 9029
sync.adtelligent.com — Cisco Umbrella Rank: 7131
3 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1256
sync.crwdcntrl.net — Cisco Umbrella Rank: 1261
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296
14 KB
5 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 780
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 2567
token.rubiconproject.com — Cisco Umbrella Rank: 694
4 KB
5 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 14208
cdn.tinypass.com — Cisco Umbrella Rank: 7771
id.tinypass.com — Cisco Umbrella Rank: 26287
buy.tinypass.com — Cisco Umbrella Rank: 8867
123 KB
4 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1603
2 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 646
1 KB
4 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2809
ad.360yield.com — Cisco Umbrella Rank: 1075
1 KB
4 liadm.com
d-code.liadm.com — Cisco Umbrella Rank: 5362
idx.liadm.com — Cisco Umbrella Rank: 2445
rp.liadm.com — Cisco Umbrella Rank: 1645
rp4.liadm.com — Cisco Umbrella Rank: 4911
37 KB
4 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 7090
id.cxense.com — Cisco Umbrella Rank: 14693
44 KB
4 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 785
ssum.casalemedia.com — Cisco Umbrella Rank: 2139
1 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 969
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1117
850 B
3 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2589
23 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 505
data.adsrvr.org — Cisco Umbrella Rank: 8780
2 KB
3 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 3243
327 KB
3 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 2553
sync.intentiq.com — Cisco Umbrella Rank: 1598
3 KB
2 decide.dev
cdn2.decide.dev — Cisco Umbrella Rank: 39232
decide.dev — Cisco Umbrella Rank: 27736
3 KB
2 criteo.com
dis.eu.criteo.com — Cisco Umbrella Rank: 15157
bidder.criteo.com — Cisco Umbrella Rank: 944
762 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1081
2 adform.net
cm.adform.net — Cisco Umbrella Rank: 1869
1 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 2349
2 media.net
hbx.media.net — Cisco Umbrella Rank: 1864
1 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 952
228 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1162
784 B
2 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4267
466 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 5319
128 B
2 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 7692
447 B
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 449
41 KB
2 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 2583
333 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1187
559 B
2 dwcdn.net
datawrapper.dwcdn.net — Cisco Umbrella Rank: 41851
2 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1868
27 KB
2 queryly.com
www.queryly.com — Cisco Umbrella Rank: 16733
12 KB
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 1077
1 KB
1 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1317
82 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1245
227 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1642
717 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1308
772 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 1026
423 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1383
485 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1995
443 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10851
605 B
1 trafmag.com
t.trafmag.com — Cisco Umbrella Rank: 13279
349 B
1 mgid.com
cm-x.mgid.com — Cisco Umbrella Rank: 6850
647 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 741
195 B
1 servenobid.com
public.servenobid.com — Cisco Umbrella Rank: 9571
1 openwebmp.com
hb.openwebmp.com — Cisco Umbrella Rank: 11961
631 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6957
183 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 632
531 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 4158
578 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1859
201 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2461
15 KB
1 cloudfront.net
d2zqfs55y95cft.cloudfront.net
41 KB
1 postrelease.com
postrelease.com — Cisco Umbrella Rank: 1375
1 gstatic.com
fonts.gstatic.com
19 KB
1 aswpsdkus.com
aswpsdkus.com — Cisco Umbrella Rank: 14619
40 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 353
32 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 12713
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
971 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 5974
179 KB
0 avct.cloud Failed
ads.avct.cloud Failed
0 mdhv.io Failed
jelly.mdhv.io Failed
0 vidoomy.com Failed
vid.vidoomy.com Failed
0 rtk.io Failed
sync.rtk.io Failed
0 krxd.net Failed
cdn.krxd.net Failed
505 92
Domain Requested by
28 static-cdn.spot.im launcher.spot.im
static-cdn.spot.im
23 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
resources.infolinks.com
googleads.g.doubleclick.net
s0.2mdn.net
rumcdn.geoedge.be
www.post-gazette.com
22 www.google-analytics.com www.post-gazette.com
www.google-analytics.com
www.googletagmanager.com
p.ad.gt
21 hbopenbid.pubmatic.com player.aniview.com
21 id5-sync.com 16 redirects resources.infolinks.com
www.post-gazette.com
cdn.id5-sync.com
20 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.post-gazette.com
pagead2.googlesyndication.com
19 9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com www.post-gazette.com
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.post-gazette.com
tpc.googlesyndication.com
rumcdn.geoedge.be
13 api-2-0.spot.im static-cdn.spot.im
11 a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com www.post-gazette.com
814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
10 ids.ad.gt 1 redirects www.post-gazette.com
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
9 ce.lijit.com 5 redirects www.post-gazette.com
9 resources.infolinks.com securepubads.g.doubleclick.net
www.post-gazette.com
resources.infolinks.com
router.infolinks.com
9 c.amazon-adsystem.com 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
c.amazon-adsystem.com
player.spotim.market
player.aniview.com
9 www.googletagmanager.com www.post-gazette.com
www.googletagmanager.com
www.google-analytics.com
rumcdn.geoedge.be
8 secure.cdn.fastclick.net rumcdn.geoedge.be
secure.cdn.fastclick.net
www.post-gazette.com
8 sync.go.sonobi.com 2 redirects www.post-gazette.com
8 aax.amazon-adsystem.com c.amazon-adsystem.com
7 targeting.unrulymedia.com player.aniview.com
7 sync.spotim.market rumcdn.geoedge.be
www.post-gazette.com
7 www.civicscience.com 1 redirects a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
www.civicscience.com
www.post-gazette.com
6 btloader.com 4 redirects www.post-gazette.com
6 player.aniview.com static-cdn.spot.im
player.aniview.com
6 ib.adnxs.com 3 redirects a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
6 ap.lijit.com 3 redirects a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
6 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
5 cm.g.doubleclick.net 3 redirects www.post-gazette.com
5 api-esp.piano.io cdn.tinypass.com
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
5 pittpostgazette-d.openx.net 1 redirects 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
www.post-gazette.com
pittpostgazette-d.openx.net
5 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com www.post-gazette.com
814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
5 www.post-gazette.com www.post-gazette.com
4 s2ssc.aniview.com player.aniview.com
4 ads.pubmatic.com player.aniview.com
rumcdn.geoedge.be
player.spotim.market
4 ad-delivery.net www.post-gazette.com
c.aaxads.com
4 x.bidswitch.net 3 redirects www.post-gazette.com
4 pixel.tapad.com 4 redirects
4 static.adsafeprotected.com www.post-gazette.com
srcdoc
4 ad.doubleclick.net www.post-gazette.com
c.aaxads.com
4 sghb.spotim.market player.spotim.market
4 player.spotim.market www.post-gazette.com
player.spotim.market
4 lexicon.33across.com 1 redirects www.post-gazette.com
cdn-ima.33across.com
4 rt3004.infolinks.com resources.infolinks.com
4 cdn.civicscience.com www.civicscience.com
cdn.civicscience.com
4 us-u.openx.net pittpostgazette-d.openx.net
www.post-gazette.com
3 ads.stickyadstv.com player.aniview.com
3 sync.adtelligent.com www.post-gazette.com
player.spotim.market
3 sync.aniview.com player.aniview.com
3 pixel-sync.sitescout.com 3 redirects
3 cdn.hadronid.net www.post-gazette.com
a.ad.gt
3 track1.aniview.com www.post-gazette.com
player.aniview.com
3 pix.spot.im static-cdn.spot.im
3 rumcdn.geoedge.be static-cdn.spot.im
rumcdn.geoedge.be
player.spotim.market
3 cdn-ima.33across.com resources.infolinks.com
rumcdn.geoedge.be
www.post-gazette.com
3 router.infolinks.com resources.infolinks.com
3 s.amazon-adsystem.com c.amazon-adsystem.com
rumcdn.geoedge.be
www.post-gazette.com
3 analytics.google.com www.googletagmanager.com
3 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
3 htlb.casalemedia.com a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
3 fastlane.rubiconproject.com a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
3 config.aps.amazon-adsystem.com c.amazon-adsystem.com
rumcdn.geoedge.be
3 googleads.g.doubleclick.net www.googletagmanager.com
resources.infolinks.com
pagead2.googlesyndication.com
3 publisher-assets.spot.im launcher.spot.im
www.post-gazette.com
3 api2.post-gazette.com a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
2 secure.adnxs.com 2 redirects
2 onetag-sys.com rumcdn.geoedge.be
player.spotim.market
2 cm.adform.net 2 redirects
2 de.tynt.com rumcdn.geoedge.be
player.spotim.market
2 ssc-cms.33across.com 2 redirects
2 hbx.media.net 2 redirects
2 api.btloader.com c.aaxads.com
2 a.ad.gt rumcdn.geoedge.be
p.ad.gt
2 ad.360yield.com player.spotim.market
www.post-gazette.com
2 ads.yieldmo.com player.spotim.market
2 prebid.a-mo.net player.spotim.market
2 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
2 sync.crwdcntrl.net 2 redirects
2 id.hadron.ad.gt cdn.hadronid.net
2 dt.adsafeprotected.com www.post-gazette.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 cdn.id5-sync.com rumcdn.geoedge.be
www.post-gazette.com
2 tags.crwdcntrl.net rumcdn.geoedge.be
www.post-gazette.com
2 c.aaxads.com 2 redirects
2 s0.2mdn.net www.post-gazette.com
s0.2mdn.net
2 fw.adsafeprotected.com 1 redirects www.post-gazette.com
2 rtb.gumgum.com 2 redirects
2 ice.360yield.com 2 redirects
2 match.adsrvr.org 2 redirects
2 lb.eu-1-id5-sync.com resources.infolinks.com
cdn.id5-sync.com
2 sync.intentiq.com 1 redirects www.post-gazette.com
2 buy.tinypass.com cdn.tinypass.com
2 www.google.com www.post-gazette.com
rumcdn.geoedge.be
2 datawrapper.dwcdn.net a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
2 17d6e16423fe4184bd12-27077f269a6e794fab2c2ee00760c8a9.ssl.cf2.rackcdn.com a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
2 platform.twitter.com www.post-gazette.com
platform.twitter.com
2 www.queryly.com www.post-gazette.com
1 bh.contextweb.com 1 redirects
1 capi.connatix.com www.post-gazette.com
1 sync.srv.stackadapt.com 1 redirects
1 sync.mathtag.com 1 redirects
1 p.rfihub.com 1 redirects
1 decide.dev cdn2.decide.dev
1 cdn2.decide.dev www.post-gazette.com
1 bidder.criteo.com player.aniview.com
1 dis.eu.criteo.com 1 redirects
1 match.prod.bidr.io 1 redirects
1 sync.ipredictive.com 1 redirects
1 cbdf5d4f9ce42ab1d77be4c58877683e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixels.ad.gt rumcdn.geoedge.be
1 d.turn.com 1 redirects
1 token.rubiconproject.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 p.ad.gt a.ad.gt
1 a4p.adpartner.pro 1 redirects
1 t.trafmag.com www.post-gazette.com
1 cm-x.mgid.com 1 redirects
1 sync.1rx.io 1 redirects
1 public.servenobid.com rumcdn.geoedge.be
1 pa.openx.net player.aniview.com
1 sli.post-gazette.com www.post-gazette.com
1 hb.openwebmp.com player.spotim.market
1 prebid-eu.creativecdn.com player.spotim.market
1 apex.go.sonobi.com player.spotim.market
1 grid.bidswitch.net player.spotim.market
1 ghb.adtelligent.com player.spotim.market
1 eb2.3lift.com 1 redirects
1 ssum.casalemedia.com player.aniview.com
1 googleads4.g.doubleclick.net www.post-gazette.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 inv-nets.admixer.net 1 redirects
1 data.adsrvr.org 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 go1.aniview.com player.aniview.com
1 player.adtelligent.com player.spotim.market
1 rp4.liadm.com www.post-gazette.com
1 rp.liadm.com 1 redirects
1 image6.pubmatic.com 1 redirects
1 ox-rtb-us-west1.openx.net resources.infolinks.com
1 idx.liadm.com d-code.liadm.com
1 d.post-gazette.com www.post-gazette.com
1 api.intentiq.com resources.infolinks.com
1 d-code.liadm.com resources.infolinks.com
1 id.cxense.com cdn.cxense.com
1 ping.chartbeat.net www.post-gazette.com
1 static.chartbeat.com www.post-gazette.com
1 b5b2446c1fd38d2daed2ae03f2fa7775.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c2.piano.io cdn.tinypass.com
1 id.tinypass.com cdn.tinypass.com
1 d2zqfs55y95cft.cloudfront.net www.post-gazette.com
1 direct-events-collector.spot.im launcher.spot.im
1 postrelease.com s.ntv.io
1 cdn.tinypass.com experience.tinypass.com
1 open-api.spot.im a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
1 launcher.spot.im a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
1 experience.tinypass.com www.post-gazette.com
1 fonts.gstatic.com fonts.googleapis.com
1 aswpsdkus.com 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
1 www.googletagservices.com 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
1 www.npttech.com www.post-gazette.com
1 fonts.googleapis.com 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
1 s.ntv.io www.post-gazette.com
0 ads.avct.cloud Failed www.post-gazette.com
0 jelly.mdhv.io Failed www.post-gazette.com
0 vid.vidoomy.com Failed www.post-gazette.com
0 sync.rtk.io Failed 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
0 cdn.krxd.net Failed www.post-gazette.com
505 166
Subject Issuer Validity Valid
*.post-gazette.com
Starfield Secure Certificate Authority - G2		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ssl.cf2.rackcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-24 -
2024-11-27		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-31 -
2025-07-31		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
queryly.com
WE1		 2024-08-01 -
2024-10-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
npttech.com
WE1		 2024-06-22 -
2024-09-20		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-24 -
2025-07-25		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
dwcdn.net
WE1		 2024-07-12 -
2024-10-10		 3 months crt.sh
aswpsdkus.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-10 -
2025-01-09		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
tinypass.com
WE1		 2024-07-12 -
2024-10-10		 3 months crt.sh
*.civicscience.com
Amazon RSA 2048 M03		 2024-03-05 -
2025-04-03		 a year crt.sh
*.spot.im
Amazon RSA 2048 M03		 2024-08-02 -
2025-08-30		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M03		 2024-07-31 -
2025-08-30		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
casalemedia.com
E5		 2024-06-17 -
2024-09-15		 3 months crt.sh
*.lijit.com
Amazon RSA 2048 M03		 2024-02-11 -
2025-03-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2024-02-25 -
2024-12-31		 10 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-14 -
2025-02-14		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-04-24 -
2025-04-17		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2024-05-15 -
2025-06-06		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
infolinks.com
WE1		 2024-08-10 -
2024-11-08		 3 months crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M03		 2023-12-02 -
2024-12-29		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M03		 2024-03-26 -
2025-04-24		 a year crt.sh
*.eu-1-id5-sync.com
R10		 2024-07-01 -
2024-09-29		 3 months crt.sh
*.id5-sync.com
E6		 2024-07-01 -
2024-09-29		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M03		 2024-07-12 -
2025-08-09		 a year crt.sh
player.spotim.market
R11		 2024-08-12 -
2024-11-10		 3 months crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-10-15		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M03		 2024-02-28 -
2025-03-28		 a year crt.sh
*.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
sghb.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2024-07-21 -
2024-10-19		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-07 -
2025-08-07		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
hadronid.net
WE1		 2024-07-27 -
2024-10-25		 3 months crt.sh
id5-sync.com
WE1		 2024-08-02 -
2024-10-31		 3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2023-11-27 -
2024-12-25		 a year crt.sh
player.adtelligent.com
R10		 2024-07-12 -
2024-10-10		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M03		 2024-04-25 -
2025-05-23		 a year crt.sh
lexicon.33across.com
WR3		 2024-07-11 -
2024-10-09		 3 months crt.sh
id.hadron.ad.gt
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
ad-delivery.net
WE1		 2024-07-15 -
2024-10-13		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2024-06-17 -
2025-07-19		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-07-26 -
2024-10-24		 3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-16 -
2024-10-16		 3 months crt.sh
*.a-mo.net
R11		 2024-07-04 -
2024-10-02		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M03		 2024-07-15 -
2025-08-14		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2024-04-05 -
2025-04-30		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M02		 2024-06-15 -
2025-07-14		 a year crt.sh
*.openwebmp.com
Amazon RSA 2048 M03		 2024-02-07 -
2025-03-07		 a year crt.sh
a.ad.gt
WE1		 2024-08-07 -
2024-11-05		 3 months crt.sh
api.btloader.com
WR3		 2024-08-02 -
2024-10-31		 3 months crt.sh
sli.post-gazette.com
R11		 2024-07-25 -
2024-10-23		 3 months crt.sh
pa.openx.net
WR3		 2024-07-22 -
2024-10-20		 3 months crt.sh
sync.spotim.market
E6		 2024-07-17 -
2024-10-15		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-12-08 -
2025-01-05		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2024-06-11 -
2025-06-11		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-30 -
2025-05-31		 a year crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
*.ad.gt
Amazon RSA 2048 M02		 2024-03-10 -
2025-04-08		 a year crt.sh
pixels.ad.gt
WE1		 2024-07-08 -
2024-10-06		 3 months crt.sh
*.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-09 -
2025-02-08		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-18 -
2024-09-17		 3 months crt.sh
*.decide.dev
Amazon RSA 2048 M02		 2023-11-26 -
2024-12-25		 a year crt.sh
decide.dev
WR3		 2024-07-23 -
2024-10-21		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-07-17 -
2024-10-15		 3 months crt.sh
capi.connatix.com
WE1		 2024-07-11 -
2024-10-09		 3 months crt.sh

This page contains 60 frames:

Primary Page: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Frame ID: 7239C8E787CF5565619E3B9BD59BF0DD
Requests: 238 HTTP requests in this frame

Frame: https://datawrapper.dwcdn.net/r7BWU/2/
Frame ID: 3F376206BCAEE1FA6D4C0779C3D7A340
Requests: 1 HTTP requests in this frame

Frame: https://datawrapper.dwcdn.net/CNmAr/2/
Frame ID: 1597895FF2A3DEB6CE667EEDE6A80A10
Requests: 1 HTTP requests in this frame

Frame: https://sync.rtk.io/cs
Frame ID: 21F0ADA7DC234E55F1319C58CC861482
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.post-gazette.com
Frame ID: 54352C3B1D2303FC5C4AC1BA49112713
Requests: 1 HTTP requests in this frame

Frame: https://postrelease.com/iframes/topics.html
Frame ID: F4A09001E3A930BE138A75F34EC481E6
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e&gdpr=0&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e
Frame ID: 4532DB8DFE3CBD9CF99EC043F2837BC2
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-adMediaV1_n-Beeswax_smrt_cnv_n-adYouLike_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_ppt_n-baidu_sovrn_n-Outbrain
Frame ID: D61F2015C9806742387BE83FD1CD59AC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 7C7C74A3342FCB5A09561536763B4AA9
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e&gdpr=0&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e
Frame ID: CEEE8D5EE9EFC2D0C687E0B1B57E34A8
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e&gdpr=0&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e
Frame ID: D89775D54B6436C0E365FEF4C685AFE7
Requests: 1 HTTP requests in this frame

Frame: https://b5b2446c1fd38d2daed2ae03f2fa7775.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3A232D20CB9A2F8B7B6393E4255E3E18
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23pgevoke-story-0%20.pgevoke-story-offerbox&templateId=OT6SDFZIMGWZ&offerId=OFZW2E3CE4HO&showCloseButton=true&widget=offer&iframeId=offer-0-qBiY5&url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&parentDualScreenLeft=10&parentDualScreenTop=10&parentWidth=1600&parentHeight=1200&parentOuterHeight=1285&aid=0Jrto77Ppu&zone=Web&customVariables=%7B%7D&browserId=lzs7u8xpgeq65hpm&userState=anon&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2549.800000011921&logType=offerShow&width=650&_qh=8989101e42
Frame ID: 916C783067218F5B286FE273C94C858B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: D93F55A3D4F39DE33E76E8B53F6F03F9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssf6BAM4yJFzmqNcnjCeuJ5tBVNGYmlKKHl3mn-n5iliJ2d9WrlOdjeKcaoOIYVk9ZkEBOgDKsmtiKxPZ_Hp8a2RBKRv6FnrsNhsJAgXYpQtIf6aZlBqWt7gTQ13_IooXDXinIBE8xQ5HgQL6sk_9myOIg_nVanN-rK-czwBIfC7sNmZhNcjEtHR3xA10CdmkiQUvImIaJgUNMkv5UH0f3SE10j0YJYkXTEZu-SgETDl--f2J4di1SmIFgGARJYYbHm9LZZBQWlbQRSDPoMlLGEkjoCOXW_ZQNy55gi2DCbNTlPC-6AAJEgeDY5aYu5P5I343fqXh6awNmSKggMxW1WrCnqxV2Yp38hSI0WP5QSPErL54TSn1uhyCcNp8zlwy8D6z3sxPIHET-q8sVdekkPufBEkXgm&sai=AMfl-YR_1qDmh-_qniuIuKBE_A4rHIUjgtYjXN9N3QHA00nWof5GvandnkbqsFUZzXj2dvh_oblVK-FrnQ0DQGGlS37r0QCaGpGy7hjK4H7xD6syRDMhvtgec7ZAd5bCvQ&sig=Cg0ArKJSzLTLM0anTAANEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: C8C3FC85B45A3E0CF5BE3AE64DD25B06
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRjw0YSzipRltuAFv3xKA_4-t5S9P2KDEwx5vPPOkQmoRjW0Duhf_ngSxB0P1jAypnPNWut4Jvi2ZV3GKagkvDLU-mr32tAOujBR-fDFHsht86lLBC-FSMUVkJGdb9bVPicnBGfMiLEM525iosARM3PN7nSSouDYNqDjvEB1ueW54UlFwEVXEP94aLPlUZL0ksYdH80jIo68BaqQTE5oKmXvz-NXSP8QdHjBorfLZKRkQ3B7aBkcgKd5jSwpm11Ge0AenpXRb1YWUzmT-TnEoqIlTQSfQyMvYFcMQvZ33DTGXmEXgtLD9q4aEi9uIVt_9f_IYUhZYwZ2sVdQJaTvVsrsKyXXLiRP8jj8s-JMlN3kt14ivmv2RdgNcMbU6qNJmgmZcL1A&sai=AMfl-YQVQ9Nqir-LJ7mRrQXVcmnE7Qvgxi_3a5Aq9Pt0L5FchxeAnTQacPqbRI295zVK2U1mKxM1vZXQzRVgVXke1lzuvQ6jV5GaQvFr87XYte7vxIJiEalV0Ek2C_b3jA&sig=Cg0ArKJSzMxHCJXjMqd3EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: BC6821B2BB540DF1106732D516546E87
Requests: 10 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3406772&wsid=0&pdom=www.post-gazette.com&purl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072
Frame ID: C7A3BA4C676451A987407E906ED6E56F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.civicscience.com/jspoll/5/csw.5.4.27.css?pv=5.4.27
Frame ID: 788D5222E0E54EC686EE60B559F47FE5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4WK6wViq3XJjoqqRUHgJAc9BM3HF7kfNmDUdn31yTxkDC6nwDNuPcN8Od9VIlPbcHkwYnJwv3jRPC7dpwXghBpEJgkUN-L6N4he6ipNIVliuERlTaI2QFomoVa2rmECjXocxbgumjRv2jJi6U9eviVzC5yS8ty_-1wZ48wgLbFczguSAP6PSlLkyFpsaw2-hNiSBqjBZHJtmClIPs3auNlrpsB9nstjn06mB6ihSm5wcameWLa8EpxCi88CMnVHIknHr3xeRG_jFG6_NBkdmto7arimTerIBilj5OF6WjSEKsMLqFv8SLu4nEn--mY098BeM-rr3KeZA2z-JspECJ6mgXpzkNtQ-Y-0nl2qZ8ALU5HUrP3jiEVYasFWeqffaOIL7S8Q&sai=AMfl-YTDiDPbZ4fc9surZc17nzIaFacMz4tSaO02N2_EGQkz3lrbU0uTo_R-LkeQR-1QPfMfXxmbe5d1ghPZYZ_z-YWinr9bn1aqkWcbC1IsDuro_3iYkKZm8cYptnQPDA&sig=Cg0ArKJSzAJgmGV_bvvcEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: EA865ACB469EE37080BC7ED5EB3B890D
Requests: 10 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-4.0.html
Frame ID: 98A9B96BBCF99CE1BEEEE8A22BCB30C0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBznSXE-vIfWnZgs_eqJLYQnRjtB7yb7bzHLrBJXmUILKRGjlILGThGf9zRcF7-bYnrYYBHBACz6KpRmIMRqzuN_llPd1gvinycvIbZSOjNFrIFAS4Lp83G45uSeJtN2sIiTT5Ako_tE2BasBcmlNyfdbfhQG_tKp7cuhwh_9jeVHIow4z8eKVwbUwSRejNcrBERhQJMHMz7l_wI0ljdAKbU4nAvicxxJwbifbzN6dnjodBjC9GnEMupsusi_4FCKQjw8XBZR33F-At55mFj7g-csOBSpEoaMUN0Xx61eTiiZJnHv7Vii56dR7bBi71_Rh48U7SymHX-yYbr9Do9ROxk8CUBayWYSTuI0vL5cK&sai=AMfl-YRtL-N-XuBMY-NtjcijysgLrTLmFTxxNlU9KKV3G2zmNPw5ulNr9yOt_xgz8_FqJBnNnEpsGnPFNM1JZ1GUvRc4oHU7qi3XpwQCJTCSFous0OaZA-UPFx2mM25qxA&sig=Cg0ArKJSzE6GxdrSQgEFEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: C7716CB2A5D98598D4EBB0FCB3531547
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMS1lwEQo7u_ARiS6a72ATAB&v=APEucNUfaxdZhZimSdh1VB_6n4dc0B0_snFP0yCI9WYihC6NqRW9M8koGs_iK7yxyJNX2xXaJB3rAxFE6Mr2EMNucn61c0wAtE1EbIJ5EsT53Ul9EStcPAs
Frame ID: 4A001DB2170AD8A2705951987A038FD8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 2ED33E3C408D8600C6EA9C98A30FEE6E
Requests: 17 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Frame ID: 66AEB0FA185E554B4729293DCA4DD070
Requests: 92 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e33c1420-b041-4c33-896d-fdea8d16166f
Frame ID: CDA92736FA1406359F1D225C7D868BC5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: BDDEC89DD86BAFF118102F552A4265AA
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi.js
Frame ID: 3ABF815F1B827DBFB17FFC2480FF7CC0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D03433F2E631ECC856E12C84FC0AAB2B
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: C736FE41F65278D5049E204F01E383AA
Requests: 37 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11139510502153299258/POS_US_CAN_PROSPECTING_INSPO_EN_300x250/index.html?ev=01_252
Frame ID: 5A81904E9F14354E17AB3F5DEEACCB61
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 07758BC01C03B4647E83825362E801C4
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_300x250.js
Frame ID: 1E9BB4F363F3E4A88252011E7BF319FD
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1723541052589-172025166255-000153-000-008120%26biddername%3D1%26key%3D
Frame ID: DE530CC38FA29B291225233D245E3141
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=18&key=JJ10ABZHC7ELi6jTQSyF4tgi
Frame ID: 5FE0441127F7680B4C6BC08B08A04B60
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1723541052589-172025166255-000153-000-008120%26biddername%3D42%26key%3D
Frame ID: 3621FC7519FB89767B1C8F7D179130D8
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=72&pid=5e0e296628a061270b21ccab&key=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553
Frame ID: 9457EB9D774F84BD20434EC2C18B83A2
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=41&pid=5e0e296628a061270b21ccab&key=4441859691190386988537
Frame ID: D23AF3EAB8FE67885D3DC144780F964E
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 06264DA27A87F4B83340F36A3251629E
Requests: 22 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 59B860A2E0E5984E9C25CE05502F8670
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=g&ep=142&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=764727&a=754412&extuid=3665426501524238000V10
Frame ID: BBAF94C2D352FA10234E432A0A2FD860
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26extuid%3D33XUSERID33X
Frame ID: C0D86A54CE9FCD29FCF1CF94421F3A8A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26extuid%3D
Frame ID: 74EFC70DBA07FE0B5894482457776513
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=g&ep=50&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=764710&a=743293&extuid=8433293207319255994
Frame ID: 6B71FEBC2898C42845070FF6830FD181
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html?gdpr=0&gdpr_consent=undefined&usp_consent={us_privacy}&redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D816%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D793400%26a%3D449072%26extuid%3D%24%7BUID%7D
Frame ID: 150ECCDABA6CF72E40A17DABC1BA8316
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: D2EC837F091F650179B4D6C50B8BEEEC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-onetag_ppt_rx_n-inmobi_an-db5_3lift
Frame ID: 741CF1BC591419DEEEED4D4C29DA30C5
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-onetag_ppt_rx_n-inmobi_an-db5_3lift
Frame ID: 43A7A2EA0C4A133186583BDCAA98D4E2
Requests: 1 HTTP requests in this frame

Frame: https://cbdf5d4f9ce42ab1d77be4c58877683e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7DC2B0A89061F6E0F91F759BE2C4007D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A84EB98D42BA1641E0BB0D7C6EE0CA95
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7D118410DA3398A35D12F5C51A6647FE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvT8Lqx0_BY-cv0UFpoj2UUN6j0Sl6qfke3_A-_KPLrKf6yBL4kuWct_wfKOLdiKQl9gg010FvOk6Omy0uNAEpp4uB_DBkVBVQWVskdnfGIO_HZWBRtwNnoTVkv_vw2BFmNc30IbgcB8BD9LKxmSpDBxpgl3mYvA0LBxNUNbqEA2Jx4Z0OOMpaD4GbrwWu7eufpPeTfkBcIYXGK6GfdJwByJTRJLV1xIlZna5s3u5xbQDnShSr0c9B4LL6XFUfuvre_YNIdLGTPrB4RCxijSSruq7dnbSmFdkld4KNK6-eGO5pSlPHgtw7NFN4BeOsLkNOfGPH8fWNwEnL_XJAD0fQ0daE5N-DFqsqCjdjSPWxg8kFBq959oGbh3E1K65ZqeA&sai=AMfl-YTaP3AHvbYMq76bHsPbvsuxWnwfb9_i5JIhXE37wW0YRVqtzKqGatqTAi37R23KdDKBJAWx8_pHXzIjptnuvGgAcyPG60dDOlpJe5LBhONrUnYulNykcA4wjcf3fw&sig=Cg0ArKJSzJmi4yJMIR2rEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 797E4422332717DB0594C1D0C67D8AB1
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813
Frame ID: BE424E849491635CCA0378B3088D6DF1
Requests: 1 HTTP requests in this frame

Frame: https://decide.dev/lad/15261875772562278?pubid=ld-5018-4415&pubo=https%3A%2F%2Fwww.post-gazette.com&rid=&width=300&path=%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&x=0&y=0&external_tag_id=%2F39694909%2C6785150%2FDBV%2FDBV-PostGazette&embed_type=7&embed_frame_container_type=1
Frame ID: 9C5175AEE48161AA56E507D4C651E031
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 88722681F0E459B12DB88B046E2C7410
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=13EA00E2650FB5B9&sp=852559&pb=753264&c=764710&a=743293&domain=https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072&extuid=8433293207319255994
Frame ID: 30ACE134AA135B028FFEAB195767515A
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 0DE31795BB50C20F1394E976D26F3D2C
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 403C42E9E5D9587E9F457A9412E7169F
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=13EA00E2650FB5B9&sp=852559&pb=753264&c=764727&a=754412&domain=https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072&extuid=3665426501524238000V10
Frame ID: 3ED8E789C527F6D2A08EB5A4B5881380
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D13EA00E2650FB5B9%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%26extuid%3D33XUSERID33X
Frame ID: F37585571E5F074F136AFFEC27900807
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D13EA00E2650FB5B9%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%26extuid%3D
Frame ID: B5978309CE82122757D4EAA49143A606
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Trump rally gunman Thomas Crooks in rare class among high-profile shooters | Pittsburgh Post-Gazette

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

505
Requests

91 %
HTTPS

26 %
IPv6

92
Domains

166
Subdomains

128
IPs

8
Countries

5871 kB
Transfer

19890 kB
Size

479
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://pittpostgazette-d.openx.net/w/1.0/acj?ai=27d3368f-9aff-4b19-b4cc-05fde3c70801&o=288dc36383d55e&ju=https%3A//www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072&jr=&be=1&prf=1&auid=538288143&aus=728x90%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&bc=hb_2prf&bt=2500&res=1600x1200x24&plg=wmp%2Cpm&ch=UTF-8&tz=600&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e&ba=1723541049&sd=1 HTTP 302
  • https://pittpostgazette-d.openx.net/w/1.0/acj?cc=1&ai=27d3368f-9aff-4b19-b4cc-05fde3c70801&o=288dc36383d55e&ju=https%3A//www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072&jr=&be=1&prf=1&auid=538288143&aus=728x90%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&bc=hb_2prf&bt=2500&res=1600x1200x24&plg=wmp%2Cpm&ch=UTF-8&tz=600&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e&ba=1723541049&sd=1
Request Chain 87
  • https://www.civicscience.com/jspoll/5/csw-polyfills.js HTTP 302
  • https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Request Chain 197
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=465381&iiqidtype=2&iiqpcid=598a57ee-454b-4bd2-9e35-6f2dfcd0b7b5&iiqpciddate=1723541050614&tsrnd=237_1723541050616&fbp=646215242&jsver=5.36&abtp=100&abtg=A HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=465381&iiqidtype=2&iiqpcid=598a57ee-454b-4bd2-9e35-6f2dfcd0b7b5&iiqpciddate=1723541050614&tsrnd=237_1723541050616&fbp=646215242&jsver=5.36&abtp=100&abtg=A&ckls=true&ci=QGd1TkV8Ha&nc=false&trid=1978532436
Request Chain 213
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.13.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.13.0&b=1&tp=i%2FfEYs9ckhAy3hMSAFfg6tNMpQh5sqNuhXOi7gttgjA%3D
Request Chain 255
  • https://id5-sync.com/i/535/8.gif?id5id=ID5*s83cbQntST77-wny25AjN-Q7E6-IjE1kBFPscPX_JiG6ZVHckDDww8sWpwlfXqUJ&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=9d726017-cca8-4359-9a78-959ca9a44b9a&ttl=%%TTL%% HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F434%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/535/434/6/3.gif?puid=cb9aafa1-bfe6-44b6-af4a-589a78bec437&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/535/2/5/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/535/2/5/4.gif?puid=5740716073175427095&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-71a8jRH0a38HtKdfbJ5iYMeu-gxw8DGAr1ElcQObdA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F535%2F124%2F4%2F5.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-71a8jRH0a38HtKdfbJ5iYMeu-gxw8DGAr1ElcQObdA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F535%2F124%2F4%2F5.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/535/124/4/5.gif?puid=fcc3eeba-da8e-415b-869b-d853219dfe31&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=9d726017-cca8-4359-9a78-959ca9a44b9a&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F1245%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/535/1245/3/6.gif?puid=JJ10ABZHC7ELi6jTQSyF4tgi&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/535/429/2/7.gif?puid=20AE8506-B39B-4ED3-911A-D0EB0876E76D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F441%2F1%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/535/441/1/8.gif?puid=u_999cd69a-554f-47ce-92ad-a944415cfd39&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=20AE8506-B39B-4ED3-911A-D0EB0876E76D&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F1242%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/535/1242/0/9.gif?puid=JJ10ABZHC7ELi6jTQSyF4tgi&gdpr=0&gdpr_consent=
Request Chain 290
  • https://rp.liadm.com/j?dtstmp=1723541052046&did=did-004d&se=e30&duid=9f2ec9c7e58b--01j55gtnmxqxp97sd5gw1v9zg9&tv=v2.14.3&pu=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&wpn=lc-bundle&cd=.post-gazette.com&c=PHRpdGxlPlRydW1wIHJhbGx5IGd1bm1hbiBUaG9tYXMgQ3Jvb2tzIGluIHJhcmUgY2xhc3MgYW1vbmcgaGlnaC1wcm9maWxlIHNob290ZXJzIHwgUGl0dHNidXJnaCBQb3N0LUdhemV0dGU8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy5wb3N0LWdhemV0dGUuY29tL25ld3MvY3JpbWUtY291cnRzLzIwMjQvMDgvMTEvdGhvbWFzLWNyb29rcy1idXRsZXItdHJ1bXAtcmFsbHktc2hvb3Rpbmcvc3Rvcmllcy8yMDI0MDgxMTAwNzIiPjxoMSBjbGFzcz0icGdldm9rZS1zdG9yeS10b3BhcmVhLWN1dG91dC1oZWFkbGluZSI-CgkJCUxhY2sgb2YgbW90aXZlLCBwYXN0IHdyaXRpbmdzIHB1dHMgVHJ1bXAgcmFsbHkgZ3VubWFuIGluIHJhcmUgY2xhc3MgYW1vbmcgaGlnaC1wcm9maWxlIHNob290ZXJzCgkJPC9oMT48aDEgY2xhc3M9InBnZXZva2Utc3RvcnktYm90dG9tYXJlYS1oZWFkbGluZSI-CgkJCQlMYWNrIG9mIG1vdGl2ZSwgcGFzdCB3cml0aW5ncyBwdXRzIFRydW1wIHJhbGx5IGd1bm1hbiBpbiByYXJlIGNsYXNzIGFtb25nIGhpZ2gtcHJvZmlsZSBzaG9vdGVycwoJCQk8L2gxPg HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1723541052046&did=did-004d&se=e30&duid=9f2ec9c7e58b--01j55gtnmxqxp97sd5gw1v9zg9&tv=v2.14.3&pu=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&wpn=lc-bundle&cd=.post-gazette.com&c=PHRpdGxlPlRydW1wIHJhbGx5IGd1bm1hbiBUaG9tYXMgQ3Jvb2tzIGluIHJhcmUgY2xhc3MgYW1vbmcgaGlnaC1wcm9maWxlIHNob290ZXJzIHwgUGl0dHNidXJnaCBQb3N0LUdhemV0dGU8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy5wb3N0LWdhemV0dGUuY29tL25ld3MvY3JpbWUtY291cnRzLzIwMjQvMDgvMTEvdGhvbWFzLWNyb29rcy1idXRsZXItdHJ1bXAtcmFsbHktc2hvb3Rpbmcvc3Rvcmllcy8yMDI0MDgxMTAwNzIiPjxoMSBjbGFzcz0icGdldm9rZS1zdG9yeS10b3BhcmVhLWN1dG91dC1oZWFkbGluZSI-CgkJCUxhY2sgb2YgbW90aXZlLCBwYXN0IHdyaXRpbmdzIHB1dHMgVHJ1bXAgcmFsbHkgZ3VubWFuIGluIHJhcmUgY2xhc3MgYW1vbmcgaGlnaC1wcm9maWxlIHNob290ZXJzCgkJPC9oMT48aDEgY2xhc3M9InBnZXZva2Utc3RvcnktYm90dG9tYXJlYS1oZWFkbGluZSI-CgkJCQlMYWNrIG9mIG1vdGl2ZSwgcGFzdCB3cml0aW5ncyBwdXRzIFRydW1wIHJhbGx5IGd1bm1hbiBpbiByYXJlIGNsYXNzIGFtb25nIGhpZ2gtcHJvZmlsZSBzaG9vdGVycwoJCQk8L2gxPg&i6=MjAwMTo1NTA6MWQwNToxOjoxMA%3D%3D
Request Chain 301
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.post-gazette.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.post-gazette.com&ver=1.2&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=www.post-gazette.com&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=post-gazette.com&upapi=true
Request Chain 312
  • https://fw.adsafeprotected.com/rfw/st/779512/74291562/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=22063981&ias_pubId=543174347&ias_chanId=9&ias_placementId=55036917&bidurl=https://www.post-gazette.com&ias_dealId=OX-XPT-h6kpwY&xsId=ABAjH0j429fDV-Z_IWgkLubPz1z6&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j429fDV-Z_IWgkLubPz1z6&adContainerId=brand_safety_Oya7ZvmuLNO3oPMP083Y0AM&cbFunctionName=goog_wrapCb_Oya7ZvmuLNO3oPMP083Y0AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.post-gazette.com%2F&adsafe_type=f&adsafe_jsinfo=,id:c7b8b3d8-4d95-d607-c8a0-ed9727de7a85,c:ldtfjY,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-ddb667cb9-lg6k4,rg:va,pt:1-5-15,wc:10.10.1600.1200,ac:1133.1665.300.250,am:sp,cc:10.10.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:7,mot:0,app:0,maw:0,tdt:s,fm:uljYBLl+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18111%7C181121%7C181122%7C181123%7C1811241%7C1811242%7C181125%7C181126%7C1812%7C1813%7C1814%7C1815%7C18161%7C18162%7C1817%7C1818%7C1819%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i%7C1j1*.779512-74291562%7C1j11%7C1j12%7C1j13%7C1j14%7C1j2%7C1j3%7C1j4%7C1k%7C1l%7C1m11%7C1m12%7C1m2%7C1m3%7C1n%7C1o1%7C1p%7C1q,idMap:1j1*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:31,oid:cd1bfc2a-5955-11ef-a8c5-8e78f91e6ff9,v:19.8.527,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 324
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=&gdpr_consent=&gpp_sid= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&gdpr=0&gdpr_consent=
Request Chain 325
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=&gdpr_consent=&gpp_sid= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LZS7U90F-D-5HSJ
Request Chain 326
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=&gdpr_consent=&gpp_sid= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=9d726017-cca8-4359-9a78-959ca9a44b9a&gdpr=0&gdpr_consent=
Request Chain 327
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=&gdpr_consent=&gpp_sid= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dfmx%26bsw_param%3D2274b348-066a-4986-b3e7-e410058596e5%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=02cc4e56da5f41f9a862f20165bbd2f5&ssp=fmx&bsw_param=2274b348-066a-4986-b3e7-e410058596e5&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=2274b348-066a-4986-b3e7-e410058596e5&gdpr=&gdpr_consent=&us_privacy=
Request Chain 328
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=&gdpr_consent=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SkoxMEFCWkhDN0VMaTZqVFFTeUY0dGdp
Request Chain 338
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1723541052589-172025166255-000153-000-008120%26biddername%3D18%26key%3D%24UID HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=18&key=JJ10ABZHC7ELi6jTQSyF4tgi
Request Chain 340
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1723541052589-172025166255-000153-000-008120%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=72&pid=5e0e296628a061270b21ccab&key=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553
Request Chain 341
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1723541052589-172025166255-000153-000-008120%26biddername%3D41%26pid%3D5e0e296628a061270b21ccab%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=41&pid=5e0e296628a061270b21ccab&key=4441859691190386988537
Request Chain 353
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.post-gazette.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.post-gazette.com&ver=1.2&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=www.post-gazette.com&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=post-gazette.com&upapi=true
Request Chain 385
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent=undefined&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D142%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D764727%26a%3D754412%26extuid%3D%3Cvsid%3E HTTP 302
  • https://sync.spotim.market/csync?t=g&ep=142&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=764727&a=754412&extuid=3665426501524238000V10
Request Chain 386
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26extuid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26extuid%3D33XUSERID33X
Request Chain 388
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D764710%26a%3D743293%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=g&ep=50&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=764710&a=743293&extuid=8433293207319255994
Request Chain 391
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=OPTOUT
Request Chain 392
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D358%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D765043%26a%3D753378%26extuid%3D%5BUID%5D HTTP 302
  • https://sync.spotim.market/csync?t=g&ep=358&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=765043&a=753378&extuid=acfaa657-8df7-41ad-bb88-0da35f0f8469
Request Chain 393
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D32%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D765041%26a%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=g&ep=32&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=765041&a=297253&extuid=5740716073175427095
Request Chain 395
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D32%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D764726%26a%3D751004%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=g&ep=32&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=764726&a=751004&extuid=5740716073175427095
Request Chain 397
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D13%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D675886%26a%3D310570%26extuid%3D%24UID HTTP 307
  • https://sync.spotim.market/csync?t=g&ep=13&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=675886&a=310570&extuid=JJ10ABZHC7ELi6jTQSyF4tgi
Request Chain 398
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307558%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D765812%26a%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=307558&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=765812&a=307558&extuid=8f6d3737-bb50-4233-9df1-ec6cd7d2b3c2
Request Chain 416
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&adnxs_id=$UID&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&adnxs_id=5740716073175427095&gdpr=0
Request Chain 417
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001723541053-TX1F1HDK-6LR6&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=9d726017-cca8-4359-9a78-959ca9a44b9a&id=AU1D-0100-001723541053-TX1F1HDK-6LR6
Request Chain 418
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723541053-TX1F1HDK-6LR6 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=20AE8506-B39B-4ED3-911A-D0EB0876E76D&id=AU1D-0100-001723541053-TX1F1HDK-6LR6
Request Chain 419
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001723541053-TX1F1HDK-6LR6&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&rub=LZS7U90F-D-5HSJ&gdpr=0
Request Chain 420
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001723541053-TX1F1HDK-6LR6&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723541053-TX1F1HDK-6LR6%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dd22e5234-c6ec-4bdd-ae01-1e4d51f157c3%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001723541053-TX1F1HDK-6LR6%252526tapad_id%25253Dd22e5234-c6ec-4bdd-ae01-1e4d51f157c3%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5740716073175427095&pt=d22e5234-c6ec-4bdd-ae01-1e4d51f157c3%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001723541053-TX1F1HDK-6LR6%2526tapad_id%253Dd22e5234-c6ec-4bdd-ae01-1e4d51f157c3%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&tapad_id=d22e5234-c6ec-4bdd-ae01-1e4d51f157c3
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001723541053-TX1F1HDK-6LR6 HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&google_gid=CAESEFIRrkT9CyeT4D2upTnUpME&google_cver=1&google_ula=450542624,0
Request Chain 422
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001723541053-TX1F1HDK-6LR6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzU0MTA1My1UWDFGMUhESy02TFI2
Request Chain 424
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&uid=[UID]&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&uid=cb9aafa1-bfe6-44b6-af4a-589a78bec437&gdpr=0
Request Chain 425
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001723541053-TX1F1HDK-6LR6 HTTP 302
  • https://ids.ad.gt/api/v1/amo_match?turn_id=8933845372045468879&id=AU1D-0100-001723541053-TX1F1HDK-6LR6
Request Chain 449
  • https://id5-sync.com/i/952/8.gif?o=api&id5id=ID5*scxWFQvsw0b5-oOK2ZGpT-Y6mdeKjcccBlJmCPf-rFm6ZZKzkwsxZdkS7ECtod34&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F952%2F796%2F7%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/952/796/7/2.gif?puid=3b73fd54-5fed-4fd7-8d02-edfe7aa310c3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F952%2F108%2F6%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/952/108/6/3.gif?puid=d22e5234-c6ec-4bdd-ae01-1e4d51f157c3&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F952%2F441%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/952/441/5/4.gif?puid=u_999cd69a-554f-47ce-92ad-a944415cfd39&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAIrHE7NdkwAABeoiAE-dg&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=5740716073175427095&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F952%2F1246%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/952/1246/3/6.gif?puid=JJ10ABZHC7ELi6jTQSyF4tgi&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F952%2F203%2F2%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/952/203/2/7.gif?puid=ba61934f-3602-4d22-b069-025109161efe&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AAIrHE7NdkwAABeoiAE-dg&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F952%2F1241%2F1%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/952/1241/1/8.gif?puid=JJ10ABZHC7ELi6jTQSyF4tgi&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=20AE8506-B39B-4ED3-911A-D0EB0876E76D&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F952%2F1242%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/952/1242/0/9.gif?puid=JJ10ABZHC7ELi6jTQSyF4tgi&gdpr=0&gdpr_consent=
Request Chain 472
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5cab532785e117d2d953dbfd2cf7a8aa&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umeb851_7403706402735367483&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=null&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=9d726017-cca8-4359-9a78-959ca9a44b9a&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAIrHE7NdkwAABeoiAE-dg&dataProviderId=817&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NWNhYjUzMjc4NWUxMTdkMmQ5NTNkYmZkMmNmN2E4YWE=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBS7kBfxuKUG8p6x1WdeGbA&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/5cab532785e117d2d953dbfd2cf7a8aa?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-FgRsl8BE2oMxn3mejpzuaW9EjrwDMb798q9RN_uo~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=5740716073175427095&gdpr=&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=null&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=BrotW24q1SDNLd5&gdpr=null&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&gdpr=&gdpr_consent=&gdpr=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5091616&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=3b73fd54-5fed-4fd7-8d02-edfe7aa310c3 HTTP 302
  • https://jelly.mdhv.io/v4/pixie
Request Chain 479
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D13EA00E2650FB5B9%26sp%3D852559%26pb%3D753264%26c%3D764710%26a%3D743293%26domain%3Dhttps%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=13EA00E2650FB5B9&sp=852559&pb=753264&c=764710&a=743293&domain=https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072&extuid=8433293207319255994
Request Chain 482
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D142%26traffic_source%3Dsnippet%26session%3D13EA00E2650FB5B9%26sp%3D852559%26pb%3D753264%26c%3D764727%26a%3D754412%26domain%3Dhttps%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%26extuid%3D%3Cvsid%3E HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=13EA00E2650FB5B9&sp=852559&pb=753264&c=764727&a=754412&domain=https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072&extuid=3665426501524238000V10
Request Chain 483
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D13EA00E2650FB5B9%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%26extuid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D13EA00E2650FB5B9%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%26extuid%3D33XUSERID33X
Request Chain 485
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=2274b348-066a-4986-b3e7-e410058596e5&google_hm=MjI3NGIzNDgtMDY2YS00OTg2LWIzZTctZTQxMDA1ODU5NmU1&gdpr_consent=&gdpr= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKz-lXtYln70nVVQyu5JlQ0&google_cver=1&ssp=themediagrid&bsw_param=2274b348-066a-4986-b3e7-e410058596e5&gdpr_consent=&gdpr=
Request Chain 486
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2018808924740174545
Request Chain 488
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dif%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=if&nuid=6a8a66bb-263d-4e00-a2b4-8c6d67dd8cf9
Request Chain 489
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=zHkEbz5_WpRiKy-t28ZjNCaEdko
Request Chain 491
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bs&nuid=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&gdpr=0&gdpr_consent=
Request Chain 492
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=cb9aafa1-bfe6-44b6-af4a-589a78bec437&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=XrIgtp7oqH9V
Request Chain 493
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsonobi
Request Chain 494
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Y2I5YWFmYTEtYmZlNi00NGI2LWFmNGEtNTg5YTc4YmVjNDM3 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEHKTYt4p5Tdj-_aWjzdFaAQ&google_cver=1

505 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 202408110072
www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/ 		80 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.124.88 Pittsburgh, United States, ASN33154 (DQECOM, US),
Reverse DNS
Software
PGERSO3 /
Resource Hash
8cd4abbbc7149232464311cd835ae0d6f08e321b7cc61d32c75f7d77ff251cf0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Age
109
Connection
keep-alive
Content-Encoding
gzip
Content-Length
22913
Content-Type
text/html; charset=utf-8
Date
Tue, 13 Aug 2024 09:22:18 GMT
ETag
W/"66bb25ca-13e8d"
Last-Modified
Tue, 13 Aug 2024 09:22:18 GMT
Server
PGERSO3
Vary
Accept-Encoding
Via
1.1 varnish (Varnish/5.1)
X-Cache
HIT
X-Varnish
98935884 99760255
x-host
www.post-gazette.com
x-url
/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
vendor-pkg-v0004.css
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/css/pg/ 		68 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/css/pg/vendor-pkg-v0004.css?v=20240222
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8cd0e026511c2be4a8cf9543c2df5d4f122046519c78486ad80039bb365f4c2b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Feb 2024 22:41:00 GMT
ETag
5ff26312516fb8fb2c5d4e56e8d98f98
Vary
Accept-Encoding
Content-Type
text/css
X-Timestamp
1708641659.83465
Cache-Control
public, max-age=16639542
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
txd2a80c2e0b434c3fb718d-0065d7d8c2ord1
Content-Length
12748
Expires
Fri, 21 Feb 2025 23:29:49 GMT
pgevoke-v0040.css
814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/css/pg/ 		265 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/css/pg/pgevoke-v0040.css
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
43a588bcdebf5f7c11e13af01fd7b9ddf5b6c480254fe8fb31dbdfaeae6afebd

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Aug 2024 18:08:11 GMT
ETag
9c20d9d671340473830ab5be47ed25d0
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css
X-Timestamp
1722535690.88480
Cache-Control
public, max-age=266
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
X-Trans-Id
tx853e067af7124dcdbea52-0066bb23bdord1
Expires
Tue, 13 Aug 2024 09:28:33 GMT
load.js
s.ntv.io/serve/ 		570 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.74 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-249-74.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
108aeec86aa00a09dfaca605f722e937d64c9e51d82a64509cc3b9b9dbbf7a84

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Content-Encoding
gzip
x-amz-request-id
C740QH8Z799103XA
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
YcDnP4IvUnCgK+P0T3J3Po7rW2zNGY6FblugAOuHbVXEm20amshMF/DiRrD+LJAQQwei2yahj98=
Last-Modified
Wed, 17 Jul 2024 17:15:04 GMT
Server
AmazonS3
ETag
"2fa2284ed5b3839e70519382fdad876f"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
js
www.googletagmanager.com/gtag/ 		317 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VZTY4SK8JP
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1a3e65c49c0259dfb4c5224fb96cad7393ff5e0914a56f163c540e27272f39bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106625
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Aug 2024 09:24:08 GMT
facebook-messenger-icon-75px.png
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/images/pgmisc/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/images/pgmisc/facebook-messenger-icon-75px.png?v=20190913
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3da29b22e01610a8d52a9018fd9d5db6f182d50d98538e7513f20e0f15bc21d2

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:07 GMT
Last-Modified
Mon, 09 Sep 2019 16:24:45 GMT
ETag
3bb3c35567176dff0a5e8889352895ae
Content-Type
image/png
X-Timestamp
1568046284.09065
Cache-Control
public, max-age=14494838
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2249
X-Trans-Id
tx5c7a923ba9d54db791a80-00657595caord1
Expires
Tue, 28 Jan 2025 03:44:45 GMT
pgevoke.dependencies-v0005.js
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/pg/ 		393 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/pg/pgevoke.dependencies-v0005.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
09c6551b6e29be719fcc57c245a014b9e0449da9982823ea77dd5dd3266ffd81

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Oct 2022 15:24:12 GMT
ETag
3b2fc6e5067bf014453a1948bff398a0
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
X-Timestamp
1665156251.97131
Cache-Control
public, max-age=14735739
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
X-Trans-Id
tx53b27b2033874d39aa8c2-0065bacc28ord1
Expires
Thu, 30 Jan 2025 22:39:46 GMT
queryly.v4.js
www.queryly.com/js/ 		53 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/queryly.v4.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4731 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ed53adfa3535c45f020ac21a64dbe1de4746c6fef3cbeab00a4f640f1210567a

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
202
x-powered-by
ASP.NET
content-length
10168
last-modified
Sat, 27 Jul 2024 02:09:25 GMT
server
cloudflare
etag
"80b8c20cadfda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8u%2BtXSyE%2BjGxsfX9ndEjFyCdbVBMFPMu37uMkHtzCg33uvHjfouyBLiZQIgRl0NYMQud%2BycG5ljV%2FzeS22DaogquMPlWuQEAVa0z52J5LqFKJNT%2F1sKHp4eVOYlT0q0jCXXYJxWUiw726Lf7pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b27a67e68ae9ae0-MIA
pgutilbundle-6.0.0.9.js
www.post-gazette.com/assets/js/ 		207 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.post-gazette.com/assets/js/pgutilbundle-6.0.0.9.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.124.88 Pittsburgh, United States, ASN33154 (DQECOM, US),
Reverse DNS
Software
PGERSO3 /
Resource Hash
34f7c9de569e46fb684203fedde51051e61eca8765a61deccf1d521572a6b41a

Request headers

Referer
https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:19:16 GMT
Content-Encoding
gzip
Via
1.1 varnish (Varnish/5.1)
Age
291
X-Cache
HIT
x-url
/assets/js/pgutilbundle-6.0.0.9.js
x-host
www.post-gazette.com
Connection
keep-alive
Content-Length
69364
Pragma
public
Last-Modified
Wed, 16 Sep 2020 19:15:43 GMT
Server
PGERSO3
ETag
W/"5f62645f-33a03"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Varnish
99443170 99483630
Cache-Control
public, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
pgevoke-pkg-v0179.min.js
814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/js/pg/ 		535 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/js/pg/pgevoke-pkg-v0179.min.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a8839b848ae8270ec46fc19c989bfef10434f88e857b6781eee3146af1d61f31

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Aug 2024 18:08:12 GMT
ETag
f2d04ef65269bd8e608a1216ae22dec9
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
X-Timestamp
1722535691.71973
Cache-Control
public, max-age=159
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
X-Trans-Id
txfa2b15cb86b0406c9a4b6-0066badb6aord1
Expires
Tue, 13 Aug 2024 09:26:47 GMT
js.cookie.js
814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/js/vendor/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/js/vendor/js.cookie.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0b49b3bab11860bfb50b483bfd8c4d7725d63de8b3ed5084c6c24d0f11f075a5

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Content-Encoding
gzip
Origin
https://mycloud.rackspace.com
Last-Modified
Tue, 01 Mar 2016 15:56:46 GMT
ETag
4267ca2ad4775939b5685313e1eedd8c
Vary
Accept-Encoding
Content-Type
text/javascript
X-Timestamp
1456847805.19300
Cache-Control
public, max-age=560
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx354442f787e54edcb18b2-0066b9f2eeord1
Content-Length
1387
Expires
Tue, 13 Aug 2024 09:33:28 GMT
css
fonts.googleapis.com/ 		5 KB
971 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Martel:300,400,700,800,900
Requested by
Host: 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
URL: https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/css/pg/pgevoke-v0040.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13f9d9858a73bad5783ae3194c61824257df4e74aa0a444fcf8138e37d48efc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Aug 2024 09:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 13 Aug 2024 09:24:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Aug 2024 09:24:08 GMT
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1GQMXXDRJ7E9DHVC
age
7151
alt-svc
h3=":443"; ma=86400
x-amz-id-2
YsNNtNFi0AAxQ8bEk/+UIBGipuhkmAIlLJ3bOZzHjYE1zf1Nqa/+NLJLjZ1PLm1rSzNBFuNbdho=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GUn77lmJPzXVUdGPUcDVua8usMhUORmSRzm47uOq91ir0w4Kyv3MjMHGUtP%2BhF9Sab6dX0qgvkJ0qoA7jBkswYUe4BrsRN81kkjhLPhApjo%2BiRYpMJTyMfTjpSY3sPzkNVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
8b27a6806a18497a-MIA
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.40.157 Seattle, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
27597
x-served-by
cache-iad-kjyo7100044-IAD, cache-bfi-kbfi7400110-BFI
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
gtm.js
www.googletagmanager.com/ 		355 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P73RLR
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0a51b3d6f786f8c89035d2d9ee6859bbd7e82e061b2edabedcfd8193b33ed970
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116006
x-xss-protection
0
last-modified
Tue, 13 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Aug 2024 09:24:08 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 08:56:26 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1662
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 13 Aug 2024 10:56:26 GMT
pg-logo-800px-transparentbg.png
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/images/pgmisc/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/images/pgmisc/pg-logo-800px-transparentbg.png
Requested by
Host: 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
URL: https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/css/pg/pgevoke-v0040.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a7a6e8274ded0719c0f174b8a33ced06d6c9911bbfdf25d1d890168113043167

Request headers

Referer
https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Mon, 09 Sep 2019 16:24:51 GMT
ETag
55c2538c84a0ad561704925b877d223e
Content-Type
image/png
X-Timestamp
1568046290.86804
Cache-Control
public, max-age=14181341
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8512
X-Trans-Id
tx12298719b7b14d5c835d6-006572b555ord1
Expires
Fri, 24 Jan 2025 12:39:49 GMT
pg-icon-100px-transparentbg-charcoal.png
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/images/pgmisc/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/images/pgmisc/pg-icon-100px-transparentbg-charcoal.png
Requested by
Host: 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
URL: https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/css/pg/pgevoke-v0040.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b61e313a0c41d677cb99215e4bb42c9ff724835905a20f75fcbe4ca7f3d97546

Request headers

Referer
https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Mon, 09 Sep 2019 16:24:47 GMT
ETag
6f9bf1efe7acfe50c07ef028497276d4
Content-Type
image/png
X-Timestamp
1568046286.66345
Cache-Control
public, max-age=14735915
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1683
X-Trans-Id
txb0d4de2f6dab42389bfa0-0065bacce3ord1
Expires
Thu, 30 Jan 2025 22:42:43 GMT
proximanova-regular-webfont.woff2
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/fonts/proxima-nova/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/fonts/proxima-nova/proximanova-regular-webfont.woff2
Requested by
Host: 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
URL: https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/css/pg/pgevoke-v0040.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9411ab12b8dd65ce03ea7e1c62557fc2d1eaa1d5d1493609a14a2e29b8342918

Request headers

Referer
https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/
Origin
https://www.post-gazette.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Wed, 02 Aug 2017 14:35:59 GMT
ETag
67ff311675dbd02ddb898f02af6fddaf
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Timestamp
1501684558.06133
Cache-Control
public, max-age=14735740
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14076
X-Trans-Id
txba61822bfc224f6da8ed1-0065bacc2aord1
Expires
Thu, 30 Jan 2025 22:39:48 GMT
icomoon2024.ttf
17d6e16423fe4184bd12-27077f269a6e794fab2c2ee00760c8a9.ssl.cf2.rackcdn.com/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://17d6e16423fe4184bd12-27077f269a6e794fab2c2ee00760c8a9.ssl.cf2.rackcdn.com/icomoon2024.ttf?7zaapas
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/css/pg/vendor-pkg-v0004.css?v=20240222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ad3d91f5676b35007c460226e958e389064e2bc5de5e5f3f221226c424d0a59

Request headers

Referer
https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/
Origin
https://www.post-gazette.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Mon, 05 Feb 2024 19:26:21 GMT
ETag
6c52f849f9d20752054136e70134012a
Content-Type
font/ttf
Access-Control-Allow-Origin
*
X-Timestamp
1707161180.58615
Cache-Control
public, max-age=15006581
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27572
X-Trans-Id
txe09871a9a6374b9c853f7-0065d65e34ord1
Expires
Mon, 03 Feb 2025 01:53:49 GMT
proximanova-semibold-webfont.woff2
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/fonts/proxima-nova/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/fonts/proxima-nova/proximanova-semibold-webfont.woff2
Requested by
Host: 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
URL: https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/css/pg/pgevoke-v0040.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
67b73e30fc4ae2cdb5ee2e87bd9928b747ed8c066f0d56cc38ae1612a61915a7

Request headers

Referer
https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/
Origin
https://www.post-gazette.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Wed, 02 Aug 2017 14:36:44 GMT
ETag
a173db3743be3e63644aab4c442c169e
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Timestamp
1501684603.15133
Cache-Control
public, max-age=13213919
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13744
X-Trans-Id
tx5a169c3f155241db91cc0-0065a3939aord1
Expires
Mon, 13 Jan 2025 07:56:07 GMT
r7o3vzlr6.js
cdn.krxd.net/controltag/ 		0
0
jstag
pittpostgazette-d.openx.net/w/1.0/ 		170 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pittpostgazette-d.openx.net/w/1.0/jstag?nc=6785150-PostGazette
Requested by
Host: 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
URL: https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/js/pg/pgevoke-pkg-v0179.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7b86147e5e6d7613ed33c1d5bd8ccc02ca40ac901ece648a140f4930ce530008

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59085
expires
Tue, 13 Aug 2024 10:24:08 GMT
prebid.4.26.0.20210215.js
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/vendor/prebid/ 		241 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/vendor/prebid/prebid.4.26.0.20210215.js
Requested by
Host: 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
URL: https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/js/pg/pgevoke-pkg-v0179.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b019fedb4f22e4764013e5d6e278755e36a59c9cb7d9af69fe8dec07d769e21e

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Feb 2021 20:13:34 GMT
ETag
75cfab4218e7100ca00f97c41b85f076
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
X-Timestamp
1613420013.53311
Cache-Control
public, max-age=13213849
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
X-Trans-Id
tx524b45ae1de1499090edd-0065a3939aord1
Expires
Mon, 13 Jan 2025 07:54:57 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		319 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
URL: https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/js/pg/pgevoke-pkg-v0179.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb91d44b4b1deecc952c953de556437e2283fb4a17261ef352cc19ea65f7984b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:56:05 GMT
content-encoding
gzip
via
1.1 1fa3f854976309f3d11907ad7125291a.cloudfront.net (CloudFront), 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2024 20:54:56 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
1684
x-amz-server-side-encryption
AES256
etag
W/"bcf5fc5f6600cc22b92be3e154b2e3e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
3pV9rOMRA7_Xt6mxnG4bE_BPWdJRBwpJp2vMy7IbDmthJ87y_Pu9wg==
gpt.js
www.googletagservices.com/tag/js/ 		104 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
URL: https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/js/pg/pgevoke-pkg-v0179.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::9d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fa942a8fc4eddc7159a5244d8cda3843b59b36d18e7c2359653e94f5f27d4b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32513
x-xss-protection
0
server
cafe
etag
622 / 19948 / m202408080101 / config-hash: 10589801001151833534
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 09:24:08 GMT
/
datawrapper.dwcdn.net/r7BWU/2/ Frame 3F37 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://datawrapper.dwcdn.net/r7BWU/2/
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/pg/pgevoke.dependencies-v0005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:19f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
7202
cache-control
max-age=1
cf-cache-status
HIT
cf-ray
8b27a6816812dad5-MIA
content-encoding
br
content-type
text/html
date
Tue, 13 Aug 2024 09:24:08 GMT
last-modified
Fri, 09 Aug 2024 20:33:05 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
bwAGwuOnUVh05oXW3gJw+f+qEewNExpfll0jy6lGSvz5M3Yp0OSOS4NFqaJdHu8DTVff5WujWH4=
x-amz-request-id
JAAFGGBCS7RWA1XH
x-amz-version-id
ovD9EeaEQrs9WCkH.pmyzQI9Q0f80oaU
/
datawrapper.dwcdn.net/CNmAr/2/ Frame 1597 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://datawrapper.dwcdn.net/CNmAr/2/
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/pg/pgevoke.dependencies-v0005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:19f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
2132
cache-control
max-age=1
cf-cache-status
HIT
cf-ray
8b27a6816810dad5-MIA
content-encoding
br
content-type
text/html
date
Tue, 13 Aug 2024 09:24:08 GMT
last-modified
Fri, 09 Aug 2024 20:36:39 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
1LiVP8/w3YYx5zLQkenBo6PrdZEYT8tFl7w9QUIjVU6rQ4p3PHdaRYCadAAzPq5Tv5A9yIF8CJpIia/+4NOJ+c8XDe9cGMISbt+TdIjcqD8=
x-amz-request-id
B6M6QTZCHPD1CNW7
x-amz-version-id
1Elrj37KHH1g3y6l7VGbWaq9hF7nYYYo
ua-sdk.min.js
aswpsdkus.com/notify/v1/ 		217 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aswpsdkus.com/notify/v1/ua-sdk.min.js
Requested by
Host: 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
URL: https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/js/pg/pgevoke-pkg-v0179.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.158.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.158.160.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
febfd9ff912228d0e7d46a08eec423918d568bf479cf7eca22ff9208b88c7766

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:23:32 GMT
content-encoding
gzip
age
36
x-guploader-uploadid
AHxI1nMwiEEJPPtpIiMhhWCzC506bYtB34d_je3501zP0FsBMPhmbGV8TyKcseZIiTsGjjAd2vSS1uZpZw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40682
last-modified
Mon, 01 Jul 2024 13:09:20 GMT
server
UploadServer
etag
"5061518f6f362816c323c21019788db2"
x-goog-generation
1719839359954820
x-goog-hash
crc32c=5JC1uA==, md5=UGFRj282KBbDI8IQGXiNsg==
content-type
text/javascript
cache-control
public,max-age=300,no-transform
x-goog-stored-content-length
40682
accept-ranges
bytes
expires
Tue, 13 Aug 2024 09:28:32 GMT
butlershooter1-1723410811.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/1140x_a10-7_cTC/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/1140x_a10-7_cTC/butlershooter1-1723410811.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
79e4d691918241a2a556cd06ab7f3af4f8f17fcba8c8c9d11bc54f3a23237282

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Sun, 11 Aug 2024 21:13:38 GMT
ETag
a179d0971f6da76d38cdb2b1c54c9ceb
Content-Type
image/jpeg
X-Timestamp
1723410817.51883
Cache-Control
public, max-age=128913
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
129750
X-Trans-Id
txf2afdf0d5b2841ffa88b1-0066b92982ord1
Expires
Wed, 14 Aug 2024 21:12:41 GMT
pg-footer-skyline.png
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/images/pgthemes/evoke/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/images/pgthemes/evoke/pg-footer-skyline.png
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1fb6ae105245e7e057457293c5a1ddebcdb4106fac2845504ca12f14f075f017

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Wed, 23 May 2018 21:20:18 GMT
ETag
ba9654f60f2ef19a5b5609531c0b99c1
Content-Type
image/png
X-Timestamp
1527110417.09144
Cache-Control
public, max-age=13424358
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4427
X-Trans-Id
tx30adcafff9434544b6294-0065a6c9a8ord1
Expires
Wed, 15 Jan 2025 18:23:26 GMT
apple-touch-icon.png
www.post-gazette.com/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.post-gazette.com/apple-touch-icon.png
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.124.88 Pittsburgh, United States, ASN33154 (DQECOM, US),
Reverse DNS
Software
PGERSO3 /
Resource Hash
7fc93a50358a0b0dcd4eb255f276cb9970df4af8971aa6b9af67fede18d07747

Request headers

Referer
https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 19:33:19 GMT
Via
1.1 varnish (Varnish/5.1)
Age
29425848
X-Cache
HIT
x-url
/apple-touch-icon.png
x-host
www.post-gazette.com
Connection
keep-alive
Content-Length
9384
Pragma
public
Last-Modified
Wed, 22 May 2019 20:04:28 GMT
Server
PGERSO3
ETag
"5ce5ab4c-24a8"
Content-Type
image/png
X-Varnish
99171344 196647
Cache-Control
public, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
spinner2.gif
814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/ads/spinners/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/ads/spinners/spinner2.gif
Requested by
Host: 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
URL: https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/css/pg/pgevoke-v0040.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f1a7b71120f52c4c07478cd717b6ecb3ac9c6a38851b84d60b35fc17809be78d

Request headers

Referer
https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/css/pg/pgevoke-v0040.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Fri, 03 Feb 2017 21:38:41 GMT
ETag
5268b1ff0d16be90bf95d6d73012c43c
Content-Type
image/gif
X-Timestamp
1486157920.60994
Cache-Control
public, max-age=819
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx8b6f0ccf83b14f889f856-0066bb1f7ford1
Content-Length
1269
Expires
Tue, 13 Aug 2024 09:37:47 GMT
PN_yRfK9oXHga0XV5e8qghzW.woff2
fonts.gstatic.com/s/martel/v11/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v11/PN_yRfK9oXHga0XV5e8qghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:300,400,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8dea9bb1169a9455240a9e7aa6f1f7dd922c7160010eb6f2269acbf4acd5ab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.post-gazette.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 01:46:15 GMT
x-content-type-options
nosniff
age
459473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18820
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 18:31:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Aug 2025 01:46:15 GMT
proximanova-bold-webfont.woff2
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/fonts/proxima-nova/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/fonts/proxima-nova/proximanova-bold-webfont.woff2
Requested by
Host: 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
URL: https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/css/pg/pgevoke-v0040.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4fd8d089c70d641815be47399cba8cd300e848be040b0f5f05c988d8242256e4

Request headers

Referer
https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/
Origin
https://www.post-gazette.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Thu, 03 Aug 2017 20:56:48 GMT
ETag
cd15556684efb96116d4e14ce726dcc8
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Timestamp
1501793807.67230
Cache-Control
public, max-age=14266603
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14048
X-Trans-Id
tx7f747dad911040f4ac702-00657bbe60ord1
Expires
Sat, 25 Jan 2025 12:20:51 GMT
icomoon-custom.ttf
17d6e16423fe4184bd12-27077f269a6e794fab2c2ee00760c8a9.ssl.cf2.rackcdn.com/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://17d6e16423fe4184bd12-27077f269a6e794fab2c2ee00760c8a9.ssl.cf2.rackcdn.com/icomoon-custom.ttf?npcczq
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/css/pg/vendor-pkg-v0004.css?v=20240222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
692a71adc08aff8979931b1d55d37df3de5278cf50193de9c293acca77a1295b

Request headers

Referer
https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/
Origin
https://www.post-gazette.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Wed, 05 Oct 2016 18:46:35 GMT
ETag
0294d5de63b45c8bc82aa1cfef2df593
Content-Type
application/font-sfnt
Access-Control-Allow-Origin
*
X-Timestamp
1475693194.66340
Cache-Control
public, max-age=13199698
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1532
X-Trans-Id
tx8e091adbaa8942468d198-0065bacbd2ord1
Expires
Mon, 13 Jan 2025 03:59:06 GMT
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=0Jrto77Ppu
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fe5cf3ef4b0faed679fdd770fc0969dee050f2725b19389b38f2f0b728ec2c1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
date
Tue, 13 Aug 2024 09:24:08 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 13 Aug 2024 08:57:29 GMT
server
cloudflare
age
1599
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
8b27a6823a6d8db8-MIA
alt-svc
h3=":443"; ma=86400
x-request-id
9gi9bu0fc2
expires
Tue, 13 Aug 2024 09:54:08 GMT
/
api2.post-gazette.com/story/2/universal/ 		210 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.post-gazette.com/story/2/universal/
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/pg/pgevoke.dependencies-v0005.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.124.87 Pittsburgh, United States, ASN33154 (DQECOM, US),
Reverse DNS
Software
PGERSO3 /
Resource Hash
6785f39cb0399f6e84c3869dd1f8ef43ca0d16e3a3df2ed81b9043315bc60f9c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Content-Encoding
gzip
Via
1.1 varnish (Varnish/5.1)
Age
0
Transfer-Encoding
chunked
X-Cache
MISS
x-url
/story/2/universal/
x-host
api2.post-gazette.com
Connection
keep-alive
Last-Modified
Tue, 13 Aug 2024 09:24:02 GMT
Server
PGERSO3
Access-Control-Max-Age
10
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin
*
Content-Type
application/json
Cache-Control
public
X-Varnish
99155502
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-pg-sessionid, x-pg-userid, content-type, accept, last-modified
cs
sync.rtk.io/ Frame 21F0 		0
0
whitecloseicon.png
www.queryly.com/images/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.queryly.com/images/whitecloseicon.png
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4731 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 15:55:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1323
etag
"4c9d5a55c95da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bTC%2Bc19hRknMkZGl2cVGLRjXbztKyF%2Bry8Gy15lT82U0psyTpGW5dhU8D3p0SyiVtiw1ixMktgNGtSUbAzPpWUJxe0BaSUEvVVixiIJmi3%2BfbpENoZ7DteK0oagaS0yPVr4Zr0fWaHRxmoj8Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b27a68129d19ae0-MIA
content-length
816
/
www.civicscience.com/widget/jspoll/ 		818 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/widget/jspoll/?elt=pgevoke-story-0-csinlinepoll&tgtid=531e67d2-7a68-f2a4-b57f-9a0c5207ab27&_=1723541048305
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/pg/pgevoke.dependencies-v0005.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.159.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-159-194.compute-1.amazonaws.com
Software
Apache/2.4.61 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
52bdfce2ed01329796c0cf1be117c8942eb578abbb221bc0f4b5f796f152b0fc

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
content-encoding
gzip
server
Apache/2.4.61 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
sp_wfO5dOu8
launcher.spot.im/spot/ 		96 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/pg/pgevoke.dependencies-v0005.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-5.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
558c89a27cb258d9de98f7715aa9c3bdaa78d345a5fe3793b7a6aa75fbbe5fa7

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
oN9sdIvmrMDEVBApX5Hc5DE_Ju9DdbNf
content-encoding
br
via
1.1 39947baba82573c8d139cba81c505476.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 09:24:08 GMT
x-amz-cf-pop
JFK50-P8
age
51
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24562
last-modified
Fri, 09 Aug 2024 14:40:14 GMT
server
AmazonS3
etag
"66f1f962494e57b1e137e601a9af8156"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
Kjcak380ynazSKYSHyRl33eWWk7oKcc-8_sVz2HAImGya8OcZN-rgQ==
messages-count
open-api.spot.im/v1/ 		71 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://open-api.spot.im/v1/messages-count?spot_id=sp_wfO5dOu8&posts_ids=article_202408110072
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/pg/pgevoke.dependencies-v0005.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.111.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-111-103.compute-1.amazonaws.com
Software
/
Resource Hash
491ce1be0179447a6141cd980525acc25efe2124cd42105bd8b2b3d85b720432
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
x-content-type-options
nosniff
access-control-max-age
86400
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
access-control-expose-headers
x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid
access-control-allow-credentials
true
x-spotim-bid
x-spotim-rid
access-control-allow-headers
x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid, Content-Type
content-length
71
x-spotim-vid
/
api2.post-gazette.com/feeds/1/news/all/-pubdate,priority,-contentmodified/50/21/ 		203 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.post-gazette.com/feeds/1/news/all/-pubdate,priority,-contentmodified/50/21/
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/pg/pgevoke.dependencies-v0005.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.124.87 Pittsburgh, United States, ASN33154 (DQECOM, US),
Reverse DNS
Software
PGERSO3 /
Resource Hash
06dd1393b4c347bcb6ed5207cec21426172bc354e3a72ca86f5335c4da197431

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Content-Encoding
gzip
Via
1.1 varnish (Varnish/5.1)
Age
0
Transfer-Encoding
chunked
X-Cache
MISS
x-url
/feeds/1/news/all/-pubdate,priority,-contentmodified/50/21/
x-host
api2.post-gazette.com
Connection
keep-alive
Server
PGERSO3
Access-Control-Max-Age
10
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin
*
Content-Type
application/json
Cache-Control
public
X-Varnish
99443218
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-pg-sessionid, x-pg-userid, content-type, accept, last-modified
/
api2.post-gazette.com/top/1/mostTrending/articleTest/ 		1 KB
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.post-gazette.com/top/1/mostTrending/articleTest/
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/pg/pgevoke.dependencies-v0005.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.124.87 Pittsburgh, United States, ASN33154 (DQECOM, US),
Reverse DNS
Software
PGERSO3 /
Resource Hash
f815005c7deb615a25062c41e4de5e83bb22a011f242b6e1085eca32e6c06013

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:06 GMT
Content-Encoding
gzip
Via
1.1 varnish (Varnish/5.1)
Age
2
X-Cache
HIT
x-url
/top/1/mostTrending/articleTest/
x-host
api2.post-gazette.com
Connection
keep-alive
Content-Length
327
Server
PGERSO3
Access-Control-Max-Age
10
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin
*
Content-Type
application/json
Cache-Control
public
X-Varnish
100144135 99782067
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-pg-sessionid, x-pg-userid, content-type, accept, last-modified
pg-logo-100px-green-byline.png
www.post-gazette.com/assets-1y/images/misc/ 		546 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.post-gazette.com/assets-1y/images/misc/pg-logo-100px-green-byline.png
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.124.88 Pittsburgh, United States, ASN33154 (DQECOM, US),
Reverse DNS
Software
PGERSO3 /
Resource Hash
646f66b5563801fcabcbb902770beff9af51e2b6cf742c429c1e496f55c8b5b1

Request headers

Referer
https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 19:33:25 GMT
Via
1.1 varnish (Varnish/5.1)
Age
29425843
X-Cache
HIT
x-url
/assets-1y/images/misc/pg-logo-100px-green-byline.png
x-host
www.post-gazette.com
Connection
keep-alive
Content-Length
546
Last-Modified
Wed, 11 Sep 2019 18:26:46 GMT
Server
PGERSO3
ETag
"5d793c66-222"
Content-Type
image/png
X-Varnish
99443208 196720
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Expires
Fri, 06 Sep 2024 19:33:25 GMT
20240714AFRNCTuesday-32-1723519067.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/300x_a1-1_cTC/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/300x_a1-1_cTC/20240714AFRNCTuesday-32-1723519067.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
268ab5c475d1d25ec854f444b4e03ef8940354b20781d36fdc971451ab15f79d

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Tue, 13 Aug 2024 03:17:58 GMT
ETag
fd680f3d3a07a8535545e6a7a02aa3fe
Content-Type
image/jpeg
X-Timestamp
1723519077.49286
Cache-Control
public, max-age=237172
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14832
X-Trans-Id
tx3e12f33efd384b7584879-0066bad067ord1
Expires
Fri, 16 Aug 2024 03:17:00 GMT
Election-2024-Trump-150-1723487128.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/300x_a1-1_cTC/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/300x_a1-1_cTC/Election-2024-Trump-150-1723487128.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
736c49e35b78620c056fc87abba205e5d48303aaef09f2509c04af57ac28f341

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Mon, 12 Aug 2024 18:25:45 GMT
ETag
42169f4c9d0a2001fad1d59c000158be
Content-Type
image/jpeg
X-Timestamp
1723487144.47288
Cache-Control
public, max-age=205313
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26230
X-Trans-Id
tx2543848f91cd4572a36bb-0066ba53a9ord1
Expires
Thu, 15 Aug 2024 18:26:01 GMT
steubenvillexx-1723257073.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/300x_a1-1_cTC/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/300x_a1-1_cTC/steubenvillexx-1723257073.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec89efd59abbcb1ce9e5178ba249cbc35311bb3a6025ff79037806b8dc8d2fb4

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Sat, 10 Aug 2024 02:31:27 GMT
ETag
32d0d136e1db200d794dd5ebfeb194b1
Content-Type
image/jpeg
X-Timestamp
1723257086.23136
Cache-Control
public, max-age=87133
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19618
X-Trans-Id
tx7cfaba4119334001b7cbb-0066b6d0fford1
Expires
Wed, 14 Aug 2024 09:36:21 GMT
BUTLER0808-4-1723157384.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/300x_a1-1_cTC/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/300x_a1-1_cTC/BUTLER0808-4-1723157384.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2e87b7a564229397c7dacff189c89ef7278417d4e5ca18b955b15858cd0ca851

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Thu, 08 Aug 2024 22:49:56 GMT
ETag
c5116db090d9597f04f93af8bec1b295
Content-Type
image/jpeg
X-Timestamp
1723157395.15023
Cache-Control
public, max-age=95065
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22234
X-Trans-Id
txf08e9c73548245a9a6f14-0066b54bd1ord1
Expires
Wed, 14 Aug 2024 11:48:33 GMT
Election-2024-Trump-1-48-1722696207.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/300x_a1-1_cTC/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/300x_a1-1_cTC/Election-2024-Trump-1-48-1722696207.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c4a718c125681d1e040a6a7760e26fa960c29ec7ae6a0f7fe367cba26c7ad05d

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Sat, 03 Aug 2024 14:43:41 GMT
ETag
73db66fe8ec7c2c2c636d040f1d22ce4
Content-Type
image/jpeg
X-Timestamp
1722696220.16749
Cache-Control
public, max-age=115211
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30065
X-Trans-Id
tx67b1e334842b4ccd90553-0066ae421dord1
Expires
Wed, 14 Aug 2024 17:24:19 GMT
20240714TrumpShooter-9-1721342968.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/300x_a1-1_cTC/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/300x_a1-1_cTC/20240714TrumpShooter-9-1721342968.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a1484bd319628b37710d7135f4fe63282425fd5fbe4da232d59267b42ad00040

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:08 GMT
Last-Modified
Thu, 18 Jul 2024 22:49:38 GMT
ETag
c047d689ce7538eea1ba53b648fcea1c
Content-Type
image/jpeg
X-Timestamp
1721342977.86310
Cache-Control
public, max-age=35475
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21700
X-Trans-Id
txc90339492f9b4c0893b34-0066999c03ord1
Expires
Tue, 13 Aug 2024 19:15:23 GMT
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 5435 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.post-gazette.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.40.157 Seattle, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 09:24:08 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kjyo7100176-IAD, cache-bfi-kbfi7400080-BFI
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/ 		474 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 11:56:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
77263
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151130
x-xss-protection
0
server
cafe
etag
11205447520193479331
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 12 Aug 2025 11:56:25 GMT
acj
pittpostgazette-d.openx.net/w/1.0/
Redirect Chain
  • https://pittpostgazette-d.openx.net/w/1.0/acj?ai=27d3368f-9aff-4b19-b4cc-05fde3c70801&o=288dc36383d55e&ju=https%3A//www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rall...
  • https://pittpostgazette-d.openx.net/w/1.0/acj?cc=1&ai=27d3368f-9aff-4b19-b4cc-05fde3c70801&o=288dc36383d55e&ju=https%3A//www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump...
541 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pittpostgazette-d.openx.net/w/1.0/acj?cc=1&ai=27d3368f-9aff-4b19-b4cc-05fde3c70801&o=288dc36383d55e&ju=https%3A//www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072&jr=&be=1&prf=1&auid=538288143&aus=728x90%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&bc=hb_2prf&bt=2500&res=1600x1200x24&plg=wmp%2Cpm&ch=UTF-8&tz=600&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e&ba=1723541049&sd=1
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a126a6e4c86fa17de7f7b9b86f9760c26b5e8e3454d08160a20e9de4d81a8667

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:08 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.post-gazette.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
318
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 13 Aug 2024 09:24:08 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://pittpostgazette-d.openx.net/w/1.0/acj?cc=1&ai=27d3368f-9aff-4b19-b4cc-05fde3c70801&o=288dc36383d55e&ju=https%3A//www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072&jr=&be=1&prf=1&auid=538288143&aus=728x90%2C300x250%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&bc=hb_2prf&bt=2500&res=1600x1200x24&plg=wmp%2Cpm&ch=UTF-8&tz=600&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e&ba=1723541049&sd=1
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
www.google-analytics.com/j/ 		15 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=27944109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&dp=%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%2F&ul=en-us&de=UTF-8&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABAAAAACAAI~&jid=356275575&gjid=1458554&cid=1582922576.1723541049&tid=UA-15716261-5&_gid=155317400.1723541049&_slc=1&gtm=45He4880n71P73RLRv6300809za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=681606228
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
12d1007d1592034801478677813f28a6135aaae5a1dc913d99137d59e486124c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-15716261-5&cid=1582922576.1723541049&jid=356275575&gjid=1458554&_gid=155317400.1723541049&_u=aGDAgEABAAAAAGAAI~&z=1646692845
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Aug 2024 09:24:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=27944109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ul=en-us&de=UTF-8&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABAAAAAGAAI~&jid=999129655&gjid=1788925626&cid=1582922576.1723541049&tid=UA-46728690-3&_gid=155317400.1723541049&_slc=1&gtm=45He4880n71P73RLRv6300809za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1107549889
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
202a795ca602743858b55222bf35e1a3ec1c453b394cfaa890c53229fbdb488f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-46728690-3&cid=1582922576.1723541049&jid=999129655&gjid=1788925626&_gid=155317400.1723541049&_u=aGDAgEABAAAAAGAAI~&z=1331407932
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Aug 2024 09:24:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=27944109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&dp=%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%2F&ul=en-us&de=UTF-8&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABAAAAAGAAI~&jid=866613010&gjid=433985025&cid=1582922576.1723541049&tid=UA-15716261-37&_gid=155317400.1723541049&_slc=1&gtm=45He4880n71P73RLRv6300809za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=32900306
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
d15c85b22aab703df87858d06f060cf50c9b392ba596babfb88f4e7a9a9d9b39
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-15716261-37&cid=1582922576.1723541049&jid=866613010&gjid=433985025&_gid=155317400.1723541049&_u=aGDAgEABAAAAAGAAI~&z=1183203801
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Aug 2024 09:24:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ 		262 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-830194943&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P73RLR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f3d0bb69c14db164b055a09295a44b9b6aeee425003488593ee4e6ae6a5bcf07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92819
x-xss-protection
0
last-modified
Tue, 13 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Aug 2024 09:24:08 GMT
collect
www.google-analytics.com/j/ 		15 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=27944109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ul=en-us&de=UTF-8&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABAAAAAGAAI~&jid=1512009134&gjid=177667639&cid=1582922576.1723541049&tid=UA-15716261-29&_gid=155317400.1723541049&_r=1&_slc=1&z=1477988560
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b50dddee9ac1839818efe837d84a3210009d6ff043d73ee8cf209edb561a7de2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
date
Mon, 12 Aug 2024 11:02:51 GMT
x-amz-cf-pop
JFK50-P3
age
80479
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Origin,accept-encoding
x-amz-cf-id
FXBbfnA54aMKaryy22rMilWc3YKLvJPRa3hlGMKKNSO8AetBfs32Sg==
tinypass.min.js
cdn.tinypass.com/api/ 		405 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=0Jrto77Ppu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7aaa67c0b5e9510e792baae44891ed6df49e38e04449ad08394056789749e60
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
x-amz-version-id
KLsaM2k55Tye8K36zzaXx24RUE_EsLuG
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
CGZ25TW9YG17H9N7
age
8861
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-amz-id-2
NNZle3SzfRUaSfxL31Ja2vU0XpJKEVfzNbP1Vwa4tpPwn0Eli+noTAAjHIqiTJWot55tnbw9cnc=
last-modified
Thu, 08 Aug 2024 06:37:52 GMT
server
cloudflare
etag
W/"3024383f8995e998fee453dad3bb5a19"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
8b27a684194cb3cd-MIA
expires
Tue, 13 Aug 2024 13:24:08 GMT
topics.html
postrelease.com/iframes/ Frame F4A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://postrelease.com/iframes/topics.html
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.224.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-224-135.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
582
content-type
text/html
date
Tue, 13 Aug 2024 09:24:09 GMT
etag
"ec22fdd2cd0ccf11c7761864efa96c06"
last-modified
Fri, 15 Mar 2024 21:34:47 GMT
server
AmazonS3
x-amz-id-2
60h/Gn9GPHeMFVBjk5tEI0FGaM8cbuTrj3uWBk31iKfV9Fsnx6ggqgwKi9mV1kK6/J1hdPdyL3c=
x-amz-request-id
GX77VXNR1NJ7CSY6
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		300 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LH0XLL8C5N&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
7b569290431226feb6f786c85a1a2b6a8a5b6ffe26495220294dad09d455f65e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101009
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Aug 2024 09:24:08 GMT
js
www.googletagmanager.com/gtag/ 		262 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6C45WCK4K&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d5b1dfbc214ce0ba38703301e3221ee425faf0bed1af426a73a5f093ae1cc1a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94516
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Aug 2024 09:24:08 GMT
js
www.googletagmanager.com/gtag/ 		262 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1W1CPF4CTB&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c0bf6a6e90acac036b43c140df493b5bf2895abe384fe0d74785d2a98997d31a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94321
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Aug 2024 09:24:08 GMT
js
www.googletagmanager.com/gtag/ 		262 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GXQ6MXWREN&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6906fd2e391672861423e774fda56680b843ee5b340538b7d4aea30a9b59d592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94399
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Aug 2024 09:24:08 GMT
events
direct-events-collector.spot.im/api/v2/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.57.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-57-62.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 13 Aug 2024 09:24:09 GMT
450-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/450-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/876F) /
Resource Hash
19256d0c7f647ac7dfd1e4cd57e90fa207bc3b53b2240584735fe5ea008ef130

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
content-encoding
br
x-amz-version-id
1ubOiP9_WQsYuL56OXrGpeW9tIqFJhI6
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3341
x-amz-request-id
SXM41GCG8WDQQWNV
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
14885
x-amz-id-2
R22C4MUXpiPZM2rRp3vzNNSimpw1J+/EGyUo0WsgI0MwwonSUxS5q8jGybagcqApARg7Dg/dQgg=
last-modified
Thu, 25 Jul 2024 10:37:53 GMT
server
ECAcc (mid/876F)
x-ioriver
Edgio
etag
"2c81239fc5eb54fe2072753e86acca03"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;35:3;
cache-control
max-age=31536000
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
137-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/ 		152 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/137-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8788) /
Resource Hash
dd16d1f33373ad008d0e5897e7185fd176fc36bc2505b28e853c2c1d5900f84b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
content-encoding
br
x-amz-version-id
6ogLXhAsk35Go8k1KS0fIbkz7sEGuOD7
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3341
x-amz-request-id
SXM8PV2KJCXQVKNG
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
40648
x-amz-id-2
Q9Sq0qS5o63NPwDZnuYVpz+73LiHNsr7PDSFeIE/fc2jkjRvk5uJfSGiNNUeAmvbFBPLFinuYhM=
last-modified
Thu, 25 Jul 2024 10:37:53 GMT
server
ECAcc (mid/8788)
x-ioriver
Edgio
etag
"c9af9a8bd06d376f949c236317a88800"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;35:3;
cache-control
max-age=31536000
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
63-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/63-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/872E) /
Resource Hash
8422d6185eb88db7e74dbe210cf91d91a8444d8bc583e43682b029efef0aaf17

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
content-encoding
br
x-amz-version-id
EFhiJFHjnLlVWINEh0pL4.GjrnJvV8bp
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3341
x-amz-request-id
SXM57HEFF5REPPTW
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
3058
x-amz-id-2
IPdpxTaSvHy3r1WaFRVQPJCKgm6AvDCgbJqqwfuSXysPiliKkvWsNY+IdgDHEhRtITGR1j+7o2rSbEPH8C3+XN5aqJuPgMScc18SMEErPEc=
last-modified
Thu, 25 Jul 2024 10:37:53 GMT
server
ECAcc (mid/872E)
x-ioriver
Edgio
etag
"84a0872661b962c2f415b18744e61cd5"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;35:3;
cache-control
max-age=31536000
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
initial-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/initial-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8775) /
Resource Hash
eafd73bf2e1ff78c1a441307c1ea2f1180b5b078bdeb924a5096e1a66fe87255

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
content-encoding
br
x-amz-version-id
_tA4_8ycfMHwv.KwiKTNUn8MpjxbVOgg
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3341
x-amz-request-id
SXM9AM20HG0GRHMB
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
9401
x-amz-id-2
Wljr6UNd9MCOh5F9e0iLAA1fANG6VhUVEx525+TfyVYOvvhjEFV0vXmkNy3mqRto45n1tDoNSUg=
last-modified
Thu, 25 Jul 2024 10:37:53 GMT
server
ECAcc (mid/8775)
x-ioriver
Edgio
etag
"f0b38b83ff58075cabb418451f0854a8"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;35:3;
cache-control
max-age=31536000
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-32.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 17:35:24 GMT
via
1.1 b005949014b117aed39cd14f2e31cfb8.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
56926
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/html
accept-ranges
bytes
content-length
0
x-amz-cf-id
w6BWFSsnU-0NLO_gP9tTez5qKuEvNgTuzthxNRruNSHDrawOHM9-YA==
ads.js
static-cdn.spot.im/production/ads/tags/v22.18.0/ads/ 		260 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.18.0/ads/ads.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8798) /
Resource Hash
53ee4326c2618ae7f618b7f5221eba6ad6b4ed1480e83566bdfd4446ac297062

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
content-encoding
br
x-amz-version-id
DpbnJx0jz03EsoYydFN8Pt4d0bfHnQZu
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
71876
x-amz-request-id
JN0K1Y8X4QQ6M0M7
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
84091
x-amz-id-2
XWNQ9Fcm1ZW38gUUNg1VV3t1pp5i4z+2IMzk1TaJ0vc0s2hiNjDlAZva4eTR+CKIjK8WZZuykXc=
last-modified
Fri, 19 Jul 2024 12:11:00 GMT
server
ECAcc (mid/8798)
x-ioriver
Edgio
etag
"393602ef73256bd7730923b3f54e7ad5+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/830194943/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830194943/?random=1723541048987&cv=11&fst=1723541048987&bg=ffffff&guid=ON&async=1&gtm=45be4880z86300809za201zb6300809&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&hn=www.googleadservices.com&frm=0&tiba=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-830194943&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
a6b248954ce016dce0c12d57ae896b35b3b87f8a55b641f493a9df88d688897d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1456
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
proximanova-medium-webfont.woff2
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/fonts/proxima-nova/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/fonts/proxima-nova/proximanova-medium-webfont.woff2
Requested by
Host: 814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
URL: https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/css/pg/pgevoke-v0040.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d1a66e9592e4a4ce8933cedb62ef88280467d7d536f54dc70c6eec14a82ceab2

Request headers

Referer
https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/
Origin
https://www.post-gazette.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Last-Modified
Wed, 02 Aug 2017 14:35:26 GMT
ETag
8fb85c57fa71372a8f429efbfdb7ea9e
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Timestamp
1501684525.92690
Cache-Control
public, max-age=13213901
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14160
X-Trans-Id
tx64e72014b9ba40cf9d24c-0065a3939bord1
Expires
Mon, 13 Jan 2025 07:55:50 GMT
fontawesome-webfont.woff2
814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/css/font-awesome/v4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com/css/font-awesome/v4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/css/pg/vendor-pkg-v0004.css?v=20240222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/
Origin
https://www.post-gazette.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Unused62
8096267
Date
Tue, 13 Aug 2024 09:24:09 GMT
Origin
https://mycloud.rackspace.com
Last-Modified
Wed, 30 Aug 2017 19:55:09 GMT
X-Check-Cacheable
YES
ETag
db812d8a70a4e88e888744c1c9a27e89
Content-Type
application/x-www-form-urlencoded;charset=utf-8
Access-Control-Allow-Origin
*
X-Timestamp
1504122908.35952
Cache-Control
public, max-age=338
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx8bb03fb7c5f04419a8370-0066747965ord1
Content-Length
66624
Expires
Tue, 13 Aug 2024 09:29:47 GMT
Pirates-Padres-Baseball-2-7-1723522395.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/600x_a4-3_cTC/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/600x_a4-3_cTC/Pirates-Padres-Baseball-2-7-1723522395.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
23cc5517f6d75f2966154c3289b36b4f274000f14865a13210ca149e57831d67

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Last-Modified
Tue, 13 Aug 2024 04:13:30 GMT
ETag
aac9b058d967ab35ec93c64c62f9b731
Content-Type
image/jpeg
X-Timestamp
1723522409.97424
Cache-Control
public, max-age=240572
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47430
X-Trans-Id
tx18c98dc1c178491f8a6bc-0066badd6cord1
Expires
Fri, 16 Aug 2024 04:13:41 GMT
20240714AFRNCTuesday-32-1723519067.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/600x_a4-3_cTC/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/600x_a4-3_cTC/20240714AFRNCTuesday-32-1723519067.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c76563c8f20b1649481eeebd0fb59cf154766479d79e15c91dfd105422517740

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Last-Modified
Tue, 13 Aug 2024 03:17:54 GMT
ETag
c09a35d16b4f149eb0b1aba2736d66ea
Content-Type
image/jpeg
X-Timestamp
1723519073.94234
Cache-Control
public, max-age=237146
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34075
X-Trans-Id
tx844a6a2e0f074150afdcd-0066bad065ord1
Expires
Fri, 16 Aug 2024 03:16:35 GMT
20101107bwTrialLocal03-2-1723487103.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/600x_a4-3_cTC/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/600x_a4-3_cTC/20101107bwTrialLocal03-2-1723487103.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d3760200b322482004066d5c2b17f39d790c65cecb5d6b66e38f93a546c47010

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Last-Modified
Mon, 12 Aug 2024 18:25:11 GMT
ETag
623b93cd45ee405f0efbeb6178669532
Content-Type
image/jpeg
X-Timestamp
1723487110.40779
Cache-Control
public, max-age=205277
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27035
X-Trans-Id
txcb30239b134c471786095-0066ba5387ord1
Expires
Thu, 15 Aug 2024 18:25:26 GMT
AP24212533223117-1-1723243338.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/600x_a4-3_cTC/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/600x_a4-3_cTC/AP24212533223117-1-1723243338.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9fba020af4befd1f36fc4f9689fd3cd2c2d1528a922ba2f08710e50a6b9817c7

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Last-Modified
Fri, 09 Aug 2024 22:42:27 GMT
ETag
07b96fe0dd2a6631718df856369d2301
Content-Type
image/jpeg
X-Timestamp
1723243346.73118
Cache-Control
public, max-age=173387
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50233
X-Trans-Id
tx3536167447e94e578a1f5-0066b9d74dord1
Expires
Thu, 15 Aug 2024 09:33:56 GMT
MegaCat0813-3-1723484307.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/600x_a4-3_cTC/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/600x_a4-3_cTC/MegaCat0813-3-1723484307.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6ee91d845ec40ad7dc93b7463cac7bb9f4aaa8c3753d66ab95a985da985a0ef2

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Last-Modified
Mon, 12 Aug 2024 17:38:31 GMT
ETag
248e34b50ce1aee814ec831726e0a664
Content-Type
image/jpeg
X-Timestamp
1723484310.75975
Cache-Control
public, max-age=202469
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35089
X-Trans-Id
tx6a71944e8b9f4ca28b810-0066ba4898ord1
Expires
Thu, 15 Aug 2024 17:38:38 GMT
20240805emboards01-1723053637.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/600x_a4-3_cTC/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/600x_a4-3_cTC/20240805emboards01-1723053637.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
321048899d0a34319fab807ba4a125e36121f992725af98d2892cb85c9b63e96

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Last-Modified
Wed, 07 Aug 2024 18:00:51 GMT
ETag
c0e5de73b19b1a54df4b0106ea4358e8
Content-Type
image/jpeg
X-Timestamp
1723053650.54919
Cache-Control
public, max-age=173494
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx8a7a2a8d75004f84be826-0066b9d768ord1
Content-Length
74184
Expires
Thu, 15 Aug 2024 09:35:43 GMT
20190208dsSeibertMcKnightLocal03-2-1723517458.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/600x_a4-3_cTC/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/600x_a4-3_cTC/20190208dsSeibertMcKnightLocal03-2-1723517458.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f3f12ea3eb5ece4d897feacf70526f8e2dc2894dbea47fb4237e8efe3346ede9

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Last-Modified
Tue, 13 Aug 2024 02:51:05 GMT
ETag
62d5b22ab8adc4fd54673627f18b3ec3
Content-Type
image/jpeg
X-Timestamp
1723517464.84408
Cache-Control
public, max-age=235624
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63103
X-Trans-Id
txa04ffe60e6274404952a1-0066baca1aord1
Expires
Fri, 16 Aug 2024 02:51:13 GMT
pd
us-u.openx.net/w/1.0/ Frame 4532 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e&gdpr=0&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e
Requested by
Host: pittpostgazette-d.openx.net
URL: https://pittpostgazette-d.openx.net/w/1.0/jstag?nc=6785150-PostGazette
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
729
content-type
text/html
date
Tue, 13 Aug 2024 09:24:09 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
csw-polyfills.js
d2zqfs55y95cft.cloudfront.net/jspoll/5/
Redirect Chain
  • https://www.civicscience.com/jspoll/5/csw-polyfills.js
  • https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
126 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
2600:9000:2073:d600:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77372a5ab6c3a6655fcd320a0666e3772f3db6fa1b42cd08345cfc34467d4ab2

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 07:19:36 GMT
content-encoding
gzip
via
1.1 4a21175361a1e842a337986b5f7399aa.cloudfront.net (CloudFront)
last-modified
Thu, 01 Aug 2024 20:16:54 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
7474
etag
W/"e39bee44184ab551d5f5978f5a330c41"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
AZQh-1fNoScjHyeorxL52rhPjwz6NIoiuLfANBOqY1r8iOgrNv5P-w==

Redirect headers

location
https://d2zqfs55y95cft.cloudfront.net:443/jspoll/5/csw-polyfills.js
date
Tue, 13 Aug 2024 09:24:09 GMT
server
awselb/2.0
content-length
110
content-type
text/html
c0985684-5ce7-488c-b275-348d02c8d34e
config.aps.amazon-adsystem.com/configs/ 		563 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/c0985684-5ce7-488c-b275-348d02c8d34e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-56.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
793cf312ca8b2b5fb9b55bcb3d4e6739371370b46ca47849023895768cec1c12

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:46:43 GMT
via
1.1 313dd6f62ed18c58ce60182660a6ec46.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P3
age
2246
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
rR-rMtSMUSoOVmrMlmFPrRfws8bkXAF4P7oKMsDuvKcjaRd4Kdbj4g==
config
c.amazon-adsystem.com/cdn/prod/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.post-gazette.com&pubid=c0985684-5ce7-488c-b275-348d02c8d34e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:09:24 GMT
via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
4485
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.post-gazette.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
kEvT09x0-A8BfTkXaPxIYY1t8Qioao-IuGjwZope-xlrJMahhd2nXQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		221 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&pid=t5p3y8cDBmtWu&cb=0&ws=1600x1200&v=24.806.2109&t=1500&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-TOP-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F6785150%2Fpg.com%2Fnews%2Fcrime-courts%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sm=2247726b-7301-4ce9-a959-4cbd117de144&pubid=c0985684-5ce7-488c-b275-348d02c8d34e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.20.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-20-121.iad12.r.cloudfront.net
Software
Server /
Resource Hash
cbaf38b3746ee2d719cfdb8c9150cd816f8393737251c4bdf8aca4d7e4d45d89

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
via
1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
221
x-amz-cf-id
R5VX0uj12WNkEzaKSzzPQaCbhyCXr6HzQDf6eHUDJunPJit2J6-Bzg==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		238 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11604&site_id=35280&zone_id=168654&size_id=2&p_pos=atf&rf=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&tk_flint=pbjs_lite_v4.26.0&x_source.tid=29a6ae2f-f751-4f5f-841b-5b71fb8b4b5a&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.05531771484153558
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/vendor/prebid/prebid.4.26.0.20210215.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
91e48f0c09d671448a48ce9b92d43969cf07a300309889a25d9c318b8b62c3fe

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
238
expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		36 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=277283&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223250a729efbb0b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224b1074eb7d337a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22277283%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/vendor/prebid/prebid.4.26.0.20210215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72f25780038f8580b5dcb37ab14c6abce7cc1194700caf81039e21eae05768ae

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yR7Ffjme3vyA1qKk1JaoH8ZFMvzerrQ5PwkUHhRnhf5WjQrfDK0suI8EeGa%2Bk02mjukP6wPXIl5jSpXmUf9lfJA6WtwQNzxKDcsvHGjYo%2Btra3ek272AX51%2FcA5Gh2jC57M7kOwS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8b27a685c8f63347-MIA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
bid
ap.lijit.com/rtb/ 		23 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.26.0
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/vendor/prebid/prebid.4.26.0.20210215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.224.185.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-185-54.compute-1.amazonaws.com
Software
/
Resource Hash
b4a3a7a64c1d8e0c8800fd9dc205edde084919c99d160685f15df1dfe5450396

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
23
prebid
ib.adnxs.com/ut/v3/ 		137 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/vendor/prebid/prebid.4.26.0.20210215.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
23fbe6641d2a507b4f0e74823f22f2d8d9ccf2d8650d7012874152c9883102de
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
an-x-request-uuid
5212f50f-f8cc-4c52-bf48-188f9116aa5c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.74; 38.132.118.74; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
137
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		221 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&pid=t5p3y8cDBmtWu&cb=1&ws=1600x1200&v=24.806.2109&t=1500&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-MIDDLE-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F6785150%2Fpg.com%2Fnews%2Fcrime-courts%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sm=2247726b-7301-4ce9-a959-4cbd117de144&pubid=c0985684-5ce7-488c-b275-348d02c8d34e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.20.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-20-121.iad12.r.cloudfront.net
Software
Server /
Resource Hash
caac03d44b74313696f130db25bc137b0a80437119bf0deeec3bd1ad70aad699

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
via
1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
221
x-amz-cf-id
AKNXkBBhdJTqeIemWYs9z_syhojmRS9t7Uz65rvdDRjWr5yCGqX26g==
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/vendor/prebid/prebid.4.26.0.20210215.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
225f4a0f4679a418e927c0272ddb0bf2ebe1b6a34ad8d8f7591b00649cb403a9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
an-x-request-uuid
7aed8ca8-d6e6-49f6-b0cd-4119945b786a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.74; 38.132.118.74; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=277284&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2212b15a15195ba3e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2213c74625ebae40d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22277284%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2214a6b10da15a0cd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22277284%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/vendor/prebid/prebid.4.26.0.20210215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
face0dc9f4964097808737b8d198033f6866b8df76c77ceb72438df941670993

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66WyO3yuSbskzIXOmY5pr75ldQ9Ia5uzEszBs7W7D6MlX94Yn%2BP3%2F%2BEYOHFoLYMZRqxgHwaF%2BMT%2B1mDZ4Fd1x0eNXlayrQX7l8D%2BqqPTKWbzsor5Av9595jQfgdUrnSDxUGbS%2FpD"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8b27a685c8f43347-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		255 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11604&site_id=35280&zone_id=168654&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&tk_flint=pbjs_lite_v4.26.0&x_source.tid=d334c004-0d27-4205-9079-5e66fbb29977&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.5311515650366405
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/vendor/prebid/prebid.4.26.0.20210215.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a560a3a047d39482377ac1d583ac801806225a42206d1ca5aa82b4c22fe17c85

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
255
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		590 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.26.0
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/vendor/prebid/prebid.4.26.0.20210215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.224.185.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-185-54.compute-1.amazonaws.com
Software
/
Resource Hash
016a5a4e2dde17caee322f77f1d3af2a69c95d884d06b1239dad5ef2d6c511a0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
325
bid
aax.amazon-adsystem.com/e/dtb/ 		221 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&pid=t5p3y8cDBmtWu&cb=2&ws=1600x1200&v=24.806.2109&t=1500&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-MIDDLE2-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F6785150%2Fpg.com%2Fnews%2Fcrime-courts%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sm=2247726b-7301-4ce9-a959-4cbd117de144&pubid=c0985684-5ce7-488c-b275-348d02c8d34e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.20.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-20-121.iad12.r.cloudfront.net
Software
Server /
Resource Hash
d008035e82e3e146b0ac1ad94736d3121d83f326c5a202e6c43bce29ad409e1c

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:08 GMT
via
1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
221
x-amz-cf-id
kDQ8TqQ5dPGylRyEVFnMze4dLFEohYwrDHk8upYqb3qKNHGStM7H2A==
prebid
ib.adnxs.com/ut/v3/ 		138 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/vendor/prebid/prebid.4.26.0.20210215.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
af01f0e9cf45adfaf3b81ca7d6daff4e1ffd73ad896b2e21a80d8c0df38cecbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
an-x-request-uuid
868c8a3e-7105-4e25-acef-f9d064251849
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.74; 38.132.118.74; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.26.0
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/vendor/prebid/prebid.4.26.0.20210215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.224.185.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-185-54.compute-1.amazonaws.com
Software
/
Resource Hash
ad01782506fffd577b7542b606f44ee9866086f57079eec7622f72467c8c0004

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ 		255 B
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11604&site_id=35280&zone_id=168656&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&tk_flint=pbjs_lite_v4.26.0&x_source.tid=38cc7148-0b35-41c7-9126-0e796077df5b&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.09498551426329582
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/vendor/prebid/prebid.4.26.0.20210215.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
88b8364f33f77089947448e95490a5f9c1409964d1a002a47ebe4ecbba734dcb

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
255
expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		36 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=277284&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2228793a3318ca89%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2229a02171bed90a7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22277284%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22306d130168105ed%22%2C%22ext%22%3A%7B%22siteID%22%3A%22277284%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/vendor/prebid/prebid.4.26.0.20210215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45fe357168e35c68fca2539f376bd20dc26070e36f2110997a146a93b0028d5

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ROOdTDGDYVKlytgS5h60lgl85b3AnDSwW30RzoXK3sZJtVtisi7LE8JlFm%2Fxr2XZ6JHJke6msQWe677toQD0wO%2BmRoof34JcvuFHNonKhpQIyzc1TuACugipRdOV3DERCyq6zuLJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8b27a685c8f73347-MIA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
6785150
fundingchoicesmessages.google.com/i/ 		203 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/6785150?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6076e858a3b3c9f4f7c98d54e01a2ea34047605d1783d043fd2719e106a3bfb3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LOtBhotnraK4mGZvMiV9iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-LOtBhotnraK4mGZvMiV9iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAfH_dJdbnQLz34yXWo0DsyHGZ1ROIhXg4dp55s5VN4MWk_ScYlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMLAwN9QzM4wsMAFDWRSU"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
20240714AFRNCTuesday-32-1723519067.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/100x_a1-1_cTC/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/100x_a1-1_cTC/20240714AFRNCTuesday-32-1723519067.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e6f461d20263eac7b31c63c73c77950c77bf2a4779ec6f4d6d2431f962a5957a

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Last-Modified
Tue, 13 Aug 2024 03:18:04 GMT
ETag
fae042b4c6226889bb576a3c00efb4a2
Content-Type
image/jpeg
X-Timestamp
1723519083.38379
Cache-Control
public, max-age=237310
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3370
X-Trans-Id
tx9c9ddf2ce619456786f6b-0066bad06cord1
Expires
Fri, 16 Aug 2024 03:19:19 GMT
2147858910-1723517299.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/100x_a1-1_cTC/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/100x_a1-1_cTC/2147858910-1723517299.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2c59e2923a5d2bbe5db8ebbe7a0be9719c48e33ec89592c87436ecf1b4c311df

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Last-Modified
Tue, 13 Aug 2024 02:48:44 GMT
ETag
160271d43a2f3c64f6cb77f3b52a76c8
Content-Type
image/jpeg
X-Timestamp
1723517323.75785
Cache-Control
public, max-age=235469
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
X-Trans-Id
tx804ee253a99245219b9a1-0066bac98dord1
Expires
Fri, 16 Aug 2024 02:48:38 GMT
3-21-23countycouncil0321-BB-1649-5-1723497477.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/100x_a1-1_cTC/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/100x_a1-1_cTC/3-21-23countycouncil0321-BB-1649-5-1723497477.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f6b37d9a26cc17821e1d1742371612d3fb56aabfb70167c915dfa5040aa290ca

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Last-Modified
Mon, 12 Aug 2024 21:18:13 GMT
ETag
ca4f4bd654c0932423a1594f277eb38a
Content-Type
image/jpeg
X-Timestamp
1723497492.43797
Cache-Control
public, max-age=215636
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3302
X-Trans-Id
tx16345941da7e4882aa897-0066ba7c15ord1
Expires
Thu, 15 Aug 2024 21:18:05 GMT
20240801jcedenhall-17-1722959976.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/100x_a1-1_cTC/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/100x_a1-1_cTC/20240801jcedenhall-17-1722959976.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a959e598322ff41e089ae64bfdfe960ff78f6aaae391f3354e28f88049cf6085

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Last-Modified
Tue, 06 Aug 2024 15:59:52 GMT
ETag
f16e1e8b2c077a83be182e0a88a93724
Content-Type
image/jpeg
X-Timestamp
1722959991.38101
Cache-Control
public, max-age=173349
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3214
X-Trans-Id
txc3dca32b62ab4252890cd-0066b9d687ord1
Expires
Thu, 15 Aug 2024 09:33:18 GMT
20190208dsSeibertMcKnightLocal03-2-1723517458.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/100x_a1-1_cTC/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/100x_a1-1_cTC/20190208dsSeibertMcKnightLocal03-2-1723517458.jpg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.116.129 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-116-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
959a00f0d45d924c883fb0bab357e49c5cb75e7124b8d803221f863968aa58e9

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Last-Modified
Tue, 13 Aug 2024 02:51:13 GMT
ETag
98a1767917f338ed3d8c54f483d1e3c0
Content-Type
image/jpeg
X-Timestamp
1723517472.53047
Cache-Control
public, max-age=235656
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4182
X-Trans-Id
tx860cd6d77fd8471690a94-0066baca22ord1
Expires
Fri, 16 Aug 2024 02:51:45 GMT
sdk.js
api-esp.piano.io/public/sdk/v04/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99583f2f321c998a91bdd0b10bbb619e97da60bad4488f0b4f456820374c109d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
470
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 31 Jul 2024 09:10:32 GMT
server
cloudflare
etag
W/"15d33-191080e2d0d"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
api-esp.piano.io
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, public
access-control-allow-credentials
true
cf-ray
8b27a686aa603dd2-MIA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Wed, 13 Aug 2025 09:16:18 GMT
cx.cce.js
cdn.cxense.com/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:780::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Apr 2024 13:13:58 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6352
Expires
Tue, 13 Aug 2024 10:24:09 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6C45WCK4K&gtm=45je4880v9126362277za200&_p=1723541048293&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-us&sr=1600x1200&cid=1582922576.1723541049&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sid=1723541049&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2009
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y6C45WCK4K&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-1W1CPF4CTB&gtm=45je4880v9126285001za200&_p=1723541048293&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-us&sr=1600x1200&cid=1582922576.1723541049&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&dp=%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%2F&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sid=1723541049&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2038
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1W1CPF4CTB&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1W1CPF4CTB&cid=1582922576.1723541049&gtm=45je4880v9126285001za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1W1CPF4CTB&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-LH0XLL8C5N&gtm=45je4880v9138481794za200&_p=1723541048293&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-us&sr=1600x1200&cid=1582922576.1723541049&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&dp=%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%2F&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sid=1723541049&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2088
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LH0XLL8C5N&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LH0XLL8C5N&cid=1582922576.1723541049&gtm=45je4880v9138481794za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LH0XLL8C5N&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-GXQ6MXWREN&gtm=45je4880v9126507362za200&_p=1723541048293&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-us&sr=1600x1200&cid=1582922576.1723541049&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sid=1723541049&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2115
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GXQ6MXWREN&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GXQ6MXWREN&cid=1582922576.1723541049&gtm=45je4880v9126507362za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GXQ6MXWREN&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/830194943/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/830194943/?random=1723541048987&cv=11&fst=1723539600000&bg=ffffff&guid=ON&async=1&gtm=45be4880z86300809za201zb6300809&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&hn=www.googleadservices.com&frm=0&tiba=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfJ8IVkvMbqMK-hZTo8c2w81bsNA3Nig&random=2798615271&rmt_tld=0&ipr=y
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.106 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
verify
id.tinypass.com/id/api/v1/identity/token/ 		202 B
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.tinypass.com/id/api/v1/identity/token/verify?browser_id=lzs7u8xpgeq65hpm&page_view_id=lzs7u8xpa7t2zz0x&content_type=article&page_title=Lack+of+motive%2C+past+writings+puts+Trump+rally+gunman+in+rare+class+among+high-profile+shooters&callback=jsonp6415&client_id=0Jrto77Ppu&site=https%3A%2F%2Fwww.post-gazette.com&user_state=anon
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
427151291b3678ce285c30fe74de6d733f45bdd9395044fd753ae9e057b66f62
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M9sg5isprJq
pragma
no-cache
wn
prod-id-10-0-82-230
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
server-time
0.001
cache-control
no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials
true
cf-ray
8b27a6879d038db8-MIA
access-control-allow-headers
origin, content-type, accept, authorization, pn-consents, user-state
expires
Thu, 01 Jan 1970 00:00:00 GMT
acj
pittpostgazette-d.openx.net/w/1.0/ 		567 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pittpostgazette-d.openx.net/w/1.0/acj?ai=27d3368f-9aff-4b19-b4cc-05fde3c70801&o=5563d8f60d8871&ju=https%3A//www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072&jr=&nl=155&ul=210&be=1&prf=0&auid=538771293&aus=300x250%2C300x600&bc=hb_2prf&bt=2500&dims=1600x1200&adxy=1110%2C852&res=1600x1200x24&plg=wmp%2Cpm&ch=UTF-8&tz=600&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e&ba=1723541049&sd=1
Requested by
Host: pittpostgazette-d.openx.net
URL: https://pittpostgazette-d.openx.net/w/1.0/jstag?nc=6785150-PostGazette
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
92e1d06632bb2f3b6dfc8ed6ab4ccbab51b5cfeae08794adcc34ff4cdd691268

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.post-gazette.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
352
expires
Mon, 26 Jul 1997 05:00:00 GMT
acj
pittpostgazette-d.openx.net/w/1.0/ 		571 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pittpostgazette-d.openx.net/w/1.0/acj?ai=27d3368f-9aff-4b19-b4cc-05fde3c70801&o=67075260222ecf&ju=https%3A//www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072&jr=&nl=155&ul=210&be=1&prf=0&auid=538771293&aus=300x250%2C300x600&bc=hb_2prf&bt=2500&dims=1600x1200&adxy=1110%2C1647&res=1600x1200x24&plg=wmp%2Cpm&ch=UTF-8&tz=600&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e&ba=1723541049&sd=1
Requested by
Host: pittpostgazette-d.openx.net
URL: https://pittpostgazette-d.openx.net/w/1.0/jstag?nc=6785150-PostGazette
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2cf720c31abb3fd8fbf07f96811241d6d73b4276fbaa76d329a8e8b8f62b3b79

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.post-gazette.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
356
expires
Mon, 26 Jul 1997 05:00:00 GMT
device-load
api-2-0.spot.im/v1.0.0/ 		36 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.184.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-184-20.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
b0e9b85d46ad82d760ba767e14b02f8851dfc08173cfb209e6e4a020eec57192
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
strict-transport-security
max-age=31536000
x-spotim-device-uuid
3593de28-31ce-40c3-ad44-2c27d3579c59
x-guid
3593de28-31ce-40c3-ad44-2c27d3579c59
server
fasthttp
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.post-gazette.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
content-length
36
iu3
s.amazon-adsystem.com/ Frame D61F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-adMediaV1_n-Beeswax_smrt_cnv_n-adYouLike_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_ppt_n-baidu_sovrn_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
391
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 13 Aug 2024 09:24:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8N7D4B9HGQJR8KZFCBFE
186
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/publisher/fusion/lucid/data/186?email=&visitor=&stored_visitor=&pnespid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.post-gazette.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.post-gazette.com
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b27a6886ffca4f4-MIA
date
Tue, 13 Aug 2024 09:24:09 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
186
api-esp.piano.io/publisher/fusion/lucid/data/ 		628 B
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/publisher/fusion/lucid/data/186?email=&visitor=&stored_visitor=&pnespid=
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/pg/pgevoke.dependencies-v0005.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b524e1414246173464abd8e4802efa91f812bee3b12c34a81ad47f045bcbe1c3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"274-eOspYmkwgVURHK/nhero4Cg47zs"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.post-gazette.com
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
cf-ray
8b27a688cb223dd2-MIA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
sprite.svg
static-cdn.spot.im/production/icons/sprites/ 		24 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8709) /
Resource Hash
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
content-encoding
br
x-amz-version-id
pTYPLm0WXSUOn4wsgJLXLuv5LYGbB.2s
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
8166
x-amz-request-id
J40SSS07E61KPPN4
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
9315
x-amz-id-2
r+ct311B2sB6Xf3MRINaiphnllJE9CpGJbftzP/Xev71fXxiSna8ddSa5E+t6h7oZ4SXjpagJvfcD9G6W1yPhmOfE/sFHLA0
surrogate-key
/edgio/static-cdn.spot.im /edgio/static-cdn.spot.im/production/icons/sprites/sprite.svg /edgio/static-cdn.spot.im/production/icons/sprites/sprite.svg
last-modified
Wed, 24 May 2023 11:40:02 GMT
server
ECAcc (mid/8709)
x-ioriver
Edgio
etag
"2a4e43326a158b47d0598571fd4099b6+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
AGSKWxWJkeBo_f9RLn3qQ5z1FGKIrtGC1Ny37R0m2qUu7OYLdlaE8DZLWou0jZyZ3ow1rtLEDi8NS7p_8tmfqOIGrgQuxqnTWT44c_zvlfL17SmXNIY3B6r7GcBoQvkrdAOGNyGCOTFvbA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWJkeBo_f9RLn3qQ5z1FGKIrtGC1Ny37R0m2qUu7OYLdlaE8DZLWou0jZyZ3ow1rtLEDi8NS7p_8tmfqOIGrgQuxqnTWT44c_zvlfL17SmXNIY3B6r7GcBoQvkrdAOGNyGCOTFvbA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzNTQxMDQ5LDY2MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cucG9zdC1nYXpldHRlLmNvbS9uZXdzL2NyaW1lLWNvdXJ0cy8yMDI0LzA4LzExL3Rob21hcy1jcm9va3MtYnV0bGVyLXRydW1wLXJhbGx5LXNob290aW5nL3N0b3JpZXMvMjAyNDA4MTEwMDcyIixudWxsLFtbOCwib2tsVlpOM2hIdzgiXSxbOSwiZW4tVVMiXSxbMjIsInRydWUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MTkwXSxudWxsLDddIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwgz0pUr2--vYiFga5h4FieiKghXg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
08e714abec87b168895a69e8c3f6345c5dd072c28caeefbde3b6bf992ae2b873
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CJp4Kt-WRXzsd0PX-n1H-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CJp4Kt-WRXzsd0PX-n1H-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAfH_dJdbnQLz34yXWo0DsyHGZ1ROIhXg4dp55s5VNYMaiJxeZlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMLAwN9QzM4wsMAEv2RRI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 7C7C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29247
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 08:35:41 GMT
expires
Tue, 13 Aug 2024 09:25:41 GMT
last-modified
Mon, 12 Aug 2024 19:45:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
us-u.openx.net/w/1.0/ Frame CEEE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e&gdpr=0&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e
Requested by
Host: pittpostgazette-d.openx.net
URL: https://pittpostgazette-d.openx.net/w/1.0/jstag?nc=6785150-PostGazette
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
688
content-type
text/html
date
Tue, 13 Aug 2024 09:24:09 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
us-u.openx.net/w/1.0/ Frame D897 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e&gdpr=0&bi=5a79cc4d-f620-4dbf-9d70-620ec688648e
Requested by
Host: pittpostgazette-d.openx.net
URL: https://pittpostgazette-d.openx.net/w/1.0/jstag?nc=6785150-PostGazette
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
688
content-type
text/html
date
Tue, 13 Aug 2024 09:24:09 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cx.js
cdn.cxense.com/ 		113 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:780::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c662676f9e2f04b510c7d3c54e7e5f0cd9862cc2af36f6c0c1a95379d3ab3a67

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Aug 2024 06:34:33 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37548
Expires
Tue, 13 Aug 2024 10:24:09 GMT
jot
www.civicscience.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/jot?j=228037908.874354496&n=0&s=poll&t=created&d=%7B%22target%22%3A%222978%22%2C%22instance%22%3A%22pgevoke-story-0-csinlinepoll%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A165%2C%22cy%22%3A8337%7D
Requested by
Host: www.civicscience.com
URL: https://www.civicscience.com/jspoll/5/csw-polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.159.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-159-194.compute-1.amazonaws.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
last-modified
Fri, 30 Aug 2019 14:44:32 GMT
server
Apache/2.4.39 (Amazon)
accept-ranges
bytes
etag
"0-59156a8fe3400"
content-length
0
content-type
text/plain; charset=UTF-8
bootstrap
www.civicscience.com/widget/api/2/ 		328 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/widget/api/2/bootstrap?target=2978&instance=pgevoke-story-0-csinlinepoll&context=%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&mv=5&_=1723541049704&callback=jsonp_1723541049704_5959
Requested by
Host: www.civicscience.com
URL: https://www.civicscience.com/jspoll/5/csw-polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.159.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-159-194.compute-1.amazonaws.com
Software
Apache/2.4.61 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
9079ab2d91100534dbc34f33b6b9397b6b681092bcf0c10549609c585173a062

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
content-encoding
gzip
server
Apache/2.4.61 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
execute
c2.piano.io/xbuilder/experience/ 		60 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=0Jrto77Ppu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a70a8c0904b390821976e6b966df07347ea122b0ad0d225034adbdd6b1d71087
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
8bo9omw8w3
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
8b27a6891b4a3dd2-MIA
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=914426656119333&correlator=2950772784166263&eid=31084182%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fif&gdpr=0&iu_parts=6785150%2Cpg.com%2Cnews%2Ccrime-courts&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=1&didk=3768972066&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1723541049729&lmt=1723540938&adxs=1110&adys=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&vis=1&psz=300x269&msz=300x250&fws=4&ohw=300&topics=9&tps=9&htps=10&cbidsp=CsYBCAESGwoIYXBwbmV4dXMQtQIgAjgBUghhcHBuZXh1cxIVCgVzb3ZybhC2AiACOAFSBXNvdnJuEhUKBXNvdnJuELYCIAI4AVIFc292cm4SGQoHcnViaWNvbhC_AiACOAFSB3J1Ymljb24SDwoCaXgQswIgAjgBUgJpeBIPCgJpeBCzAiACOAFSAml4GAIiJDM4Y2M3MTQ4LTBiMzUtNDFjNy05MTI2LTBlNzk2MDc3ZGY1YioECAMgADIHdjQuMjYuMEC4F0oA&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723541047667&idt=1424&prev_scp=position%3DMIDDLE2%26usertype%3Danon%26pagepath%3D%252Fnews%252Fcrime-courts%252F2024%252F08%252F11%252Fthomas-crooks-butler-trump-rally-shooting%252Fstories%252F202408110072%26storyid%3D202408110072%26storytags%3DTrump%2520rally%2520shooting%26authororg%3Dpittsburghpostgazette%26author%3Dmichaelkorshandmikewereschagin%26amznbid%3D2%26amznp%3D2%26ox300x250%3D0%252Chb-bid-71e5e51bbc5bde&adks=478292399&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
482775b239d3fe128357683b05f72f0d1a31de9cb7dcb48e5c320f946433d124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19094
x-xss-protection
0
google-lineitem-id
6652832326
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138468050803
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b5b2446c1fd38d2daed2ae03f2fa7775.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3A23 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b5b2446c1fd38d2daed2ae03f2fa7775.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 09:24:09 GMT
expires
Tue, 13 Aug 2024 09:24:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
no_post
api-2-0.spot.im/v1.0.0/config/ab_test/sp_wfO5dOu8/ 		159 B
807 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_wfO5dOu8/no_post
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/137-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.184.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-184-20.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
161e2553e1a3ad74f546872f5ae1cad8ce9fd768afeac9053e881e6a7726b6da

Request headers

Accept
application/json
Referer
https://www.post-gazette.com/
x-spotim-device-uuid
3593de28-31ce-40c3-ad44-2c27d3579c59
x-spotim-page-view-id
8ba16e39-784a-49b9-b4f5-d79982b35e11
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
content-length
159
x-request-id
cbd150de-5955-11ef-ac07-72ea7b5ba623
AGSKWxV0aeYjUXZIqHnQk6nC9hMn_jRhjCXa7MW-7gzahtlzNKUL_odW-0dwgb7fwACy20jCqBQTwtmi-U1rFyB96EfmfC_5R9SUufcq54tvx40Sd7rVyHmrxuVYD0q31Wcibs4j9Mw1WQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV0aeYjUXZIqHnQk6nC9hMn_jRhjCXa7MW-7gzahtlzNKUL_odW-0dwgb7fwACy20jCqBQTwtmi-U1rFyB96EfmfC_5R9SUufcq54tvx40Sd7rVyHmrxuVYD0q31Wcibs4j9Mw1WQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzNTQxMDQ5LDc1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LnBvc3QtZ2F6ZXR0ZS5jb20vbmV3cy9jcmltZS1jb3VydHMvMjAyNC8wOC8xMS90aG9tYXMtY3Jvb2tzLWJ1dGxlci10cnVtcC1yYWxseS1zaG9vdGluZy9zdG9yaWVzLzIwMjQwODExMDA3MiIsbnVsbCxbWzgsIm9rbFZaTjNoSHc4Il0sWzksImVuLVVTIl0sWzIyLCJ0cnVlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDE5MF0sbnVsbCw3XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwgz0pUr2--vYiFga5h4FieiKghXg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11a05cebe83d23d214e7bf6d4c253f41dd6103d2fe27fc590d6b3cacfc68cbbb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NtXjRXFS44seOMs6XuhxYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-NtXjRXFS44seOMs6XuhxYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAfH_dJdbnQLz34yXWo0DsyHGZ1ROIhXg4dp55s5VN4EHj3X9MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiYGFoaGegbm8QUGAFsJRWE"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
no_post
api-2-0.spot.im/v1.0.0/config/ab_test/sp_wfO5dOu8/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_wfO5dOu8/no_post
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.111.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-111-103.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.post-gazette.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.post-gazette.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Tue, 13 Aug 2024 09:24:09 GMT
server
fasthttp
target
www.civicscience.com/widget/api/2/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/widget/api/2/target?target=2978&instance=pgevoke-story-0-csinlinepoll&context=%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&mv=5&_=1723541049782&callback=jsonp_1723541049782_114
Requested by
Host: www.civicscience.com
URL: https://www.civicscience.com/jspoll/5/csw-polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.159.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-159-194.compute-1.amazonaws.com
Software
Apache/2.4.61 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
99a25061a7ca7b1ea72d55fb4c2eb58fb75d0f709a76d49d72546b86a919acf5

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADM DEV PSA PSD OUR IND UNI"
date
Tue, 13 Aug 2024 09:24:09 GMT
content-encoding
gzip
server
Apache/2.4.61 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VZTY4SK8JP&gtm=45je4880v875162335za200&_p=1723541048293&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1582922576.1723541049&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sid=1723541049&sct=1&seg=0&en=meterActive&_fv=1&_ss=1&_ee=1&ep.aid=0Jrto77Ppu&ep.tags=pagetype-story%2Cnews%2Ccrime-courts%2Cmetered&ep.debug=false&ep.url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ep.event_category=meterActive&ep.event_label=Meter%20active%20aid%3A0Jrto77Ppu&ep.experience_id=EXN60OGUUSG0&ep.meter_name=Paymeter&ep.hit_type=event&ep.non_interaction=true&ep.event_action=aid_0Jrto77Ppu&tfd=2543
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZTY4SK8JP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show
buy.tinypass.com/checkout/offer/ Frame 916C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23pgevoke-story-0%20.pgevoke-story-offerbox&templateId=OT6SDFZIMGWZ&offerId=OFZW2E3CE4HO&showCloseButton=true&widget=offer&iframeId=offer-0-qBiY5&url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&parentDualScreenLeft=10&parentDualScreenTop=10&parentWidth=1600&parentHeight=1200&parentOuterHeight=1285&aid=0Jrto77Ppu&zone=Web&customVariables=%7B%7D&browserId=lzs7u8xpgeq65hpm&userState=anon&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2549.800000011921&logType=offerShow&width=650&_qh=8989101e42
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b27a68a4c313714-MIA
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 13 Aug 2024 09:24:10 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
no-cache
server
cloudflare
server-time
0.010
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-112-144
x-forwarded-https
on
x-request-id
M9sg5is5Dq5
x-xss-protection
0
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=27944109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ul=en-us&de=UTF-8&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABAAAAAGAAI~&jid=981874568&gjid=1380507673&cid=1582922576.1723541049&tid=UA-15716261-30&_gid=155317400.1723541049&_r=1&_slc=1&cd11=false&cd5=comments-enabled&cd6=undefined&cd1=false&cd12=paid&cd7=michaelkorshandmikewereschagin&cd13=pittsburghpostgazette&cd3=false&cd9=0&cd10=undefined&z=576333988
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat.js
static.chartbeat.com/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:e200:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 16:13:11 GMT
content-encoding
gzip
via
1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jun 2024 00:13:00 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
61859
etag
W/"665fad8c-9895"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
sqFIUGNmzdozrfc-wTfvWtWhcR9VDw8x5z47vyfnucAwQkZcl5WUmQ==
expires
Tue, 13 Aug 2024 16:13:11 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VZTY4SK8JP&gtm=45je4880v875162335z86300809za200&_p=1723541048293&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1582922576.1723541049&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sid=1723541049&sct=1&seg=0&_s=2&tfd=2595
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZTY4SK8JP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3
www.civicscience.com/idsync/ 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.civicscience.com/idsync/3?uid=beb181156a5f2b31a2f4fbd628dfc161&p=pg
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.159.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-159-194.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
server
nginx/1.14.2
sp1.html
cdn.cxense.com/ Frame D93F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:780::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
289
Content-Type
text/html
Date
Tue, 13 Aug 2024 09:24:10 GMT
Expires
Fri, 23 Aug 2024 09:24:10 GMT
Last-Modified
Thu, 30 Nov 2023 11:55:50 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
252
api-esp.piano.io/tracker/lucid/visit/ 		81 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/tracker/lucid/visit/252?story_url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&visitor=gkw3de45bb8b89uz
Requested by
Host: a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
URL: https://a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com/js/pg/pgevoke.dependencies-v0005.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548af1cd3ef641f32f6ed13c6a09a9ae78e446dc3140d0ac1ccc4ba40bb058cb
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"51-b7e2hnRmGBwO0S9zxtDMB4E48F0"
access-control-max-age
36000
vary
X-HTTP-Method-Override
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.post-gazette.com
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
cf-ray
8b27a68a9be63dd2-MIA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
252
api-esp.piano.io/tracker/lucid/visit/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/tracker/lucid/visit/252?story_url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&visitor=gkw3de45bb8b89uz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.post-gazette.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.post-gazette.com
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b27a68a28d0a4f4-MIA
date
Tue, 13 Aug 2024 09:24:09 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
jot
www.civicscience.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/jot?j=228037908.874354496&n=1&s=poll&t=resolved&d=%7B%22target%22%3A2978%2C%22instance%22%3A%22pgevoke-story-0-csinlinepoll%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A165%2C%22cy%22%3A8366%2C%22otarget%22%3A2978%2C%22pin%22%3A%22%22%2C%22pinMode%22%3A%22required%22%2C%22isMeta%22%3Afalse%7D
Requested by
Host: www.civicscience.com
URL: https://www.civicscience.com/jspoll/5/csw-polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.159.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-159-194.compute-1.amazonaws.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:09 GMT
last-modified
Fri, 30 Aug 2019 14:44:32 GMT
server
Apache/2.4.39 (Amazon)
accept-ranges
bytes
etag
"0-59156a8fe3400"
content-length
0
content-type
text/plain; charset=UTF-8
v3
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_wfO5dOu8/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_wfO5dOu8/v3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.111.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-111-103.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.post-gazette.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.post-gazette.com
access-control-expose-headers
access-control-max-age
86400
content-length
0
date
Tue, 13 Aug 2024 09:24:10 GMT
server
fasthttp
v3
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_wfO5dOu8/ 		46 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_wfO5dOu8/v3
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.18.0/ads/ads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.184.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-184-20.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
da8eed96ea6d0ef6f556da636c8e7dda0d5bceb008498ab90501ae978cabd4a5

Request headers

x-spot-id
sp_wfO5dOu8
x-spotim-page-view-id
8ba16e39-784a-49b9-b4f5-d79982b35e11
x-guid
3593de28-31ce-40c3-ad44-2c27d3579c59
x-post-id
no_post
Referer
https://www.post-gazette.com/
x-access-token
null
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
content-encoding
gzip
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
access-control-expose-headers
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
x-request-id
cbf59f75-5955-11ef-9460-b6df2c752717
en.json
cdn.civicscience.com/jspoll/5/locales/ 		8 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.civicscience.com/jspoll/5/locales/en.json?pv=5.4.27
Requested by
Host: www.civicscience.com
URL: https://www.civicscience.com/jspoll/5/csw-polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:7200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1483ad1f88a63620e340e12810771ffaa2060d938c962f5ad4323316ecd7907

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 06:14:42 GMT
via
1.1 07b0e28d0c589c8a26610bbc5dcd660a.cloudfront.net (CloudFront)
last-modified
Thu, 01 Aug 2024 20:16:55 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
11369
etag
"d84bddc8cd1b0f7cd6b797bb61e78c20"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
8048
x-amz-cf-id
8BYpHOhl6fqNnz6qNbTwtxovgT8kl4m8qFnOxJ0EqAhsI60Z037MEg==
view
securepubads.g.doubleclick.net/pcs/ Frame C8C3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssf6BAM4yJFzmqNcnjCeuJ5tBVNGYmlKKHl3mn-n5iliJ2d9WrlOdjeKcaoOIYVk9ZkEBOgDKsmtiKxPZ_Hp8a2RBKRv6FnrsNhsJAgXYpQtIf6aZlBqWt7gTQ13_IooXDXinIBE8xQ5HgQL6sk_9myOIg_nVanN-rK-czwBIfC7sNmZhNcjEtHR3xA10CdmkiQUvImIaJgUNMkv5UH0f3SE10j0YJYkXTEZu-SgETDl--f2J4di1SmIFgGARJYYbHm9LZZBQWlbQRSDPoMlLGEkjoCOXW_ZQNy55gi2DCbNTlPC-6AAJEgeDY5aYu5P5I343fqXh6awNmSKggMxW1WrCnqxV2Yp38hSI0WP5QSPErL54TSn1uhyCcNp8zlwy8D6z3sxPIHET-q8sVdekkPufBEkXgm&sai=AMfl-YR_1qDmh-_qniuIuKBE_A4rHIUjgtYjXN9N3QHA00nWof5GvandnkbqsFUZzXj2dvh_oblVK-FrnQ0DQGGlS37r0QCaGpGy7hjK4H7xD6syRDMhvtgec7ZAd5bCvQ&sig=Cg0ArKJSzLTLM0anTAANEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240807/r20110914/ Frame C8C3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240807/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fe8c68f318aa1e9cb2cfe4be20519c3f7bf75564b9ba3e9822e0d93fe4b7491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 15:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
65052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9141
x-xss-protection
0
server
cafe
etag
15499051073851929161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Aug 2024 15:19:58 GMT
infolinks_main.js
resources.infolinks.com/js/ Frame C8C3 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3caeec1e3574c6f91c859e52e6b58ded9a21be7db3b71d6738bde23f78beb06

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Aug 2024 08:45:21 GMT
server
cloudflare
age
2318
etag
W/"112b-61f78836eba6b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8b27a68b5cb7db29-MIA
expires
Tue, 13 Aug 2024 09:45:32 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C8C3 		204 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
4d20e34d7517ba277214444e8f314c7b75141eb1979493453252daa941808ab7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:06:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64804
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 10:06:18 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VZTY4SK8JP&gtm=45je4880v875162335za200&_p=1723541048293&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1582922576.1723541049&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1723541049&sct=1&seg=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&en=experienceExecute&_ee=1&ep.login_status=false&ep.pageview_type=story&ep.section_name=news&ep.subsection_name=crime-courts&ep.story_id=none&ep.premium_article=standard&ep.metered_article=free&ep.comments_enabled=disabled&ep.organization=pittsburghpostgazette&ep.author=michaelkorshandmikewereschagin&ep.story_group=none&ep.aid=0Jrto77Ppu&ep.tags=pagetype-story%2Cnews%2Ccrime-courts%2Cmetered&ep.debug=false&ep.url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ep.offer_id=OFZW2E3CE4HO&epn.width=650&ep.display_mode=inline&ep.experience_id=N%2FA&ep.iframe_id=offer-0-qBiY5&ep.template_id=OT6SDFZIMGWZ&ep.event_category=experienceExecute&ep.event_label=Experience%20execute%20offerId%3AOFZW2E3CE4HO%20aid%3A0Jrto77Ppu%20templateId%3AOT6SDFZIMGWZ&ep.hit_type=event&ep.non_interaction=true&ep.event_action=offerId_OFZW2E3CE4HO____aid_0Jrto77Ppu____templateId_OT6SDFZIMGWZ&_et=1&tfd=2721
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZTY4SK8JP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		65 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=914426656119333&correlator=3940345098152572&eid=31084182%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fif&gdpr=0&iu_parts=6785150%2Cpg.com%2Cnews%2Ccrime-courts&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=2&didk=2704469683&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D29cab651e6ac5e90%3AT%3D1723541049%3ART%3D1723541049%3AS%3DALNI_Ma9DyzRvPslKPEPFnInQlzl5aVcmQ&gpic=UID%3D00000eca43bdbf4a%3AT%3D1723541049%3ART%3D1723541049%3AS%3DALNI_MYgx_jfyW5KHJ6YxI_lp2UobEZmjQ&abxe=1&dt=1723541050049&lmt=1723540938&adxs=436&adys=145&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&vis=1&psz=1220x109&msz=728x90&fws=4&ohw=728&psts=AOrYGsma46ojAVJ7mjFRKM2koge0QFAv_n3OIFYeiA1Yq-XBCw7jsS6UsYfAdEF2eqfAq8wsS-L2nBF57dGCV8d-UnpYussP5w&topics=3&tps=3&htps=10&cbidsp=Cp4BCAESGQoHcnViaWNvbhDkAiACOAFSB3J1Ymljb24SDwoCaXgQzgIgAjgBUgJpeBIVCgVzb3ZybhDPAiACOAFSBXNvdnJuEhsKCGFwcG5leHVzEMkCIAI4AVIIYXBwbmV4dXMYAiIkMjlhNmFlMmYtZjc1MS00ZjVmLTg0MWItNWI3MWZiOGI0YjVhKgQIAyAAMgd2NC4yNi4wQLgXSgA.&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723541047667&idt=1424&prev_scp=position%3DTOP%26usertype%3Danon%26pagepath%3D%252Fnews%252Fcrime-courts%252F2024%252F08%252F11%252Fthomas-crooks-butler-trump-rally-shooting%252Fstories%252F202408110072%26storyid%3D202408110072%26storytags%3DTrump%2520rally%2520shooting%26authororg%3Dpittsburghpostgazette%26author%3Dmichaelkorshandmikewereschagin%26amznbid%3D2%26amznp%3D2%26ox728x90%3D0%252Chb-bid-359527ee2a74d5&adks=460937869&frm=20&eo_id_str=ID%3D44ab206e5d01c8fb%3AT%3D1723541049%3ART%3D1723541049%3AS%3DAA-AfjbhS0-3l-4dbPm7dXsIMLXS
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
77912b3fa92f01b800a783a3f943f7a27e516cee63f353e271d89322054d7426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24847
x-xss-protection
0
google-lineitem-id
5291183713
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138302713033
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
frame_content.js
resources.infolinks.com/js/1943.011-3.034/ Frame C8C3 		2 KB
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1943.011-3.034/frame_content.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3a41863d92b22799ff23c52e2173e80b13ebc75b9144151ea105cd52b59de5

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Jul 2024 13:24:13 GMT
server
cloudflare
age
7326
etag
W/"96d-61dfe31b559b4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8b27a68bbcdfdb29-MIA
expires
Thu, 12 Sep 2024 07:22:04 GMT
csw-frame.5.4.27.js
cdn.civicscience.com/jspoll/5/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.civicscience.com/jspoll/5/csw-frame.5.4.27.js
Requested by
Host: www.civicscience.com
URL: https://www.civicscience.com/jspoll/5/csw-polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:7200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02c8aca24a587a488a3ecb8362f64042b3279812ec4eed71b7f8aec00a816c37

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 10:53:35 GMT
content-encoding
gzip
via
1.1 e0ed595b39732d9e9972db26854384ec.cloudfront.net (CloudFront)
last-modified
Thu, 01 Aug 2024 20:16:54 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
81036
etag
W/"e519d41acb33c0a536f2dd0f3cfac59a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
evPhQuWhZXd-6rYANI4l7iUpt3QQ5Atgvj5VSwORfUdrLsGVJ8opzg==
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=post-gazette.com&p=%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&u=D7r8J4pivinBqf0wT&d=post-gazette.com&g=34530&g0=crime-courts%2C%20news&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11004&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&b=2929&t=0R-9ZDGbSfACaVMlYDZ7zllD7Vkcs&V=147&i=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&tz=600&_acct=anon&sn=1&sv=BNI1ntD322lxBLqJDdBEu9RgBLoxYj&sr=external&sd=1&im=067b0fff&_
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.85.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-85-192.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
content-type
image/gif
truncated
/ Frame C8C3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a9c4d889ff3d8d22b2666621ec03e7e198baec397d7e82766b91d4fffca291d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame C8C3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ice.js
resources.infolinks.com/js/1943.011-3.034/ 		190 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1943.011-3.034/ice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/frame_content.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e2d9f8df5271137f3cd95ace8ff8e0afd3fbadb43a2f98858f840fcf8249ee

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Jul 2024 13:24:13 GMT
server
cloudflare
age
8293
etag
W/"2f957-61dfe31b54a13"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8b27a68c8d24db29-MIA
expires
Thu, 12 Sep 2024 07:05:57 GMT
frame_incube.js
resources.infolinks.com/js/1943.011-3.034/ Frame C8C3 		66 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1943.011-3.034/frame_incube.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/frame_content.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39404f14d7cdfe5585c860ecd69a8dfc8d857cd03feda8e8a0582b6e6a403baf

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Jul 2024 13:24:13 GMT
server
cloudflare
age
7238
etag
W/"106c7-61dfe31b555cc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8b27a68c8d26db29-MIA
expires
Thu, 12 Sep 2024 07:23:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BC68 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRjw0YSzipRltuAFv3xKA_4-t5S9P2KDEwx5vPPOkQmoRjW0Duhf_ngSxB0P1jAypnPNWut4Jvi2ZV3GKagkvDLU-mr32tAOujBR-fDFHsht86lLBC-FSMUVkJGdb9bVPicnBGfMiLEM525iosARM3PN7nSSouDYNqDjvEB1ueW54UlFwEVXEP94aLPlUZL0ksYdH80jIo68BaqQTE5oKmXvz-NXSP8QdHjBorfLZKRkQ3B7aBkcgKd5jSwpm11Ge0AenpXRb1YWUzmT-TnEoqIlTQSfQyMvYFcMQvZ33DTGXmEXgtLD9q4aEi9uIVt_9f_IYUhZYwZ2sVdQJaTvVsrsKyXXLiRP8jj8s-JMlN3kt14ivmv2RdgNcMbU6qNJmgmZcL1A&sai=AMfl-YQVQ9Nqir-LJ7mRrQXVcmnE7Qvgxi_3a5Aq9Pt0L5FchxeAnTQacPqbRI295zVK2U1mKxM1vZXQzRVgVXke1lzuvQ6jV5GaQvFr87XYte7vxIJiEalV0Ek2C_b3jA&sig=Cg0ArKJSzMxHCJXjMqd3EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240807/r20110914/ Frame BC68 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240807/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fe8c68f318aa1e9cb2cfe4be20519c3f7bf75564b9ba3e9822e0d93fe4b7491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 15:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
65052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9141
x-xss-protection
0
server
cafe
etag
15499051073851929161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Aug 2024 15:19:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240807/r20110914/client/ Frame BC68 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240807/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 15:21:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
64939
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Aug 2024 15:21:51 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BC68 		204 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
4d20e34d7517ba277214444e8f314c7b75141eb1979493453252daa941808ab7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:06:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64804
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 10:06:18 GMT
6735890734628928813
tpc.googlesyndication.com/simgad/ Frame BC68 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6735890734628928813
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a02b13fd528c3b40e82039b4c49a2c88a2002eca625612952c76a1c6da2c2119
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Fri, 09 Aug 2024 21:35:25 GMT
x-content-type-options
nosniff
age
301725
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80927
x-xss-protection
0
last-modified
Wed, 05 Feb 2020 15:31:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Aug 2025 21:35:25 GMT
l
www.google.com/ads/measurement/ Frame BC68 		0
0
truncated
/ Frame BC68 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
522f46a0502ae9d16e50e596c08957570a6f4f7539f71c707c7c50f64168f130

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC68 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		65 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=914426656119333&correlator=437712913755786&eid=31084182%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fif&gdpr=0&iu_parts=6785150%2Cpg.com%2Cnews%2Ccrime-courts&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=3&didk=2869364836&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D29cab651e6ac5e90%3AT%3D1723541049%3ART%3D1723541049%3AS%3DALNI_Ma9DyzRvPslKPEPFnInQlzl5aVcmQ&gpic=UID%3D00000eca43bdbf4a%3AT%3D1723541049%3ART%3D1723541049%3AS%3DALNI_MYgx_jfyW5KHJ6YxI_lp2UobEZmjQ&abxe=1&dt=1723541050378&lmt=1723540938&adxs=1110&adys=852&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&vis=1&psz=300x269&msz=300x250&fws=4&ohw=300&psts=AOrYGsl6JWUinpTIF7DmcERj16ev7KI92DYUzgVh25b89jUnAB4C21Oo8HWUkiDBVOOShVN3DZHXCcvHcDG3gLZ0k8_hOmRPrg2v-kKG0dU%2CAOrYGsma46ojAVJ7mjFRKM2koge0QFAv_n3OIFYeiA1Yq-XBCw7jsS6UsYfAdEF2eqfAq8wsS-L2nBF57dGCV8d-UnpYussP5w&topics=3&tps=3&htps=10&cbidsp=CsYBCAESGwoIYXBwbmV4dXMQxgMgAjgBUghhcHBuZXh1cxIPCgJpeBC9AiACOAFSAml4Eg8KAml4EL0CIAI4AVICaXgSGQoHcnViaWNvbhCVBCACOAFSB3J1Ymljb24SFQoFc292cm4QxwIgAjgBUgVzb3ZybhIVCgVzb3ZybhDHAiACOAFSBXNvdnJuGAIiJGQzMzRjMDA0LTBkMjctNDIwNS05MDc5LTVlNjZmYmIyOTk3NyoECAMgADIHdjQuMjYuMEC4F0oA&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723541047667&idt=1424&prev_scp=position%3DMIDDLE%26usertype%3Danon%26pagepath%3D%252Fnews%252Fcrime-courts%252F2024%252F08%252F11%252Fthomas-crooks-butler-trump-rally-shooting%252Fstories%252F202408110072%26storyid%3D202408110072%26storytags%3DTrump%2520rally%2520shooting%26authororg%3Dpittsburghpostgazette%26author%3Dmichaelkorshandmikewereschagin%26amznbid%3D2%26amznp%3D2%26ox300x250%3D0%252Chb-bid-899e27194d5a7a&adks=2757904123&frm=20&eo_id_str=ID%3D44ab206e5d01c8fb%3AT%3D1723541049%3ART%3D1723541049%3AS%3DAA-AfjbhS0-3l-4dbPm7dXsIMLXS
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
8a2109359bdda66214d6b40e25551f7a72d197bb481bd9bef936bf79ecdf445e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24843
x-xss-protection
0
google-lineitem-id
6493206140
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138462281584
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C8C3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpSl9M8c7xPo8r8jgo9kO0jYCzelLSpBCIfC43sgophj4w-7iGJXRNYicoBQzoLE7x7CBQ2fpr4AX3EFrnOD3eNkeYa5xOg_Du0Z8wbV6h9zidycEz-Q3ei1BsYS0LWtzie3UXOPRzmBV7B0ztxdQN-0Rf--jMObn7dyaBclY_aGlFvzmOnmvb_Vc-jstqal9He1WAzXDRQMtba5jYaUK-yzUGcfc7HCrDHoEKG66wA_ZNHrxVzkBEDhHOq9pLfekoDHce-IyUN8hzt0ZjoWB_JKG5tgeGL81iexkpkWrSPIN2LmCpo_kGhJWuZzIAMrTtMQY3jlZUa3mnm5rshsNtlvXtHFDkmWNMDWQIPJGmDfUTgqYF9406Q0IsVUvRItXScKVGek7aGuHt&sai=AMfl-YS1PaizczykiKePUHIEvB7NQVDVarx17eH8MTAy2zj3z0CKqApgwI6YrUHDH8yuF6Qk0nj9OsHn3rOgfvrHsi341t5zYoQKv6j0EbF-khtUHHrCu-YssTDZPz9YTw&sig=Cg0ArKJSzGaDfWp-ywP2EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Aug 2024 09:24:10 GMT
manage
router.infolinks.com/usync/ Frame C7A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3406772&wsid=0&pdom=www.post-gazette.com&purl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
8b27a68dc9d609ce-MIA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 13 Aug 2024 09:24:10 GMT
p3p
CP="NON DSP NID OUR COR"
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		282 B
295 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3406772&wsid=0&pdom=www.post-gazette.com&purl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8831205839dc185f397704ef97c8622de4d36900f1389fc6bc9311a50aa067

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript;charset=ISO-8859-1
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
8b27a68d5d70db29-MIA
gsd
router.infolinks.com/ 		332 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3406772&pdom=www.post-gazette.com&purl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&jsv=1943.011-3.034&_cb=17235410504410
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ba8d3197e67210261cd0e171d4cca5f7738a30265e3eddbe6779db2cc8e27d5

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript;charset=UTF-8
p3p
CP="NON DSP NID OUR COR"
cache-control
max-age=0
cf-ray
8b27a68d6d71db29-MIA
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VZTY4SK8JP&gtm=45je4880v875162335z89138481794za200&_p=1723541048293&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1582922576.1723541049&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&sid=1723541049&sct=1&seg=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&_s=4&tfd=3132
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZTY4SK8JP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk-runtime-config.js
buy.tinypass.com/api/v3/anon/assets/ 		280 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=0Jrto77Ppu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8136d988e1983b07ef2ea49046cbe860073af83aa5eec5446b47dadb170523b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
content-encoding
gzip
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
4283
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M8y95islqpt
wn
prod-dash-10-0-90-127
last-modified
Tue, 13 Aug 2024 06:56:32 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.007
cache-control
public, max-age=14400
cf-ray
8b27a68dde7b128b-MIA
expires
Tue, 13 Aug 2024 13:24:10 GMT
id
id.cxense.com/public/user/ 		101 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lzs7u8xpgeq65hpm%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2227d8nbqxwgrbf1zdv6oxylmdlh%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2227d8nbqxwgrbf1zdv6oxylmdlh%22%7D%5D%2C%22siteId%22%3A%221127326325556598313%22%2C%22location%22%3A%22https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
80b882252dcc30607c6edf4d75067c4dda5b20424c003e9f1cb083b64edb8183
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
101
expires
Mon, 26 Jul 1997 05:00:00 GMT
csw.5.4.27.css
cdn.civicscience.com/jspoll/5/ Frame 788D 		115 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.civicscience.com/jspoll/5/csw.5.4.27.css?pv=5.4.27
Requested by
Host: cdn.civicscience.com
URL: https://cdn.civicscience.com/jspoll/5/csw-frame.5.4.27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:7200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d4bd9612b977faa9680ee1934b96a4088870e15d289ed65487c9f521c14b7e2

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:08:57 GMT
content-encoding
gzip
via
1.1 e0ed595b39732d9e9972db26854384ec.cloudfront.net (CloudFront)
last-modified
Thu, 01 Aug 2024 20:16:54 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
914
etag
W/"30775987c2a1ae9c0a6136d3f527be9a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
paEUw_QP0Z8pmw-YLeC6ynGkwI6uj2HHGrCLWHlIAx_EZiTctTagvQ==
iqusync-1.31.min.js
resources.infolinks.com/static/usync/ 		2 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/usync/iqusync-1.31.min.js
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/lcmanage?pid=3406772&wsid=0&pdom=www.post-gazette.com&purl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7adedc362a799da2168fec3a6b8ee1d705edbcbebb4d2fbf456af1f575a2ecae

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2024 11:30:04 GMT
server
cloudflare
age
8339
etag
W/"7ce-61cf7158b5e00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8b27a68dbd90db29-MIA
expires
Thu, 12 Sep 2024 07:05:11 GMT
doq.htm
rt3004.infolinks.com/action/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3004.infolinks.com/action/doq.htm?pcode=utf-8&r=17235410505211
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6583747849b0713b2ac545a79548287d1e1ba0d13ae91467a097c9ce70a65313

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-language
en-US
cf-ray
8b27a68eb967a563-MIA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BC68 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRjXffNG9ym6mJeO72WZR1rrImHroAnYdDxYiZcjDwLYfdaqRfmLtdhnMMKXiOY19SvNnNa2TSp7dz9Ng-p5nXEbxur6RgLEdLeKgjClPI5M_fF-tYioOLZDS5YAsx4xMOeXDSUMyTP5ZlJiR7Fw4R5p-enSiVyB8cz7cvNYHA4oe89mwfOY-BMJS39tV82V0SZUzoZ8vUYucmzEvJ89L7kZE8IrkaeUVPHNPfglbfYPI8HRsPxLmovxzfrPDTJkU5WIwZ9oAswDi8Dpwvpv4GkhATHYtGOPVVSMm2DDdy5ILEy7PHwz4Z-fWgxq6q6eBfNVtdnbuWfFK8dmnNhBMnGqyzipVgrWVvai4rW7xQw0JIUeOVp6FsnpcukomRD9ZDOXCtGTbK&sai=AMfl-YRtn7M7gjIXC6Yhxi1pw3Vl7MF1t-fjTj3B2l_gYroij_BX1cgv8vE7g3HudO7PSf5v6h_fFeBcGnZdLZPd2XRaZJevNOC7sCC3yb1f3pTVoqDwNPDrsPEalQJ4jw&sig=Cg0ArKJSzBO_gR2DFtduEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Aug 2024 09:24:10 GMT
iquid-01.js
resources.infolinks.com/static/ 		68 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/iquid-01.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.31.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f60c8e46ff2161132091c8bdaf0628c161918a67a1d65854c21bc6bdff7eb91

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Mar 2024 09:50:03 GMT
server
cloudflare
age
4191
etag
W/"11007-613231db6db5c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8b27a68e0db6db29-MIA
expires
Thu, 12 Sep 2024 08:14:19 GMT
ima.js
cdn-ima.33across.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.31.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b45bdbf750c305208e17ba6044c938c0d147a9c41b5a1082fffa748ff11a5d3

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Aug 2024 14:55:11 GMT
server
cloudflare
age
584171
etag
W/"66b2394f-405e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8b27a68ec93f259a-MIA
expires
Fri, 16 Aug 2024 09:24:10 GMT
id5.js
resources.infolinks.com/static/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/id5.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.31.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Mar 2023 15:25:02 GMT
server
cloudflare
age
7396
etag
W/"e65f-5f7cf3aed6f0f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8b27a68e0db7db29-MIA
expires
Thu, 12 Sep 2024 07:20:54 GMT
did-004d.min.js
d-code.liadm.com/ 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d-code.liadm.com/did-004d.min.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.31.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:2a00:1c:2afd:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ec516dc31a72ec6f2d2e01d6a4e5e38d0aa7e6d4e687deaec53e772089a022cf

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 07:05:37 GMT
content-encoding
gzip
via
1.1 e82b8f8953c90f58ae3b2feee6b64b70.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
8313
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
x-amz-cf-id
6ro9R9Yt2B1hpAo1Ps-AzzgoQTwhMCvypFq3XSt8YV3-1iRhvyh_EA==
displayadleader.
fundingchoicesmessages.google.com/f/AGSKWxWQ1JpGRpIQVFEhxcb-Rxch6Drs6w4sZrCpj17zVsgjlv-ukTU2PRG2K0ebHqG65CxNyrxPGapiQF3H05Wr4SpW_sQ_hcottrP6yJz40rwSQUz0EvSQJYLbRR5ezPeoz8r-V1uL6OLtD2ybMG0qc54P4I7E3... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWQ1JpGRpIQVFEhxcb-Rxch6Drs6w4sZrCpj17zVsgjlv-ukTU2PRG2K0ebHqG65CxNyrxPGapiQF3H05Wr4SpW_sQ_hcottrP6yJz40rwSQUz0EvSQJYLbRR5ezPeoz8r-V1uL6OLtD2ybMG0qc54P4I7E3YmEMDkI2JXpge0UNqBGYvP8jL7y2mLM/_/adcash._468.gif/show_ads_-contrib-ads./displayadleader.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oklVZN3hHw8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwTJCMyPpV8x_ZJHxcAT7ZwTpuf-Q/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f138.1e100.net
Software
ESF /
Resource Hash
fbd6e412b3ec4d174b0a0bc9e7f7762b9c545d6c60b76bbcec7e2f0043a75e28
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jnfmBeKk1ygq3eu7uEgj0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jnfmBeKk1ygq3eu7uEgj0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw05BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAfH_dJdbnQLz34yXWo0DsyHGZ1ROIhXg4dp15s5VNYMOb7nVMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiYGFoaGegbm8QUGAEZKRPY"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oklVZN3hHw8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwTJCMyPpV8x_ZJHxcAT7ZwTpuf-Q/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
bb432bc0b5a36383729e54eaaa6cffdef9392688d76b90ed0ea529758e2165f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52460
x-xss-protection
0
server
cafe
etag
3047550633594868074
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 13 Aug 2024 09:24:10 GMT
AGSKWxUHO9k1UopWgU_Ydh9MbfZ2ReXztbYbdW6MFIew58wgzOOTqDGukq97gvZZyEzWvg0JctBeq5e6Um8BXrChbMXD9trMSBDwIvgiyjkIye670KjDLyWwRrRsRewBcKwvSjK9LS1nhA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHO9k1UopWgU_Ydh9MbfZ2ReXztbYbdW6MFIew58wgzOOTqDGukq97gvZZyEzWvg0JctBeq5e6Um8BXrChbMXD9trMSBDwIvgiyjkIye670KjDLyWwRrRsRewBcKwvSjK9LS1nhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwgz0pUr2--vYiFga5h4FieiKghXg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Bt-8f-0Yd0bgnxiVzDjVUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Bt-8f-0Yd0bgnxiVzDjVUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw1JBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIiHY9eZN1vZBBZ8unOXScklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGFgYGuoZmMcXGAAAy0Q1Jg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		111 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=328512134&pt=17&dpn=1&jsver=5.36&iiqidtype=2&iiqpcid=598a57ee-454b-4bd2-9e35-6f2dfcd0b7b5&iiqpciddate=1723541050614&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=111_1723541050615&fbp=646215242&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/iquid-01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-85.iad12.r.cloudfront.net
Software
/
Resource Hash
c15f81b62af24ccddfad160aee4f35a12024032b8f37a65bd127856f872a50b6

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 61bbe72b71f7b857c695c31fdeb7b3a6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
access-control-max-age
3600
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me, DNT,X-CustomHeader,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control
x-amz-cf-id
M8hnI8v59o4hlMyV7tR_wh_C2Ycm6P20-fwO3MAlgX4nieZ9zwlCrg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=465381&iiqidtype=2&iiqpcid=598a57ee-454b-4bd2-9e35-6f2dfcd0b7b5&iiqpciddate=1723541050614&tsrn...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=465381&iiqidtype=2&iiqpcid=598a57ee-454b-4bd2-9e35-6f2dfcd0b7b5&iiqpciddate=1723541050614&tsrn...
43 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=465381&iiqidtype=2&iiqpcid=598a57ee-454b-4bd2-9e35-6f2dfcd0b7b5&iiqpciddate=1723541050614&tsrnd=237_1723541050616&fbp=646215242&jsver=5.36&abtp=100&abtg=A&ckls=true&ci=QGd1TkV8Ha&nc=false&trid=1978532436
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
2600:9000:26fa:a600:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 cd691f5232ad8151e816e4693db0dfac.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
myK0prHrFPS1IxSCauv5VBkZU_9HpxUsjpNJizsVMyFYPNsLXdTdzA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 cd691f5232ad8151e816e4693db0dfac.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=465381&iiqidtype=2&iiqpcid=598a57ee-454b-4bd2-9e35-6f2dfcd0b7b5&iiqpciddate=1723541050614&tsrnd=237_1723541050616&fbp=646215242&jsver=5.36&abtp=100&abtg=A&ckls=true&ci=QGd1TkV8Ha&nc=false&trid=1978532436
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
RckOmS0SCLKMkW2tWiLGkTlfUcRXKMs5Jkn3q-XJzW4VV2b_1PlD7w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EA86 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4WK6wViq3XJjoqqRUHgJAc9BM3HF7kfNmDUdn31yTxkDC6nwDNuPcN8Od9VIlPbcHkwYnJwv3jRPC7dpwXghBpEJgkUN-L6N4he6ipNIVliuERlTaI2QFomoVa2rmECjXocxbgumjRv2jJi6U9eviVzC5yS8ty_-1wZ48wgLbFczguSAP6PSlLkyFpsaw2-hNiSBqjBZHJtmClIPs3auNlrpsB9nstjn06mB6ihSm5wcameWLa8EpxCi88CMnVHIknHr3xeRG_jFG6_NBkdmto7arimTerIBilj5OF6WjSEKsMLqFv8SLu4nEn--mY098BeM-rr3KeZA2z-JspECJ6mgXpzkNtQ-Y-0nl2qZ8ALU5HUrP3jiEVYasFWeqffaOIL7S8Q&sai=AMfl-YTDiDPbZ4fc9surZc17nzIaFacMz4tSaO02N2_EGQkz3lrbU0uTo_R-LkeQR-1QPfMfXxmbe5d1ghPZYZ_z-YWinr9bn1aqkWcbC1IsDuro_3iYkKZm8cYptnQPDA&sig=Cg0ArKJSzAJgmGV_bvvcEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240812/r20110914/ Frame EA86 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240812/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f132.1e100.net
Software
cafe /
Resource Hash
5fe8c68f318aa1e9cb2cfe4be20519c3f7bf75564b9ba3e9822e0d93fe4b7491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:32:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
67892
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9141
x-xss-protection
0
server
cafe
etag
15499051073851929161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Aug 2024 14:32:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240812/r20110914/client/ Frame EA86 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240812/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f132.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:30:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
68048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Aug 2024 14:30:02 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EA86 		204 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
4d20e34d7517ba277214444e8f314c7b75141eb1979493453252daa941808ab7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:06:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64804
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 10:06:18 GMT
7714164730252970690
tpc.googlesyndication.com/simgad/ Frame EA86 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7714164730252970690
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f132.1e100.net
Software
sffe /
Resource Hash
d29b67a2f26338d0e7efb010a072ec112d29ccfb3e35629ad6cf2c3a639a62e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Tue, 13 Aug 2024 09:24:10 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112009
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 20:02:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Aug 2025 09:24:10 GMT
l
www.google.com/ads/measurement/ Frame EA86 		0
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VZTY4SK8JP&gtm=45je4880v875162335za200&_p=1723541048293&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1582922576.1723541049&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1723541049&sct=1&seg=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&_s=5&tfd=3357
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZTY4SK8JP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame EA86 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16978e6c0760af749bd7c9f133db7619e65c889d70d3d17bec43113a1482fe9f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA86 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=914426656119333&correlator=4457864712788230&eid=31084182%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fif&gdpr=0&iu_parts=6785150%2Cpg.com%2Cnews%2Ccrime-courts&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=4&didk=45865626&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D29cab651e6ac5e90%3AT%3D1723541049%3ART%3D1723541049%3AS%3DALNI_Ma9DyzRvPslKPEPFnInQlzl5aVcmQ&gpic=UID%3D00000eca43bdbf4a%3AT%3D1723541049%3ART%3D1723541049%3AS%3DALNI_MYgx_jfyW5KHJ6YxI_lp2UobEZmjQ&abxe=1&dt=1723541050689&lmt=1723540938&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1250&psts=AOrYGsl6JWUinpTIF7DmcERj16ev7KI92DYUzgVh25b89jUnAB4C21Oo8HWUkiDBVOOShVN3DZHXCcvHcDG3gLZ0k8_hOmRPrg2v-kKG0dU%2CAOrYGsn3v6VQcnuO09YPDxkK1w3dQIARN603Fch14nkgsbtgZ7LREIQ4G0bJAc0K696neRxydmjl1F0jb6A5p9gjAAUy-7wkYQ%2CAOrYGsma46ojAVJ7mjFRKM2koge0QFAv_n3OIFYeiA1Yq-XBCw7jsS6UsYfAdEF2eqfAq8wsS-L2nBF57dGCV8d-UnpYussP5w&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723541047667&idt=1424&prev_scp=position%3DADHESION%26usertype%3Danon%26pagepath%3D%252Fnews%252Fcrime-courts%252F2024%252F08%252F11%252Fthomas-crooks-butler-trump-rally-shooting%252Fstories%252F202408110072%26storyid%3D202408110072&adks=4212857569&frm=20&eo_id_str=ID%3D44ab206e5d01c8fb%3AT%3D1723541049%3ART%3D1723541049%3AS%3DAA-AfjbhS0-3l-4dbPm7dXsIMLXS
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
03ad63b67e39543c0590665f1d067a5c210814126327134b2716b04ab997cbc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18400
x-xss-protection
0
google-lineitem-id
6412071805
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138454203229
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/id5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
8cfc18f3e2203b139b0165736f9a67f3e228a36f4ed080ac1a6c4281aecd9e63
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
AGSKWxUHO9k1UopWgU_Ydh9MbfZ2ReXztbYbdW6MFIew58wgzOOTqDGukq97gvZZyEzWvg0JctBeq5e6Um8BXrChbMXD9trMSBDwIvgiyjkIye670KjDLyWwRrRsRewBcKwvSjK9LS1nhA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHO9k1UopWgU_Ydh9MbfZ2ReXztbYbdW6MFIew58wgzOOTqDGukq97gvZZyEzWvg0JctBeq5e6Um8BXrChbMXD9trMSBDwIvgiyjkIye670KjDLyWwRrRsRewBcKwvSjK9LS1nhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwgz0pUr2--vYiFga5h4FieiKghXg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LlW4C22Sa6FKLCH0vRmBuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-LlW4C22Sa6FKLCH0vRmBuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw05BicEqfwRoExO5aF1n9gXhJxEXWQ4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIiHY9eZN1vZBD78uvGWScklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGFgYGuoZmMcXGAAA6wg1jw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUHO9k1UopWgU_Ydh9MbfZ2ReXztbYbdW6MFIew58wgzOOTqDGukq97gvZZyEzWvg0JctBeq5e6Um8BXrChbMXD9trMSBDwIvgiyjkIye670KjDLyWwRrRsRewBcKwvSjK9LS1nhA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHO9k1UopWgU_Ydh9MbfZ2ReXztbYbdW6MFIew58wgzOOTqDGukq97gvZZyEzWvg0JctBeq5e6Um8BXrChbMXD9trMSBDwIvgiyjkIye670KjDLyWwRrRsRewBcKwvSjK9LS1nhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwgz0pUr2--vYiFga5h4FieiKghXg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-b-FRDyJmqRyBLehqmDj6WA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-b-FRDyJmqRyBLehqmDj6WA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmJw1ZBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIiHY9eZN1vZBA4s_P2WScklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGFgYGuoZmMcXGAAAyHE1IA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUHO9k1UopWgU_Ydh9MbfZ2ReXztbYbdW6MFIew58wgzOOTqDGukq97gvZZyEzWvg0JctBeq5e6Um8BXrChbMXD9trMSBDwIvgiyjkIye670KjDLyWwRrRsRewBcKwvSjK9LS1nhA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHO9k1UopWgU_Ydh9MbfZ2ReXztbYbdW6MFIew58wgzOOTqDGukq97gvZZyEzWvg0JctBeq5e6Um8BXrChbMXD9trMSBDwIvgiyjkIye670KjDLyWwRrRsRewBcKwvSjK9LS1nhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwgz0pUr2--vYiFga5h4FieiKghXg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZPOLvD9QSdPV2HgTWSaUmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZPOLvD9QSdPV2HgTWSaUmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmJw0gDi9BmsQUDsrnWR1R-Il0RcZD2UeJF1ev0l1vlAvPfjJdajQOzIcZnVE4iFeDh2nXmzlU3gxantP5mUXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhaGhnoF5fIEBAM5nNTY"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVp0dv1W01C79_B7t4-d8WOQw7kCL2AJcu_TNBfifwx7l6-Dp4SE18UhXWgoitO5JeDdBbDgbVSPpwT9bxEykFVTTGjhOPZfkuc-j4UTnoHO2b2IxUuqM1J4ACfrVBbqLeRs642Xg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVp0dv1W01C79_B7t4-d8WOQw7kCL2AJcu_TNBfifwx7l6-Dp4SE18UhXWgoitO5JeDdBbDgbVSPpwT9bxEykFVTTGjhOPZfkuc-j4UTnoHO2b2IxUuqM1J4ACfrVBbqLeRs642Xg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzNTQxMDUwLDcyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cucG9zdC1nYXpldHRlLmNvbS9uZXdzL2NyaW1lLWNvdXJ0cy8yMDI0LzA4LzExL3Rob21hcy1jcm9va3MtYnV0bGVyLXRydW1wLXJhbGx5LXNob290aW5nL3N0b3JpZXMvMjAyNDA4MTEwMDcyIixudWxsLFtbOCwib2tsVlpOM2hIdzgiXSxbOSwiZW4tVVMiXSxbMjIsInRydWUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MTkwXSxudWxsLDddIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwgz0pUr2--vYiFga5h4FieiKghXg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f138.1e100.net
Software
ESF /
Resource Hash
1db69144fc87015e0613966d8cd5e7cf0698215cab367841bbcba68794c46c33
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fQ9jcraaw5sCY86LFLs-9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fQ9jcraaw5sCY86LFLs-9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw05BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAfH_dJdbnQLz34yXWo0DsyHGZ1ROIhXg4dp15s5VN4MWaR--YlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMLAwN9QzM4wsMAF9dRYU"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.13.0
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.13.0&b=1&tp=i%2FfEYs9ckhAy3hMSAFfg6tNMpQh5sqNuhXOi7gttgjA%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.13.0&b=1&tp=i%2FfEYs9ckhAy3hMSAFfg6tNMpQh5sqNuhXOi7gttgjA%3D
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.post-gazette.com
location
https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.13.0&b=1&tp=i%2FfEYs9ckhAy3hMSAFfg6tNMpQh5sqNuhXOi7gttgjA%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
csw-widget.5.4.27.js
cdn.civicscience.com/jspoll/5/ 		75 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.civicscience.com/jspoll/5/csw-widget.5.4.27.js
Requested by
Host: www.civicscience.com
URL: https://www.civicscience.com/jspoll/5/csw-polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:7200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7bd082e6496749c296216e6752deb48d7a8449ea27bb32024d7ba06b3b948d87

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:00:48 GMT
content-encoding
gzip
via
1.1 e0ed595b39732d9e9972db26854384ec.cloudfront.net (CloudFront)
last-modified
Thu, 01 Aug 2024 20:16:54 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
5003
etag
W/"336fb18be1f5b16ac3c51ae0f71f6ed0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ikmnPklFiqHj5N56OcidobwSNmZueCwXSViP4CRprYNSGP24fNOskQ==
container-4.0.html
resources.infolinks.com/static/ Frame 98A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/container-4.0.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
3349
cache-control
max-age=2592000
cf-cache-status
HIT
cf-ray
8b27a68fda7f09ce-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 13 Aug 2024 09:24:10 GMT
expires
Thu, 12 Sep 2024 08:28:21 GMT
last-modified
Mon, 18 Dec 2023 15:25:02 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame C771 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBznSXE-vIfWnZgs_eqJLYQnRjtB7yb7bzHLrBJXmUILKRGjlILGThGf9zRcF7-bYnrYYBHBACz6KpRmIMRqzuN_llPd1gvinycvIbZSOjNFrIFAS4Lp83G45uSeJtN2sIiTT5Ako_tE2BasBcmlNyfdbfhQG_tKp7cuhwh_9jeVHIow4z8eKVwbUwSRejNcrBERhQJMHMz7l_wI0ljdAKbU4nAvicxxJwbifbzN6dnjodBjC9GnEMupsusi_4FCKQjw8XBZR33F-At55mFj7g-csOBSpEoaMUN0Xx61eTiiZJnHv7Vii56dR7bBi71_Rh48U7SymHX-yYbr9Do9ROxk8CUBayWYSTuI0vL5cK&sai=AMfl-YRtL-N-XuBMY-NtjcijysgLrTLmFTxxNlU9KKV3G2zmNPw5ulNr9yOt_xgz8_FqJBnNnEpsGnPFNM1JZ1GUvRc4oHU7qi3XpwQCJTCSFous0OaZA-UPFx2mM25qxA&sig=Cg0ArKJSzE6GxdrSQgEFEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240812/r20110914/ Frame C771 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240812/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f132.1e100.net
Software
cafe /
Resource Hash
5fe8c68f318aa1e9cb2cfe4be20519c3f7bf75564b9ba3e9822e0d93fe4b7491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:32:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
67892
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9141
x-xss-protection
0
server
cafe
etag
15499051073851929161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Aug 2024 14:32:38 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C771 		204 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
4d20e34d7517ba277214444e8f314c7b75141eb1979493453252daa941808ab7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:06:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64804
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 10:06:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EA86 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0AKwMNNyWdkZr9CqiK4CUvZ9Yn9FvcXMdlprmy-ltOLbsu0CVzyBEKeePipX3_K0pVMG88k-ocUPxCPBF-688BcMlGYvXatNl9hoxupT9aMvt6i3SChimyrGgvk_beopEvdDLuNJDtEu0HrJtGG7H36nN34G_LhB37G1heNM9leRDLFsvHkm2PjSCTkHk06FvcDKDmTkBBM_VsKnhFwD2RLotEEX1307vm816epmknZy_P-zy95Zy2cd3dIsMCxUDe1NOGH-YLplsaDCXiMXUQDnWljVpJmljNwMSil6e8kMs1XuXWyAIy7eMfKXmquKsOdBsWP-MsnuNyr5xdq0dzGfmubqAQ8ne88b95f6kzpTHEBvelmECL-7xYwJKuzSVZI8Kj2VU&sai=AMfl-YRDb8BD8--7pHO_iaJ56Z9eXdy5Acg5lSLSS-X4Zfk5ypDgUiGsAwtutBV40OcjlaRrsycQKWWNT8-1rww90VpaZk5b_3Q-ZQudc_o9gHuR6dj7YPxYD9epaBpZ-Q&sig=Cg0ArKJSzHhuw8u7L2PIEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Aug 2024 09:24:10 GMT
AGSKWxXOQ7gGPC61Hvg9GxXl7zzRTTap3cVwR6Es0ipMfPiVbKxxH0p9k1W_uBkvu5ZWFn6Vy8fEs7vi_v0RmRnw4bItwO1DAudh7b0o-wmmZ932AEdLvBCOURnI93QmjZSlnoDkJwxXgg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXOQ7gGPC61Hvg9GxXl7zzRTTap3cVwR6Es0ipMfPiVbKxxH0p9k1W_uBkvu5ZWFn6Vy8fEs7vi_v0RmRnw4bItwO1DAudh7b0o-wmmZ932AEdLvBCOURnI93QmjZSlnoDkJwxXgg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwgz0pUr2--vYiFga5h4FieiKghXg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5JBx2nwqTEGOnWwkLTL0Jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-5JBx2nwqTEGOnWwkLTL0Jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw15BicEqfwRoExO5aF1n9gXhJxEXWQ4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIiHY9eZN1vZBGa83LqLWcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGFgYGuoZmMcXGAAAtNI00g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C771 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
in_cube.js
resources.infolinks.com/js/1943.011-3.034/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1943.011-3.034/in_cube.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a37559016c240c9e9c4571721e79f7a1cf1e170ce67ebceaecc83bf116b94dcc

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Jul 2024 13:24:13 GMT
server
cloudflare
age
6218
etag
W/"348a-61dfe31b54dfc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8b27a6904e95db29-MIA
expires
Thu, 12 Sep 2024 07:40:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C771 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPtDUo0t59JbXUgLUZFgjFH1aqQjTggszzDEtaRVkwsoExn6zOAUdWu8t4bp6teJEtjQzTsiyEHSipUm_0j3LSDDv8EsvwxfrYy0vPXABlLc7FPW5EO2Uvf_O0q3GC3O-nZq5a4VvzxAftXxI5NDfT-yRYeYDU3p4QGbk9VUFLpdqUCGBx8zRD98njtZ3yZ1JRQoW8nq1ndBPmIX9MwKCQh_7Cg6O56uynaEaL8rgzLxKJZ2XVui7WAq5qCG6tTWm9zuDh0so_auW5RbejvJTucK-8boHN52QdnYPjwRrU1QEV7Zqt1-lg7D1KaSMQykjKXqt8PoCVZ9OgG4nIA18RU6YsuLD8aQMq-YdHyeJSQ_c&sai=AMfl-YSQ8qTKpQ-FVEJEzMV-C7rWHZyW-mj9g4Oy0xlsZYEN4bw5YYwotvEv-73McjGHyW3ChpAlxd7pRBSzA-hSkgP9hOl60NmR9GULmC6jYwNN2Utjxgr1tEM8uFwr2w&sig=Cg0ArKJSzPJok9FZt9uXEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Aug 2024 09:24:10 GMT
web.gif
d.post-gazette.com/ 		35 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.post-gazette.com/web.gif?userID=&anonID=574c5ed79d44cc185954588f34debb8a&bids=%7B%22bids%22%3A%7B%7D%7D&referral_url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&product=web&conFrmt=desktop&airship=%7B%22chanID%22%3A%22%22%2C%22permission%22%3A%22default%22%7D
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.124.64 Pittsburgh, United States, ASN33154 (DQECOM, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:11 GMT
Last-Modified
Mon, 05 Feb 2024 18:20:25 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65c126e9-23"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
getads.htm
rt3004.infolinks.com/action/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3004.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22k_IL_INCUBE_div-gpt-ad-MIDDLE2-0_300x250%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22k%22%2C%22garc%22%3A0%2C%22as%22%3A%22300*250%22%2C%22nom%22%3A4%2C%22sdata%22%3A%22act%22%2C%22scs%22%3A%22eLLxfdvvTX%22%7D%5D&rid=e88fe50d-6ff9-48c7-b2cd-9f9ccc57e0be&jsv=1943.011-3.034&sr=1600X1200&rts=1723541050968&cfv=-1&cb=getAdsResponse&os=Linux&ov=x86_64&br=Chrome&bv=127.0.0.0&dv=p&ce=t&purl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&tzo=-1000&c=c&strg=true&pitc=77~SAO-74Fz0QfiXIBsKn4IoY4N4EA48YG3&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=MxPkiX2JfmAklwHqlgcS6HcRPHjlVsKiQp47vCPQrXzCuxw9dFWGh9pz5Q8oK0oWOE5ORLdc96zUQu4VWeNeX-ydT_1QRDjxwFyaYGmPZWofvrNnp7X6iaRvevvR3_sUOZk5yJ23SKqWILaIVfotsf9pnmqsGBko&rsk=7&rcs=vup1hM-RBnJIOz0WYdOpBQ&cuid=ce618014-4649-42ad-9f85-b83804158eb9&ique=&li_in_us_res=null&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9962eb04391878287c41e863bebd5a15750990c1858413d0582b1a2db624342

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
en-US
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
8b27a690aeb8db29-MIA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
any
idx.liadm.com/idex/did-004d/ 		126 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-004d/any?duid=9f2ec9c7e58b--01j55gtnmxqxp97sd5gw1v9zg9&did=did-004d&cd=.post-gazette.com&pu=https%3A%2F%2Fwww.post-gazette.com&resolve=nonId&resolve=uid2&resolve=index&resolve=openx&resolve=pubmatic&resolve=magnite&resolve=bidswitch&resolve=medianet&resolve=sovrn&resolve=connatix&resolve=thetradedesk
Requested by
Host: d-code.liadm.com
URL: https://d-code.liadm.com/did-004d.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.157.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-157-150.compute-1.amazonaws.com
Software
/
Resource Hash
0e92f6edcb4a01166bcd35a9ca9fedf65ac34a2c400a61e63ae6aedf8cd5a4ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
5
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
max-age=86399, private
access-control-allow-credentials
true
trace-id
2de4d658e7d2af20
content-length
126
expires
Wed, 14 Aug 2024 09:24:11 GMT
535.json
id5-sync.com/g/v2/ 		638 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/535.json
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/id5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
1a86733efabd7a2d7c2ee6695efbcdb26dc6d9010c60b716f629e5a8df70e0fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.post-gazette.com
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
346-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/346-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/879C) /
Resource Hash
ab651b30a03d6ef88757b92dd46c5c3ae6c446679258eba411b61163443e3db7

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
srH3jquuOa6uRph7yN1CQXEIhqfpDjcI
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3343
x-amz-request-id
SXM12DCASFP9RYP8
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
60247
x-amz-id-2
0sTYSh1++DILNduO7DmqIe8H8jPbHiynvnfNL2Uhpg8yeKIYHQ7xhF3GYDT/a/5guoDBA07Bj4mJoTHoUA+mcVPl0gVyqy3Z
last-modified
Thu, 25 Jul 2024 10:37:53 GMT
server
ECAcc (mid/879C)
x-ioriver
Edgio
etag
"ab9fd44dd9aaba57aab32b28f9a5a067"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;35:3;
cache-control
max-age=31536000
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
shell-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/ 		103 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/shell-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/875E) /
Resource Hash
f280a2e38f285caa8e8e3144daf9e7d8fcc39e5347b6c0b948f8e18773d07571

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
K1_ChomwdeaPKeoBjUo29KOyFfMi_U3K
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3343
x-amz-request-id
SXM99JVYQG5ZV02T
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
23548
x-amz-id-2
rH9ccmFgRvELfUbq4/XokTxM3SEIukJbBUcY+Q87kBNqNbkSxMJnWZEC7tPgZdGRCUQ/3rH6ep4=
last-modified
Thu, 25 Jul 2024 10:37:53 GMT
server
ECAcc (mid/875E)
x-ioriver
Edgio
etag
"d476611469b9a49b232dcd43be709648"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;35:3;
cache-control
max-age=31536000
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
720-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/720-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/874E) /
Resource Hash
2bebdff9a8d14a584340d840172e79de24abef6002d3ee18f155d108d9b62039

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
JkDkGJrWIpJWjH_p_jry2w5UwaAgLtkk
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3343
x-amz-request-id
SXM3Y0TWPC0E372D
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
12724
x-amz-id-2
GlikIMOe8uI05CvSaiHDPMVHt0+i7tVH9tVVNSIGihddY+okf0SvWAmGCGJs6w9bFCiPpF2it3Q=
last-modified
Thu, 25 Jul 2024 10:37:53 GMT
server
ECAcc (mid/874E)
x-ioriver
Edgio
etag
"f4f692b363e97998fb675ec2b7c74c41"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;35:3;
cache-control
max-age=31536000
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
765-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/ 		324 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/765-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8709) /
Resource Hash
5cb5bb12f14018bbe44f2718091ebf346bd74dad71fd986ec8ed23443172b8cd

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
hQA_iNKwkdcm9z.n2GtfWMM3jdFRV_WO
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3343
x-amz-request-id
SXMDEF5DXK484CF9
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
82125
x-amz-id-2
eNyIBztL9duDRowd75Ge3tQzQyeWlNoCGAgonTtPdXG9II6dOa8rpx03HEfDGTMV0N+tko/51WU=
last-modified
Thu, 25 Jul 2024 10:37:53 GMT
server
ECAcc (mid/8709)
x-ioriver
Edgio
etag
"069fa1ee574e06f81e2c962b84a8f878"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;35:3;
cache-control
max-age=31536000
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
714-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/714-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/870F) /
Resource Hash
c933b27d7336ddfbf60583d2f6aeb5e2d4ac5aa9d006aa07b3f9157de998f1de

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
7klLxITmecNP2Fs_kp17YoUkTDeUbF87
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3343
x-amz-request-id
SXMD2YZMGR4MGNTH
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
1776
x-amz-id-2
yGc3PH1QMTZfuDGdJVMi09qSe8vq3dhyD1RQXWb0oBMplizb/craQzz3pc2dQEHLWEJbAb5kUSI=
last-modified
Thu, 25 Jul 2024 10:37:53 GMT
server
ECAcc (mid/870F)
x-ioriver
Edgio
etag
"c9e7a5f2e30ae2bffcf57980781c61ab"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;35:3;
cache-control
max-age=31536000
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
sp_wfO5dOu8
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_wfO5dOu8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.111.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-111-103.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.post-gazette.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.post-gazette.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Tue, 13 Aug 2024 09:24:11 GMT
server
fasthttp
x-cache-status
Bypass
authenticate
api-2-0.spot.im/v1.0.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.111.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-111-103.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-post-id,x-spot-id,x-spotim-device-uuid
Access-Control-Request-Method
POST
Origin
https://www.post-gazette.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.post-gazette.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Tue, 13 Aug 2024 09:24:11 GMT
server
fasthttp
strict-transport-security
max-age=31536000
sp_wfO5dOu8
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ 		25 B
755 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_wfO5dOu8
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/137-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.184.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-184-20.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26

Request headers

Accept
application/json
Referer
https://www.post-gazette.com/
x-spotim-device-uuid
3593de28-31ce-40c3-ad44-2c27d3579c59
x-spotim-page-view-id
8ba16e39-784a-49b9-b4f5-d79982b35e11
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
server
fasthttp
x-cache-key
fa0899d3801a8b5b4a9e21e936e1d24c47fe726ce145374674e3e847d0026c9c
x-cache-status
Hit
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.post-gazette.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
content-length
25
x-request-id
cb534f65-5955-11ef-bb5e-921596865b72
authenticate
api-2-0.spot.im/v1.0.0/ 		394 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/shell-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.111.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-111-103.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
f072ddb49035ba29c284c98f6a8068124c62170a1d6388fddc698c61cc9a9468
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spot-id
sp_wfO5dOu8
x-spotim-device-uuid
3593de28-31ce-40c3-ad44-2c27d3579c59
x-post-id
no$post
Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
strict-transport-security
max-age=31536000
x-spotim-device-uuid
3593de28-31ce-40c3-ad44-2c27d3579c59
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
x-spotim-networkid
net_post_gazette
content-length
394
x-spotim-token
01240813Vm5Wqx.4475463f4f7730fe8fc28ca267fa03f1bb476c0eb949755779e8800581e205ee
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfZHk4R1g3VndRM3J6IiwiZGlzcGxheV9uYW1lIjoiQ3lhblN1Ym1hcmluZSIsInVzZXJfbmFtZSI6IkN5YW5TdWJtYXJpbmUiLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjQ3lhbi1TdWJtYXJpbmUiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJsb2NhdGlvbiI6IiIsImlzX21vZGVyYXRpb25fdmlld2VyIjpmYWxzZSwic3BvdF9pZCI6InNwX3dmTzVkT3U4IiwibGFzdF9jaGVjayI6MTcyMzU0MTA1MSwidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTI0MDgxM1ZtNVdxeC40NDc1NDYzZjRmNzczMGZlOGZjMjhjYTI2N2ZhMDNmMWJiNDc2YzBlYjk0OTc1NTc3OWU4ODAwNTgxZTIwNWVlIiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX3JFVGVXWXVFWDFvRFFhR3NNb3Z4IiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoibmV0X3Bvc3RfZ2F6ZXR0ZSIsIm5ldHdvcmtfbmFtZSI6InBvc3RfZ2F6ZXR0ZSIsIm5ldHdvcmtfaW1hZ2VfaWQiOiI5YmYyYzJiYWZkZWY4YTA0YjQ1ZDg0Nzg4ZWZjNWE4NSIsIm5ldHdvcmtfY29sb3IiOiIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3NTE5NjMwNTEsInN1YiI6InVfZHk4R1g3VndRM3J6In0.obdDyPz0eNhVhQS25FwkFsPgwSq5t_tpFevWhbDt3ME
x-request-id
cccf2708-5955-11ef-980e-be6a3d977793
x-guid
3593de28-31ce-40c3-ad44-2c27d3579c59
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
with-all-vendors-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/with-all-vendors-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8712) /
Resource Hash
664ea793b11d14b85e39c167d3404271735a2bae369aa89881c3dbb62510f9b9

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
capVQGixxGF978Hds7yfzfmLESpeWAQ3
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3343
x-amz-request-id
SXMEMT1SK7TFYD15
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
7839
x-amz-id-2
Qv/wzW197Siy0ZhKp8C1qFH3nkmvztwni8ok3NJVenVgbX5a81xUnWRyQPwcGSxPbUEU7v2k7g0=
last-modified
Thu, 25 Jul 2024 10:37:53 GMT
server
ECAcc (mid/8712)
x-ioriver
Edgio
etag
"9ef2bef2665c676643d3d3d8a87f79bc"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;35:3;
cache-control
max-age=31536000
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
registration-bundle.js
static-cdn.spot.im/production/registration/tags/v1.46.0/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/registration/tags/v1.46.0/registration-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8717) /
Resource Hash
9db9a5a8d328c70b53272d4dff11e298182278108dda394dabac4c79410ec279

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
aRtQD7ExfBsJaPyLxWawsKAx0U6QsvMn
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
8170
x-amz-request-id
YTW222D23JHJAE9S
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
16888
x-amz-id-2
1KdKE6crt+JtIReVIqC6gY2eMTu1pAVBh/B3oOrK726r+whzMylUMv7YtqU8cJ16jTahMEgOe7idxgPRAIOBh9HucrWRHn2n+RCGCzh4THE=
surrogate-key
/edgio/static-cdn.spot.im /edgio/static-cdn.spot.im/production/registration/tags/v1.46.0/registration-bundle.js /edgio/static-cdn.spot.im/production/registration/tags/v1.46.0/registration-bundle.js
last-modified
Thu, 07 Mar 2024 10:38:51 GMT
server
ECAcc (mid/8717)
x-ioriver
Edgio
etag
"177d755de6b69409abff86651782b3f9+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
notifications-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.32.0/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.32.0/notifications-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/872E) /
Resource Hash
6f5d317d097e89e8d040ac05932e166ca0b24606c27b2b23adbf225d50ad4379

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
mIfJIPd9uBV_JYLUch0zS8lA1dBqriYn
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3343
x-amz-request-id
SXMB2BEPEGYD9X50
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
3036
x-amz-id-2
ASAukA8lxFcEiHj0ke02Ys5yVYkp8d7DZZRfJEnSfJs1TCxv5HQFyfkmiQ9KJe5Eqd28WM73OxA=
last-modified
Thu, 25 Jul 2024 10:36:42 GMT
server
ECAcc (mid/872E)
x-ioriver
Edgio
etag
"1a0d38af73c15e90881dd74b213e5ef0+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
access-control-allow-headers
*
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4A00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMS1lwEQo7u_ARiS6a72ATAB&v=APEucNUfaxdZhZimSdh1VB_6n4dc0B0_snFP0yCI9WYihC6NqRW9M8koGs_iK7yxyJNX2xXaJB3rAxFE6Mr2EMNucn61c0wAtE1EbIJ5EsT53Ul9EStcPAs
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/frame_incube.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 09:24:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2ED3 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/frame_incube.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
4b69a3f605576e2a0cdb6abd74d3efdf893c4b6124ace390559d62437b9553d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35122
x-xss-protection
0
server
cafe
etag
2418474175030562626
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 09:24:11 GMT
infolinks
ox-rtb-us-west1.openx.net/win/ Frame 2ED3 		43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-rtb-us-west1.openx.net/win/infolinks?p=0.131&t=2DAABBgABAAECAAIBAAsAAgAAAhMcGAp3SUJpdUh0UUNoHBact9Lrs_6DgrcBFrGcnqH2vo_oqAEAHBbPw_XKzc2z_c4BFuGXnuKa7ajdvQEAFvaY2esMFQY4JDczMTEwNTI0LTA3NTAtMDhjNy0wY2U4LWY2MjQwYmM0MWVmORwVAhgNTUxfRkVFU19NT0RFTBgTZm9wLW1vZGVsLWNhbmRpZGF0ZQA5DAAsHBUCABwVAgAcFQIAHBUCAAAcJtbStYgEFQQ2ztK1iAQWlruBhgQlAhUCpoYCFoYCFoYCFhQWFBYUFhQWjgQWhgIWhgIAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWnuWigAQW2ri1gAQW1u6pgAQVGBwU9AMU2AQAFQQmjgQWjgQWjgQRNQ4mjgQ0BgAsLBa1zq37heXWsagBFp-w_-nm_eaY1AEAFvaY2esMBii82ZiABBae5aKABBbW7qmABBbauLWABBgJNTE2NjY2NTE0FsbKARaOBCUEFoICGAcyNDgwODM2FQKhERgCT1gMehT4AxTaBAAWAhgDcnRiABw1BhgNT1gtWFBULWg2a3B3WRYUXCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa-rfKWBBa8rfKWBADMGwGIHk1MX0ZFRV9PUFRJTUlaRVJfSU5TVEFOQ0VfVFlQRQVvdGhlcgCsOA1haXJjYW5hZGEuY29tAAAA&ph=e33c1420-b041-4c33-896d-fdea8d16166f
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/frame_incube.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.202 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
202.70.96.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
via
1.1 google
vary
Origin
x-forwarded-for
38.132.118.74
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DxKPpMgXwcEnFCzBr7716Kzmz1qefSIhPTU2Ukw4I4oOFM_BW69lVil33DLeJBua_874K30eSbHR4t6yZXiDqdF_404bVG_49wIwGVyKKC7vNztpg
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/frame_incube.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview.htm
rt3004.infolinks.com/action/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3004.infolinks.com/action/adview.htm?rid=e88fe50d-6ff9-48c7-b2cd-9f9ccc57e0be&bdc=1&midx=0&emd=OTQ5fm51bGxfbnVsbH41MTY2NjY1MTQ&rts=1723541051548&prod_t=k&jsv=1943.011-3.034&sdata=act&scs=eLLxfdvvTX&rsd=MxPkiX2JfmAklwHqlgcS6HcRPHjlVsKiQp47vCPQrXzCuxw9dFWGh9pz5Q8oK0oWOE5ORLdc96zUQu4VWeNeX-ydT_1QRDjxwFyaYGmPZWofvrNnp7X6iaRvevvR3_sUOZk5yJ23SKqWILaIVfotsf9pnmqsGBko&rsk=7&rcs=vup1hM-RBnJIOz0WYdOpBQ
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
8b27a6944c20a563-MIA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcl.htm
rt3004.infolinks.com/action/ 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3004.infolinks.com/action/dcl.htm?rid=e88fe50d-6ff9-48c7-b2cd-9f9ccc57e0be&prod_t=k&sdata=act&bdc=1&midx=0&capara=%7B%22cubeSide%22%3A0%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
8b27a6944848db29-MIA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BC68 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiEYl_jQJb3x6A5ijdRq01kGeq9raiVhs0WizUqewN3n8oI6Orr5DzKd-2dawvAVEFUIY5s8hAaozVKukpLHx6Z1etD7h3MW3Hm6mRvvD1JxsXBzDT2Y9fCEWl2wozKN6eZSKJt0ikZhlfWi4yqovdOzyy3XgY79U&sig=Cg0ArKJSzNR_w-MeRfa2EAE&id=lidar2&mcvt=1023&p=145,436,235,1164&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20240812&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=460937869&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1947385000&rst=1723541050316&rpt=209&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
144-bundle.js
static-cdn.spot.im/production/registration/tags/v1.46.0/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/registration/tags/v1.46.0/144-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/registration/tags/v1.46.0/registration-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8779) /
Resource Hash
f32047679c9382ba48e45da832496f9f6cdae54063126b324e84d7aeef0f4cc2

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
GK0yTB23bdsXRrl6EJd1WBwDEsDSsEE3
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
8170
x-amz-request-id
YTW9J3TQH0DPTK84
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
1731
x-amz-id-2
RcniQ7JWqQ/7a3OalMb3/JZAcg4MYnjw3S0HFRe7nonwYGQDeM+VsKVZWNz9R9EcjqaCBQAlvjc=
surrogate-key
/edgio/static-cdn.spot.im /edgio/static-cdn.spot.im/production/registration/tags/v1.46.0/144-bundle.js /edgio/static-cdn.spot.im/production/registration/tags/v1.46.0/144-bundle.js
last-modified
Thu, 07 Mar 2024 10:38:50 GMT
server
ECAcc (mid/8779)
x-ioriver
Edgio
etag
"58dffe7d77a44ac7cce3ddea50cbf9dc+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
src_next_index_tsx-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.32.0/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.32.0/src_next_index_tsx-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/notifications/tags/v1.32.0/notifications-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8792) /
Resource Hash
257f5684305e27f8f79fef182441ab367706fa2114f0db16857663c085c96ef2

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
2kWDZPGQbkIF7pKjE27aO5OkG4ESFygg
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3343
x-amz-request-id
SXM7M5RN1WDK78GQ
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
1091
x-amz-id-2
JfSPuPdjHivrC1yZEKNY+eVVh6Ji24SUJrFgeMQOhrDARCoPxsiR/holD8jD9DYTHOIdUBSQQ/34vH0zch2Fd0gEtGBnqJSV
last-modified
Thu, 25 Jul 2024 10:36:42 GMT
server
ECAcc (mid/8792)
x-ioriver
Edgio
etag
"36c8aade18b36a9e98b730b415ceff22+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
popular-in-the-community.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/ 		165 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/popular-in-the-community.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_wfO5dOu8?_=1723541048306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8777) /
Resource Hash
d3e573254f95ff9a37e8b3b91cbee1b95df6171ee1935869d240b9a2b498e5da

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
XkMUfrYy7kyDhxoxtggfBMYECTKPadEs
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
8169
x-amz-request-id
PH3E4SC0VE0N7AX3
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
53206
x-amz-id-2
FtYM3I9jZHFyhQl3gBN3yuP9KLFvU3VOnpTRERVFY0fxsgWKWmKYo8lxa/uWFC2yeUCHHm9bO0c=
surrogate-key
/edgio/static-cdn.spot.im /edgio/static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/popular-in-the-community.js /edgio/static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/popular-in-the-community.js
last-modified
Wed, 13 Mar 2024 13:04:09 GMT
server
ECAcc (mid/8777)
x-ioriver
Edgio
etag
"6f81ea90a4861d6247fe5d2cfa945067+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
grumi-ip.js
rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/ Frame 66AE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.18.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:4e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
469b20e8c4563baef08f32e079c54fc4ec031b9340bc6908b07c13ed416990dd

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:27:47 GMT
content-encoding
br
via
1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
x-amz-version-id
oAgSZ2Pvn8csPeagFqhA7x0bZdNlEjiV
last-modified
Mon, 05 Aug 2024 08:54:36 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
3385
x-amz-server-side-encryption
AES256
etag
W/"c1f96a4d4cd34960b4804f32f6d3f6bc"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
x-amz-cf-id
LzyvSNP4T_XTtWVF8P1D5v3lBwYlixPRHix0-VK-Xt02GtQzVGwLkA==
hb_270443_6800.js
player.spotim.market/prebidlink/478761/ Frame 66AE 		2 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/478761/hb_270443_6800.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c2c71252eba468ebf859a352e265c06b48cf367c149d876ba4321dccd90969f2

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
gzip
last-modified
Wed, 07 Aug 2024 10:08:10 GMT
server
nginx
etag
W/"66b3478a-600"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
expires
Wed, 14 Aug 2024 09:24:11 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 66AE 		104 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
afcba7f68454a29a0dc6f862ad91044483209a855d5b6ce3eb0190711f51c0e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32512
x-xss-protection
0
server
cafe
etag
469 / 19948 / m202408080101 / config-hash: 10589801001151833534
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 09:24:11 GMT
wrapper_hb_270443_6800.js
player.spotim.market/prebidlink/478761/ Frame 66AE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/478761/wrapper_hb_270443_6800.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
f05cc8e809336d474eb7167c7c96d6130d376a816607deaf469132d1a4957be8

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
gzip
last-modified
Wed, 07 Aug 2024 10:08:10 GMT
server
nginx
etag
W/"66b3478a-9f6"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
expires
Wed, 14 Aug 2024 09:24:11 GMT
ad-choises.png
publisher-assets.spot.im/yad/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-32.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 04:44:57 GMT
via
1.1 3316ddaeea3a736012726e9c08426818.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
16755
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4550
x-amz-cf-id
yIYdUX2uh_68l_ZssccQ0TJmiY92YB-B6Us9prRF14kUwypiMbQeFw==
9.gif
id5-sync.com/c/535/1242/0/
Redirect Chain
  • https://id5-sync.com/i/535/8.gif?id5id=ID5*s83cbQntST77-wny25AjN-Q7E6-IjE1kBFPscPX_JiG6ZVHckDDww8sWpwlfXqUJ&o=api&gdpr_consent=undefined&gdpr=false
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=9d726017-cca8-4359-9a78-959ca9a44b9a&ttl=%%TTL%%
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F434%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/535/434/6/3.gif?puid=cb9aafa1-bfe6-44b6-af4a-589a78bec437&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/535/2/5/4.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/535/2/5/4.gif?puid=5740716073175427095&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-71a8jRH0a38HtKdfbJ5iYMeu-gxw8DGAr1ElcQObdA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F535%2F124%2F4%2F5.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-71a8jRH0a38HtKdfbJ5iYMeu-gxw8DGAr1ElcQObdA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F535%2F124%2F4%2F5.gif%3F...
  • https://id5-sync.com/cq/535/124/4/5.gif?puid=fcc3eeba-da8e-415b-869b-d853219dfe31&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=9d726017-cca8-4359-9a78-959ca9a44b9a&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F1245%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/535/1245/3/6.gif?puid=JJ10ABZHC7ELi6jTQSyF4tgi&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/535/429/2/7.gif?puid=20AE8506-B39B-4ED3-911A-D0EB0876E76D&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F441%2F1%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/535/441/1/8.gif?puid=u_999cd69a-554f-47ce-92ad-a944415cfd39&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=58&3pid=20AE8506-B39B-4ED3-911A-D0EB0876E76D&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F1242%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/535/1242/0/9.gif?puid=JJ10ABZHC7ELi6jTQSyF4tgi&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/535/1242/0/9.gif?puid=JJ10ABZHC7ELi6jTQSyF4tgi&gdpr=0&gdpr_consent=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
CP="CAO PSA OUR"
date
Tue, 13 Aug 2024 09:24:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/gif;charset=UTF-8

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:14 GMT
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://id5-sync.com/c/535/1242/0/9.gif?puid=JJ10ABZHC7ELi6jTQSyF4tgi&gdpr=0&gdpr_consent=
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
expires
Fri, 20 Mar 2009 00:00:00 GMT
pixels
pix.spot.im/api/v1/ 		0
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/137-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.57.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-57-62.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 13 Aug 2024 09:24:11 GMT
content-length
0
content-type
application/json
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED3 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8609513703485&version=m202406030101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED3 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8609513703485&version=m202406030101&ct=76&x=9&cor=17643169826373458000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2ED3 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASMQR6cv4C7fQNN5g9hHXrHQjQtdy1kneuza2DEOWX1V0m3Z5CEdE5aIHqv7o7GcsGQRw8U9Q84-PqVKrwgwfO_37Fr4iSVd1h4BHmHfW_7mOaAaM0T2WOvLiNmQH6OIunAIQW3lZ2TExUbLWLoHSJaKKqYhkWJWWlxc7yX3qQIfX9CMo&dbm_d=AKAmf-BsOMSU48OHjrHTkjqsPx03NIiBIbbzcAIChtiPtxpmvxFGVprn-q6unvPUmRz2Z-UgdvM_9Bg9HyKmp01J20RiaNiaW6j0TKtXuqyzmIY9xYZyNHZsFgxd9HdRVixynQoPElspPDd3jHhW5lIm-q2t6G_YXR2eNCW8HnRKiDuIh00Rg8wWlSJOn2UkfY1-dhRSQXuOLIqDYUV1B-C2Na_c7Pod1tDXYONC_GRkssHqFz6s6BrRHpWFC6bbxLDytabCA8I92Ln5Ux05pfnFrnfccem1_rKesjfa9VDj3hJ6fe4iubMNz2DloPLJGmZ_Ir35xShc_ECUCq_faQQYXNQNzJXf5N2fbbG-Dy5KZhczzty9FX3_dc4upD3QkpGKCp7HtS-osbMPMxMbS_3RoPhULXfav4sKGR4b8U-unSbt73pyujWpug6FDJjtrFYuVWoMW3SsyR3l3EN8RE_jePEco3cGSbHoTwzQHDa4OYUkMOW5o-TQGjoCLzwUfEEoYcEq2sDDHQ12jyV9fR0rC0941dGkZ3zOzMKUTSYUZTCGmmRdWjpeAFvegpbVUYKh3eM1C9G5I9Ze7C65qDN0HC1S6Y1vUFGxbY9SnnxPU7ONeCrpTNjRcvvNqj01TxPJiNIxA_TljZxGoGPZWvm2WLmVjroNJNhRfaBdwTRH34eEQlvgwH1bw3P5RfhE5HFTqyfwNw74U0ghqMeTMqXHvnHsuUaY3K0HyXMLX4NXrEhNSdddQMi5w4VBV98pBYUCxO4srse65fNv-2gKmM_Vu55xdxnPka0SUUZunmxTVR03ALMOds69u5H1uqzanOveRkSHXC4_VeWcrh_IGHcnDdvxLsGwKfcTV2pQ3fZfLGZ5EsWeKEEUXTaJplOehBCq4MIbEC5LiXCPngCh_jv59EWoxXRizjUAWdScW0h9UECtqdZe_S_xdwKDdOQ1T4FpZzMiAuFXY22Y34m7_wyWgmUncxjeiXr6E3BGcl1qUZb2YlVw5vOb1AVXm2ClqU4Hs1Usg5zh4Nkf1WJGCiYEV2_F4W0k6pJRzGSN4oKoJtKmkVzaNlBtDvUPccss6n4MYeY54axejHmCNcsoCE-_h_rIjG5mg04B8yFr-QuJrenr9IodAu3h2P1UTKC-KvWe5hJg6eY7SlbEW5Rvm3VN9x6IbTeYz87wqJYJP98QdROy_-ozvo0qNnYaimYb-Fn2bMjioTO3nXhRn3RSz2vG0aE4CZg0xCTVfyncA0h8KgJprP70-3zsCnxez477KFXVFch7wz1S7gCW7iJDNUXmQW9mxlBn8hwjj2oy3rc-mUe6JZQ8POENzkPQIqhGY0vIphNrEyvJE4Lv4odz_KBT6kJJtIaSOKrNtArOR5bh_XOQg93RfFE8NikuMflMRsVIE7xI2mishl7yVzJjKddUXwauORkpgfa93WioIDhRSUcSWS9QOU6A-8wei-NK8JONwwYrk8KlGBfeaGHE8Mxj1mjCyOkhr7x1QzXnP8x0tYkXM5SyOhLfMCX4AxeXoIK_f67vHBdi4b-98TfKWPa_49shRGWAg9yXvx1SFgGq_6mwNTYTIlBg-ZdGrjdzmhobxN2OfBKEoJRI072kOind76f2BXaAwV7HA1x6Syj65q8PHZp_aFifWaKDzSDK41SqtHf97cdXRrC3vAk0nRSFdC468nJk7qbUG_UqlD3M69LFypM6vLW2LBa7-ji9IJW8EH2ITagb94h_iay-N3lfexTcAEPzB9-_QwKflqS-IHBLnWtdqOGDPnNPqvO1Ibw5KG8T_AAWvgsuolCCdMgsU40v3zeb54W0L4O3qwsG50CR_cdzjycUgzX0gsr_hI22bYD-6qFIcBedm2HiQBplrjwIaoaGAuoc_tYsPgWri1RhiIzawzZrJ7b5q_2v03xgz2JLnE2FMv4R4SWERO_l3DrG4g7mY9MQMe5GL73kuJpj8yik9ObTj8vpGGBloflsjef5JutalNx_O1P1PZjttdftU2kGmQEjdDp9_wKLvXEoY_2HWRVCvtj8UFAWK3z0EnQCh398uD7m0HRH4Qw0YJJMzidEZPMiVoCbRQr_l25Ko5RBInyRSI-L12EjnQ55gcz3XeaaG5u8DuAfPBVGhCDO-trBlyob7LJiUI0xFodnqLC649YOHDlR2BA6TG2SH6cR6aGJP07ue0V5U7PtrU9IhLpsPsdWn19ILOwj1c1Lx24LFzJbpcrdoW8jzSa-rtfcpoi8_-OMkHejKzQNTVqfvrcnVtrsLcS2F_1WUkij-pXc7DLHjgK5cJTz97VDo1IUZeKDpTX4bpICqRe5_XdfbWXsdedvnJ2ylfQRcxY9R9l-sD_i9-h8wHcxK93B_N0CWLdq4FkcdQec221IYvmfq2OSNGD-mBKzzec_XpilQtmdUEJuDtTVuv1p8676ZkeuQf8N06NmpOUMLaRdiB6Zr2dESeRMWXw3iernpP5R6-nbRdTC55yxKWGJt3dvbfj3KbQQ2I5ZM7FYCk-rKH-KpokCpYPk8szOmeD4x5o5uVniUwCKNlpDfdBnOnIOtjD430jKOeI8KllDKTLmHwtZYve_fvygPmJ_UiLhJnS1pXH0MCsgPXLsV8MlXtKk9pjtjrVKXeB3SeHFnurB_xnRtcJNc_AYkaxMxLL15lhLbzTRkTufeahRJujWhnw5FGKOEhdRYuWra35T3Lm7W3jt8eQRijKYAPEdtRTsFdoQaAA5Ay3wnGVvSArlMHatdwSdkYeszvMWfoz1ATwO-nIzNHMpR49hT_aU6FsqzkSQJarOO7d_cWYYUcmGYO--_8MxfbUslfbIA1G3wOTpVw8V_kT5jD8jAIxop7J6JmK8dWjoVpi5uNjTOgEI1gjVuowuwCrBbgfJ8u5tx9WRj4AFlzSEYujch7Ia-ZnFcspFEdPSQMSkL4pKzvpnpQ3JGzeqVNHJsRMT9Nq4mcqTXwbwBJgnu7j0aohnCfpQmn7EGUHHGSfUCENvMkOB1jY7fvuAbdrgwALGHjveTHAh3jp-L3W3o4KLCOH81HnWA57oOn2i5neX1FgnSeay_LaKJPyxCEq2pyE22t9dfd7p_DNpLc_Zr6Rj6iY2BoFow1sysF3uEFJsMx4J4xRNQ2M7Tz9p5O_uHhtE9IIL7An5jvFrB1SWFzvE4RR4vHRzijSOA5u46MifIQ-0yxSWb8NXgnQWzVeCTzAHzbCIiX00c1opRyEdoiZnyhlLdFORlLDiezoRBNJMUD6ahQxS3XuBJWW0d5tw41pgEPf5FRuDuyLjoNDyGzyqGlBc0qrOZY7YiI6s9FcJcBgAyagJtYQT0quGWKgMnAiR1yXFh1snBeXqf0OqeyylTZPqvhHf1cb3pYVnsSD2ivMkNQbCb3RMaI34ECLOc-gc0EYjhSEsE_koJ2Zjc3uX9cRf1u0_A1WbTLWduHkfKxo0sJWGfIHXZEb1tt3IfgYGGDGSVnt7Zz_SKbh5Wu-EmWv0WF_FCDIT6p8cHSoL3Uj4UEHcYZCVfGa8UXJjVhcsME1o7yGnKULAaPORE06uxPliE7CN5zgIJ-uJn6yfpq-Ac9eJMYm3d5IkRwkTbbOk8YhXHeXgUDoUbnZSq8ypBSPcmtwn-WmnGupqQJAuZXetUv8EuCcleEMRl9dCyv_rxxY6OICXIazW3R0aLFlbUsx5FwBvRkxQ43jl4HCVzgKmUXIKCoh02YXOSdT379ychPf7jyZDsMMfLEftlSY7FMv2tZwlkOS19S16aS15dxyD82ouOSAIO6EjWsRDCnuU9DniouJKzFS2NAnPm9IrVdMAbLKHQuzbeDa4oaO-mHGMUwxQzttgGOeIBYKQ0pV3ajucyu1EYqYDyL_2-GEwyvHwGs7LgWMeN6UMmBc&pr=9%3AAAABkUsNV5C9QaOGr_c2XXm-lWK0gAQAT8CEEw&cid=CAQSKQDpaXnfuc2ftPatiJxB6Eqg_4D5gwQ3AikT4qHNLoMvRQ8DUyN3S9vmGAE&xfc=https%3A%2F%2Finfolinks-usa-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAhMcGAp3SUJpdUh0UUNoHBact9Lrs_6DgrcBFrGcnqH2vo_oqAEAHBbPw_XKzc2z_c4BFuGXnuKa7ajdvQEAFvaY2esMFQY4JDczMTEwNTI0LTA3NTAtMDhjNy0wY2U4LWY2MjQwYmM0MWVmORwVAhgNTUxfRkVFU19NT0RFTBgTZm9wLW1vZGVsLWNhbmRpZGF0ZQA5DAAsHBUCABwVAgAcFQIAHBUCAAAcJtbStYgEFQQ2ztK1iAQWlruBhgQlAhUCpoYCFoYCFoYCFhQWFBYUFhQWjgQWhgIWhgIAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWnuWigAQW2ri1gAQW1u6pgAQVGBwU9AMU2AQAFQQmjgQWjgQWjgQRNQ4mjgQ0BgAsLBa1zq37heXWsagBFp-w_-nm_eaY1AEAFvaY2esMBii82ZiABBae5aKABBbW7qmABBbauLWABBgJNTE2NjY2NTE0FsbKARaOBCUEFoICGAcyNDgwODM2FQKhERgCT1gMehT4AxTaBAAWAhgDcnRiABw1BhgNT1gtWFBULWg2a3B3WRYUXCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa-rfKWBBa8rfKWBADMGwGIHk1MX0ZFRV9PUFRJTUlaRVJfSU5TVEFOQ0VfVFlQRQVvdGhlcgCsOA1haXJjYW5hZGEuY29tAAAA%26r%3D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202406030101&nel=1&rfl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ds=l&xdt=0&iif=1&cor=17643169826373458000&adk=2011417064&idt=78&cac=0&dtd=41
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f157.1e100.net
Software
cafe /
Resource Hash
b867a211cb979a42dceca553a4bb5353a5e65dd251070e5a15f4f96341d370aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44992
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad-choises.png
publisher-assets.spot.im/yad/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-32.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 04:44:57 GMT
via
1.1 3316ddaeea3a736012726e9c08426818.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
16755
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4550
x-amz-cf-id
yIYdUX2uh_68l_ZssccQ0TJmiY92YB-B6Us9prRF14kUwypiMbQeFw==
player.js
player.aniview.com/script/6.1/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.18.0/ads/ads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:1f::1735:23c8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
387c32aa463693988f1bef965a815ad469526de7e8191631afbe77fb6049d5a3

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:11 GMT
Content-Encoding
gzip
X-GUploader-UploadID
AHxI1nNSBuliT6KhosSfXprFVBaghx7UtmVKHYTIQexvGLsJwvlI3ltc8eWqLgVx-aJ6VJm7MQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
16163
Last-Modified
Sun, 11 Aug 2024 06:17:26 GMT
Server
UploadServer
ETag
"1e33347af8143878674df1e10beba7ca"
Vary
Accept-Encoding
x-goog-generation
1723357046415573
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=8sFpYQ==, md5=HjM0evgUOHhnTfHhC+unyg==
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, no-transform, max-age=900
x-goog-stored-content-length
16163
Accept-Ranges
bytes
Expires
Tue, 13 Aug 2024 09:39:11 GMT
track
track1.aniview.com/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=62569d35967beb67a42364be&e=playerLoaded&cb=1723541051704&r=https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
pitc-boot-next.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/pitc-boot-next.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/popular-in-the-community.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8751) /
Resource Hash
9a4590b824fb6f8d43f7d21d87206676ab548a6d57d65d25410ef42fef8d0a0d

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
SS5snlK4AlluCIFtW7yt18WxXKG5WbTF
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
8167
x-amz-request-id
B5QBWRAQN4B21V2V
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
5171
x-amz-id-2
Rt4q711nVvBQcQVZ/eJnoPYP1vuIrVeDxnLAWZLrQ1HaUnVrSq9qObS1zYA3d+Ndu3yFjxeklt4=
surrogate-key
/edgio/static-cdn.spot.im /edgio/static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/pitc-boot-next.js /edgio/static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/pitc-boot-next.js
last-modified
Wed, 13 Mar 2024 13:04:09 GMT
server
ECAcc (mid/8751)
x-ioriver
Edgio
etag
"467962a11c80e7f3ac1e317b205354a2+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
vendors-node_modules_spotim_common-components_dist_index_js-node_modules_spotim_topics_dist_t-5d9d60-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.32.0/ 		264 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.32.0/vendors-node_modules_spotim_common-components_dist_index_js-node_modules_spotim_topics_dist_t-5d9d60-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/notifications/tags/v1.32.0/notifications-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8795) /
Resource Hash
e66b0cf46fd5b859ffe1dca65988cf01c4c2dbc0c7d955c80efea9e2c221828c

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
_85izJ781Tl7LpW5HR2FrogGVqRMNCIZ
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3343
x-amz-request-id
SXM7ZARCS199JYV7
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
80285
x-amz-id-2
zIPeC4LH7U29wEBtekDDzjcRaNmErW/8+2ibFbL7Urdt8MIQMB49etj5EwZZ4kvVbrhcUD2Y8nU=
last-modified
Thu, 25 Jul 2024 10:36:42 GMT
server
ECAcc (mid/8795)
x-ioriver
Edgio
etag
"58b2b2f0dec34448f0b278052aec4cd1+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
access-control-allow-headers
*
src_components_NotificationItem_NotificationDescription_NotificationDescription_tsx-src_compo-279477-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.32.0/ 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.32.0/src_components_NotificationItem_NotificationDescription_NotificationDescription_tsx-src_compo-279477-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/notifications/tags/v1.32.0/notifications-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8744) /
Resource Hash
2d137d91849c2ca2c02ab31cbc51007577cec260320af9bdac880e5a93619139

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
.AAFG.YXna2zax5NF3xRySt7Ee6zxX.Y
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3343
x-amz-request-id
SXM674H2NS5AG4HM
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
14972
x-amz-id-2
eofJB6gbM944Vie/Q0xKEAAyMzRVdluKOhOTBFn2JjvzGE5kaVAVJxXT4BxYQc+9Fj+VCpAm8Qo=
last-modified
Thu, 25 Jul 2024 10:36:42 GMT
server
ECAcc (mid/8744)
x-ioriver
Edgio
etag
"80b4157e8c8f54d7e134fe359ae3eadd+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
access-control-allow-headers
*
src_components_StickyNotification_ActionContent_ActionContent_tsx-src_components_StickyNotifi-b290dd-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.32.0/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.32.0/src_components_StickyNotification_ActionContent_ActionContent_tsx-src_components_StickyNotifi-b290dd-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/notifications/tags/v1.32.0/notifications-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8722) /
Resource Hash
3142a9f1a95629caba54e4c4e7f0e83a0da9977f3bf58fafa2c1d9368d8a2dec

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
LB9QOSdL0LGkEbd2qgPLZmHkD5N_dccC
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3343
x-amz-request-id
SXMA845P41RSA0VT
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
4556
x-amz-id-2
7nlVjoy7jnbznYm05bMqFNSMdgiHC9CAIdByRLISpWJFCvr6m32otLggivFGgj5mZSTbotgiZFs=
last-modified
Thu, 25 Jul 2024 10:36:42 GMT
server
ECAcc (mid/8722)
x-ioriver
Edgio
etag
"e35cc1b1978023b23b8e7bcce0d11483+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
src_next_features_BootStickyNotifications_index_tsx-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.32.0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.32.0/src_next_features_BootStickyNotifications_index_tsx-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/notifications/tags/v1.32.0/notifications-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8770) /
Resource Hash
0950a1f69cc36f07199cbd0a7e9b8540451465f93c4f52a5103252e762d62996

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
Xx4GUHZ1v87.cQ1kjhKUg1n6lgDr9exB
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3343
x-amz-request-id
SXM6045X7BM7M4FW
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
2610
x-amz-id-2
D5QwIGavf0pREUyzxdHocbux+FHx/PF8Lasd2lLDqS1TEOCnRCUY55qmegj6dgEZiUjCtAo0758=
last-modified
Thu, 25 Jul 2024 10:36:42 GMT
server
ECAcc (mid/8770)
x-ioriver
Edgio
etag
"1c29971a7f38dc54580bdcc9c2718dda+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
styles.css
static-cdn.spot.im/production/notifications/tags/v1.32.0/ 		238 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.32.0/styles.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/870E) /
Resource Hash
612300c91b7fcfc7e5738ab96a2d841d6d3580714bcb610701ff02ec51e8213c

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
yhw4zN6N8FOujGJzCAX4Xe0Wwj9.VEPz
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
3343
x-amz-request-id
SXMFYBQ7DC9CHVV5
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
18808
x-amz-id-2
eSEKMPusPg7qLF/vz3nrzU3LN8WXO6DW64eNQushJ+m7PWth0NvjjAyOVaCQblkGHzXVtjbnn80=
last-modified
Thu, 25 Jul 2024 10:36:42 GMT
server
ECAcc (mid/870E)
x-ioriver
Edgio
etag
"d2002889105208b75f1992086077d0a9+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
text/css
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
736-bundle.js
static-cdn.spot.im/production/registration/tags/v1.46.0/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/registration/tags/v1.46.0/736-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/registration/tags/v1.46.0/registration-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/872D) /
Resource Hash
be93a82eb368176535ac8c154ddee884802ae81596890fe256cb6a8f49016018

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
RRXUZ6q0Ud541kDKUatDy45jftPd6J3V
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
8169
x-amz-request-id
PH32QM7BQFESYSK0
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
8534
x-amz-id-2
Uil5DF0TMo46xGbJEw3MkAwr1F4bMdITfgKCYSjoEGi8JFQoH5XbYLSBMybgErxGDl7WgmWLlD0=
surrogate-key
/edgio/static-cdn.spot.im /edgio/static-cdn.spot.im/production/registration/tags/v1.46.0/736-bundle.js /edgio/static-cdn.spot.im/production/registration/tags/v1.46.0/736-bundle.js
last-modified
Thu, 07 Mar 2024 10:38:51 GMT
server
ECAcc (mid/872D)
x-ioriver
Edgio
etag
"2469ca4bcfd4e629a62432d0b42866b2+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
registration-logout-bundle.js
static-cdn.spot.im/production/registration/tags/v1.46.0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/registration/tags/v1.46.0/registration-logout-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/registration/tags/v1.46.0/registration-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/872A) /
Resource Hash
b3c8b33febad0971ac8282970d0df393268f1b0714ab93522707785ef0898b2d

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
ryO5uflUxXeZf.q6wffntPCDz6QFSgua
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
8168
x-amz-request-id
J40XWM8J8F9DBTXW
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
2751
x-amz-id-2
tgtPrrvsG8jkzxmNZi2113O6t5sgycay8GWEMkF1hVJINrhJVCvem77Sv+XvWlbjZi0ievrExyVJzhlUWzfs+ivSJrbXEPJV
last-modified
Thu, 07 Mar 2024 10:38:51 GMT
server
ECAcc (mid/872A)
x-ioriver
Edgio
etag
"5bf8b7a66f295bd1080e758b54172a28+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
access-control-allow-headers
*
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/ Frame 66AE 		474 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 11:56:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
77263
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151130
x-xss-protection
0
server
cafe
etag
11205447520193479331
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 12 Aug 2025 11:56:25 GMT
555.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/555.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/popular-in-the-community.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/879C) /
Resource Hash
7caa9c706169a8418230f53f329ec3b9c1624567d4f21542282d4c42a262c834

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
wN1SFUUHaSaSOFgLZ515cVRxSwyIDQMg
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
8170
x-amz-request-id
YTW2GMJTQGS7W9NE
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
19300
x-amz-id-2
5kDC4XcRWNZMuVFSfeOQ86vaxHdc1wL+sAcPQE5C9mBcmK2N2RqwZkErT3wbWeF9lqYfz6QIbkc0n2NvHwvrTIxHfFVJhrovi7H94rwQq1U=
surrogate-key
/edgio/static-cdn.spot.im /edgio/static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/555.js /edgio/static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/555.js
last-modified
Wed, 13 Mar 2024 13:04:08 GMT
server
ECAcc (mid/879C)
x-ioriver
Edgio
etag
"ca44ce2cb039cb6226cd8e1587b86b37+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
963.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/963.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/popular-in-the-community.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8773) /
Resource Hash
fcd876a8f2be07904a3dea9595eac8c552272aa2dcac324e73a27976183017f9

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
Orb7bi6m63SXr7VXnRw3rSP4UxLMl9Wh
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
8169
x-amz-request-id
PH3BX98RX1N04G0V
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
8891
x-amz-id-2
tGQfHgs/MMtJLItSuAnasLV7/W03wD8OGWgk6U1gjBgVkM/dMUU+wRAups7t0pY/a4BUue5MemI=
surrogate-key
/edgio/static-cdn.spot.im /edgio/static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/963.js /edgio/static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/963.js
last-modified
Wed, 13 Mar 2024 13:04:08 GMT
server
ECAcc (mid/8773)
x-ioriver
Edgio
etag
"549d93ed59f13018e7c331d672e9ed3b+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
963.css
static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/ 		18 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/963.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c274:341c:8ae0:45ce:f2b1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8773) /
Resource Hash
0fe54e4560d2a024a59fdaefd81d8037df63b48df306b5849e1cdd9ec9a153c7

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
br
x-amz-version-id
aOjT7Rbb_HXW63pozsSqyJw0UMoNt5NF
nel
{"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
age
8169
x-amz-request-id
PH328Z6301R6D4VB
x-amz-server-side-encryption
AES256
x-edg-version
38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f, 38 35 38 NA 2024-07-14T11:49:04Z 108e5aec-1252-4cd8-958e-bafe1b0ab00f
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=mid,edgio_country;desc=US
content-length
2300
x-amz-id-2
wTa+36lp0EN8eAjvQrObB5zlAbzeOnkvxzfM9YC241ykfZCdSx2gGPDfV3rwAGCfK6gcFHcngYk=
surrogate-key
/edgio/static-cdn.spot.im /edgio/static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/963.css /edgio/static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/963.css
last-modified
Wed, 13 Mar 2024 13:04:08 GMT
server
ECAcc (mid/8773)
x-ioriver
Edgio
etag
"60e07ba3f7bef94388f0baafe0a17a75+br"
access-control-max-age
600
access-control-allow-methods
GET,HEAD
content-type
text/css
access-control-allow-origin
*
report-to
{"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=0cadfa18-f35a-4ea3-a11b-45c0e4b8d305&pop=mid"}]}
x-edg-mr
35:0;35:1;
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
*
skeleton.js
fw.adsafeprotected.com/rjss/st/779512/74291562/ Frame 2ED3 		284 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/779512/74291562/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=22063981&ias_pubId=543174347&ias_chanId=9&ias_placementId=55036917&bidurl=https://www.post-gazette.com&ias_dealId=OX-XPT-h6kpwY&xsId=ABAjH0j429fDV-Z_IWgkLubPz1z6&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j429fDV-Z_IWgkLubPz1z6
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.73.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-73-16.compute-1.amazonaws.com
Software
/
Resource Hash
a99a86ac0b994ef84d740858f6479597d014568f9b98a5b56ba4f8f19604f227

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_280.js
s0.2mdn.net/879366/ Frame 2ED3 		117 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_280.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11286005be0144048b40410234094e5ca25a55a987d088eba6d0e5426a0d52ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
Origin
https://www.post-gazette.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 04:44:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41819
x-xss-protection
0
last-modified
Mon, 08 Jul 2024 16:51:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Aug 2024 04:44:23 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240807/r20110914/elements/html/ Frame 2ED3 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240807/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASMQR6cv4C7fQNN5g9hHXrHQjQtdy1kneuza2DEOWX1V0m3Z5CEdE5aIHqv7o7GcsGQRw8U9Q84-PqVKrwgwfO_37Fr4iSVd1h4BHmHfW_7mOaAaM0T2WOvLiNmQH6OIunAIQW3lZ2TExUbLWLoHSJaKKqYhkWJWWlxc7yX3qQIfX9CMo&dbm_d=AKAmf-BsOMSU48OHjrHTkjqsPx03NIiBIbbzcAIChtiPtxpmvxFGVprn-q6unvPUmRz2Z-UgdvM_9Bg9HyKmp01J20RiaNiaW6j0TKtXuqyzmIY9xYZyNHZsFgxd9HdRVixynQoPElspPDd3jHhW5lIm-q2t6G_YXR2eNCW8HnRKiDuIh00Rg8wWlSJOn2UkfY1-dhRSQXuOLIqDYUV1B-C2Na_c7Pod1tDXYONC_GRkssHqFz6s6BrRHpWFC6bbxLDytabCA8I92Ln5Ux05pfnFrnfccem1_rKesjfa9VDj3hJ6fe4iubMNz2DloPLJGmZ_Ir35xShc_ECUCq_faQQYXNQNzJXf5N2fbbG-Dy5KZhczzty9FX3_dc4upD3QkpGKCp7HtS-osbMPMxMbS_3RoPhULXfav4sKGR4b8U-unSbt73pyujWpug6FDJjtrFYuVWoMW3SsyR3l3EN8RE_jePEco3cGSbHoTwzQHDa4OYUkMOW5o-TQGjoCLzwUfEEoYcEq2sDDHQ12jyV9fR0rC0941dGkZ3zOzMKUTSYUZTCGmmRdWjpeAFvegpbVUYKh3eM1C9G5I9Ze7C65qDN0HC1S6Y1vUFGxbY9SnnxPU7ONeCrpTNjRcvvNqj01TxPJiNIxA_TljZxGoGPZWvm2WLmVjroNJNhRfaBdwTRH34eEQlvgwH1bw3P5RfhE5HFTqyfwNw74U0ghqMeTMqXHvnHsuUaY3K0HyXMLX4NXrEhNSdddQMi5w4VBV98pBYUCxO4srse65fNv-2gKmM_Vu55xdxnPka0SUUZunmxTVR03ALMOds69u5H1uqzanOveRkSHXC4_VeWcrh_IGHcnDdvxLsGwKfcTV2pQ3fZfLGZ5EsWeKEEUXTaJplOehBCq4MIbEC5LiXCPngCh_jv59EWoxXRizjUAWdScW0h9UECtqdZe_S_xdwKDdOQ1T4FpZzMiAuFXY22Y34m7_wyWgmUncxjeiXr6E3BGcl1qUZb2YlVw5vOb1AVXm2ClqU4Hs1Usg5zh4Nkf1WJGCiYEV2_F4W0k6pJRzGSN4oKoJtKmkVzaNlBtDvUPccss6n4MYeY54axejHmCNcsoCE-_h_rIjG5mg04B8yFr-QuJrenr9IodAu3h2P1UTKC-KvWe5hJg6eY7SlbEW5Rvm3VN9x6IbTeYz87wqJYJP98QdROy_-ozvo0qNnYaimYb-Fn2bMjioTO3nXhRn3RSz2vG0aE4CZg0xCTVfyncA0h8KgJprP70-3zsCnxez477KFXVFch7wz1S7gCW7iJDNUXmQW9mxlBn8hwjj2oy3rc-mUe6JZQ8POENzkPQIqhGY0vIphNrEyvJE4Lv4odz_KBT6kJJtIaSOKrNtArOR5bh_XOQg93RfFE8NikuMflMRsVIE7xI2mishl7yVzJjKddUXwauORkpgfa93WioIDhRSUcSWS9QOU6A-8wei-NK8JONwwYrk8KlGBfeaGHE8Mxj1mjCyOkhr7x1QzXnP8x0tYkXM5SyOhLfMCX4AxeXoIK_f67vHBdi4b-98TfKWPa_49shRGWAg9yXvx1SFgGq_6mwNTYTIlBg-ZdGrjdzmhobxN2OfBKEoJRI072kOind76f2BXaAwV7HA1x6Syj65q8PHZp_aFifWaKDzSDK41SqtHf97cdXRrC3vAk0nRSFdC468nJk7qbUG_UqlD3M69LFypM6vLW2LBa7-ji9IJW8EH2ITagb94h_iay-N3lfexTcAEPzB9-_QwKflqS-IHBLnWtdqOGDPnNPqvO1Ibw5KG8T_AAWvgsuolCCdMgsU40v3zeb54W0L4O3qwsG50CR_cdzjycUgzX0gsr_hI22bYD-6qFIcBedm2HiQBplrjwIaoaGAuoc_tYsPgWri1RhiIzawzZrJ7b5q_2v03xgz2JLnE2FMv4R4SWERO_l3DrG4g7mY9MQMe5GL73kuJpj8yik9ObTj8vpGGBloflsjef5JutalNx_O1P1PZjttdftU2kGmQEjdDp9_wKLvXEoY_2HWRVCvtj8UFAWK3z0EnQCh398uD7m0HRH4Qw0YJJMzidEZPMiVoCbRQr_l25Ko5RBInyRSI-L12EjnQ55gcz3XeaaG5u8DuAfPBVGhCDO-trBlyob7LJiUI0xFodnqLC649YOHDlR2BA6TG2SH6cR6aGJP07ue0V5U7PtrU9IhLpsPsdWn19ILOwj1c1Lx24LFzJbpcrdoW8jzSa-rtfcpoi8_-OMkHejKzQNTVqfvrcnVtrsLcS2F_1WUkij-pXc7DLHjgK5cJTz97VDo1IUZeKDpTX4bpICqRe5_XdfbWXsdedvnJ2ylfQRcxY9R9l-sD_i9-h8wHcxK93B_N0CWLdq4FkcdQec221IYvmfq2OSNGD-mBKzzec_XpilQtmdUEJuDtTVuv1p8676ZkeuQf8N06NmpOUMLaRdiB6Zr2dESeRMWXw3iernpP5R6-nbRdTC55yxKWGJt3dvbfj3KbQQ2I5ZM7FYCk-rKH-KpokCpYPk8szOmeD4x5o5uVniUwCKNlpDfdBnOnIOtjD430jKOeI8KllDKTLmHwtZYve_fvygPmJ_UiLhJnS1pXH0MCsgPXLsV8MlXtKk9pjtjrVKXeB3SeHFnurB_xnRtcJNc_AYkaxMxLL15lhLbzTRkTufeahRJujWhnw5FGKOEhdRYuWra35T3Lm7W3jt8eQRijKYAPEdtRTsFdoQaAA5Ay3wnGVvSArlMHatdwSdkYeszvMWfoz1ATwO-nIzNHMpR49hT_aU6FsqzkSQJarOO7d_cWYYUcmGYO--_8MxfbUslfbIA1G3wOTpVw8V_kT5jD8jAIxop7J6JmK8dWjoVpi5uNjTOgEI1gjVuowuwCrBbgfJ8u5tx9WRj4AFlzSEYujch7Ia-ZnFcspFEdPSQMSkL4pKzvpnpQ3JGzeqVNHJsRMT9Nq4mcqTXwbwBJgnu7j0aohnCfpQmn7EGUHHGSfUCENvMkOB1jY7fvuAbdrgwALGHjveTHAh3jp-L3W3o4KLCOH81HnWA57oOn2i5neX1FgnSeay_LaKJPyxCEq2pyE22t9dfd7p_DNpLc_Zr6Rj6iY2BoFow1sysF3uEFJsMx4J4xRNQ2M7Tz9p5O_uHhtE9IIL7An5jvFrB1SWFzvE4RR4vHRzijSOA5u46MifIQ-0yxSWb8NXgnQWzVeCTzAHzbCIiX00c1opRyEdoiZnyhlLdFORlLDiezoRBNJMUD6ahQxS3XuBJWW0d5tw41pgEPf5FRuDuyLjoNDyGzyqGlBc0qrOZY7YiI6s9FcJcBgAyagJtYQT0quGWKgMnAiR1yXFh1snBeXqf0OqeyylTZPqvhHf1cb3pYVnsSD2ivMkNQbCb3RMaI34ECLOc-gc0EYjhSEsE_koJ2Zjc3uX9cRf1u0_A1WbTLWduHkfKxo0sJWGfIHXZEb1tt3IfgYGGDGSVnt7Zz_SKbh5Wu-EmWv0WF_FCDIT6p8cHSoL3Uj4UEHcYZCVfGa8UXJjVhcsME1o7yGnKULAaPORE06uxPliE7CN5zgIJ-uJn6yfpq-Ac9eJMYm3d5IkRwkTbbOk8YhXHeXgUDoUbnZSq8ypBSPcmtwn-WmnGupqQJAuZXetUv8EuCcleEMRl9dCyv_rxxY6OICXIazW3R0aLFlbUsx5FwBvRkxQ43jl4HCVzgKmUXIKCoh02YXOSdT379ychPf7jyZDsMMfLEftlSY7FMv2tZwlkOS19S16aS15dxyD82ouOSAIO6EjWsRDCnuU9DniouJKzFS2NAnPm9IrVdMAbLKHQuzbeDa4oaO-mHGMUwxQzttgGOeIBYKQ0pV3ajucyu1EYqYDyL_2-GEwyvHwGs7LgWMeN6UMmBc&pr=9%3AAAABkUsNV5C9QaOGr_c2XXm-lWK0gAQAT8CEEw&cid=CAQSKQDpaXnfuc2ftPatiJxB6Eqg_4D5gwQ3AikT4qHNLoMvRQ8DUyN3S9vmGAE&xfc=https%3A%2F%2Finfolinks-usa-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAhMcGAp3SUJpdUh0UUNoHBact9Lrs_6DgrcBFrGcnqH2vo_oqAEAHBbPw_XKzc2z_c4BFuGXnuKa7ajdvQEAFvaY2esMFQY4JDczMTEwNTI0LTA3NTAtMDhjNy0wY2U4LWY2MjQwYmM0MWVmORwVAhgNTUxfRkVFU19NT0RFTBgTZm9wLW1vZGVsLWNhbmRpZGF0ZQA5DAAsHBUCABwVAgAcFQIAHBUCAAAcJtbStYgEFQQ2ztK1iAQWlruBhgQlAhUCpoYCFoYCFoYCFhQWFBYUFhQWjgQWhgIWhgIAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWnuWigAQW2ri1gAQW1u6pgAQVGBwU9AMU2AQAFQQmjgQWjgQWjgQRNQ4mjgQ0BgAsLBa1zq37heXWsagBFp-w_-nm_eaY1AEAFvaY2esMBii82ZiABBae5aKABBbW7qmABBbauLWABBgJNTE2NjY2NTE0FsbKARaOBCUEFoICGAcyNDgwODM2FQKhERgCT1gMehT4AxTaBAAWAhgDcnRiABw1BhgNT1gtWFBULWg2a3B3WRYUXCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa-rfKWBBa8rfKWBADMGwGIHk1MX0ZFRV9PUFRJTUlaRVJfSU5TVEFOQ0VfVFlQRQVvdGhlcgCsOA1haXJjYW5hZGEuY29tAAAA%26r%3D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202406030101&nel=1&rfl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ds=l&xdt=0&iif=1&cor=17643169826373458000&adk=2011417064&idt=78&cac=0&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 15:27:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
64614
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4395
x-xss-protection
0
server
cafe
etag
4271344721252203484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Aug 2024 15:27:17 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240807/r20110914/ Frame 2ED3 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240807/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASMQR6cv4C7fQNN5g9hHXrHQjQtdy1kneuza2DEOWX1V0m3Z5CEdE5aIHqv7o7GcsGQRw8U9Q84-PqVKrwgwfO_37Fr4iSVd1h4BHmHfW_7mOaAaM0T2WOvLiNmQH6OIunAIQW3lZ2TExUbLWLoHSJaKKqYhkWJWWlxc7yX3qQIfX9CMo&dbm_d=AKAmf-BsOMSU48OHjrHTkjqsPx03NIiBIbbzcAIChtiPtxpmvxFGVprn-q6unvPUmRz2Z-UgdvM_9Bg9HyKmp01J20RiaNiaW6j0TKtXuqyzmIY9xYZyNHZsFgxd9HdRVixynQoPElspPDd3jHhW5lIm-q2t6G_YXR2eNCW8HnRKiDuIh00Rg8wWlSJOn2UkfY1-dhRSQXuOLIqDYUV1B-C2Na_c7Pod1tDXYONC_GRkssHqFz6s6BrRHpWFC6bbxLDytabCA8I92Ln5Ux05pfnFrnfccem1_rKesjfa9VDj3hJ6fe4iubMNz2DloPLJGmZ_Ir35xShc_ECUCq_faQQYXNQNzJXf5N2fbbG-Dy5KZhczzty9FX3_dc4upD3QkpGKCp7HtS-osbMPMxMbS_3RoPhULXfav4sKGR4b8U-unSbt73pyujWpug6FDJjtrFYuVWoMW3SsyR3l3EN8RE_jePEco3cGSbHoTwzQHDa4OYUkMOW5o-TQGjoCLzwUfEEoYcEq2sDDHQ12jyV9fR0rC0941dGkZ3zOzMKUTSYUZTCGmmRdWjpeAFvegpbVUYKh3eM1C9G5I9Ze7C65qDN0HC1S6Y1vUFGxbY9SnnxPU7ONeCrpTNjRcvvNqj01TxPJiNIxA_TljZxGoGPZWvm2WLmVjroNJNhRfaBdwTRH34eEQlvgwH1bw3P5RfhE5HFTqyfwNw74U0ghqMeTMqXHvnHsuUaY3K0HyXMLX4NXrEhNSdddQMi5w4VBV98pBYUCxO4srse65fNv-2gKmM_Vu55xdxnPka0SUUZunmxTVR03ALMOds69u5H1uqzanOveRkSHXC4_VeWcrh_IGHcnDdvxLsGwKfcTV2pQ3fZfLGZ5EsWeKEEUXTaJplOehBCq4MIbEC5LiXCPngCh_jv59EWoxXRizjUAWdScW0h9UECtqdZe_S_xdwKDdOQ1T4FpZzMiAuFXY22Y34m7_wyWgmUncxjeiXr6E3BGcl1qUZb2YlVw5vOb1AVXm2ClqU4Hs1Usg5zh4Nkf1WJGCiYEV2_F4W0k6pJRzGSN4oKoJtKmkVzaNlBtDvUPccss6n4MYeY54axejHmCNcsoCE-_h_rIjG5mg04B8yFr-QuJrenr9IodAu3h2P1UTKC-KvWe5hJg6eY7SlbEW5Rvm3VN9x6IbTeYz87wqJYJP98QdROy_-ozvo0qNnYaimYb-Fn2bMjioTO3nXhRn3RSz2vG0aE4CZg0xCTVfyncA0h8KgJprP70-3zsCnxez477KFXVFch7wz1S7gCW7iJDNUXmQW9mxlBn8hwjj2oy3rc-mUe6JZQ8POENzkPQIqhGY0vIphNrEyvJE4Lv4odz_KBT6kJJtIaSOKrNtArOR5bh_XOQg93RfFE8NikuMflMRsVIE7xI2mishl7yVzJjKddUXwauORkpgfa93WioIDhRSUcSWS9QOU6A-8wei-NK8JONwwYrk8KlGBfeaGHE8Mxj1mjCyOkhr7x1QzXnP8x0tYkXM5SyOhLfMCX4AxeXoIK_f67vHBdi4b-98TfKWPa_49shRGWAg9yXvx1SFgGq_6mwNTYTIlBg-ZdGrjdzmhobxN2OfBKEoJRI072kOind76f2BXaAwV7HA1x6Syj65q8PHZp_aFifWaKDzSDK41SqtHf97cdXRrC3vAk0nRSFdC468nJk7qbUG_UqlD3M69LFypM6vLW2LBa7-ji9IJW8EH2ITagb94h_iay-N3lfexTcAEPzB9-_QwKflqS-IHBLnWtdqOGDPnNPqvO1Ibw5KG8T_AAWvgsuolCCdMgsU40v3zeb54W0L4O3qwsG50CR_cdzjycUgzX0gsr_hI22bYD-6qFIcBedm2HiQBplrjwIaoaGAuoc_tYsPgWri1RhiIzawzZrJ7b5q_2v03xgz2JLnE2FMv4R4SWERO_l3DrG4g7mY9MQMe5GL73kuJpj8yik9ObTj8vpGGBloflsjef5JutalNx_O1P1PZjttdftU2kGmQEjdDp9_wKLvXEoY_2HWRVCvtj8UFAWK3z0EnQCh398uD7m0HRH4Qw0YJJMzidEZPMiVoCbRQr_l25Ko5RBInyRSI-L12EjnQ55gcz3XeaaG5u8DuAfPBVGhCDO-trBlyob7LJiUI0xFodnqLC649YOHDlR2BA6TG2SH6cR6aGJP07ue0V5U7PtrU9IhLpsPsdWn19ILOwj1c1Lx24LFzJbpcrdoW8jzSa-rtfcpoi8_-OMkHejKzQNTVqfvrcnVtrsLcS2F_1WUkij-pXc7DLHjgK5cJTz97VDo1IUZeKDpTX4bpICqRe5_XdfbWXsdedvnJ2ylfQRcxY9R9l-sD_i9-h8wHcxK93B_N0CWLdq4FkcdQec221IYvmfq2OSNGD-mBKzzec_XpilQtmdUEJuDtTVuv1p8676ZkeuQf8N06NmpOUMLaRdiB6Zr2dESeRMWXw3iernpP5R6-nbRdTC55yxKWGJt3dvbfj3KbQQ2I5ZM7FYCk-rKH-KpokCpYPk8szOmeD4x5o5uVniUwCKNlpDfdBnOnIOtjD430jKOeI8KllDKTLmHwtZYve_fvygPmJ_UiLhJnS1pXH0MCsgPXLsV8MlXtKk9pjtjrVKXeB3SeHFnurB_xnRtcJNc_AYkaxMxLL15lhLbzTRkTufeahRJujWhnw5FGKOEhdRYuWra35T3Lm7W3jt8eQRijKYAPEdtRTsFdoQaAA5Ay3wnGVvSArlMHatdwSdkYeszvMWfoz1ATwO-nIzNHMpR49hT_aU6FsqzkSQJarOO7d_cWYYUcmGYO--_8MxfbUslfbIA1G3wOTpVw8V_kT5jD8jAIxop7J6JmK8dWjoVpi5uNjTOgEI1gjVuowuwCrBbgfJ8u5tx9WRj4AFlzSEYujch7Ia-ZnFcspFEdPSQMSkL4pKzvpnpQ3JGzeqVNHJsRMT9Nq4mcqTXwbwBJgnu7j0aohnCfpQmn7EGUHHGSfUCENvMkOB1jY7fvuAbdrgwALGHjveTHAh3jp-L3W3o4KLCOH81HnWA57oOn2i5neX1FgnSeay_LaKJPyxCEq2pyE22t9dfd7p_DNpLc_Zr6Rj6iY2BoFow1sysF3uEFJsMx4J4xRNQ2M7Tz9p5O_uHhtE9IIL7An5jvFrB1SWFzvE4RR4vHRzijSOA5u46MifIQ-0yxSWb8NXgnQWzVeCTzAHzbCIiX00c1opRyEdoiZnyhlLdFORlLDiezoRBNJMUD6ahQxS3XuBJWW0d5tw41pgEPf5FRuDuyLjoNDyGzyqGlBc0qrOZY7YiI6s9FcJcBgAyagJtYQT0quGWKgMnAiR1yXFh1snBeXqf0OqeyylTZPqvhHf1cb3pYVnsSD2ivMkNQbCb3RMaI34ECLOc-gc0EYjhSEsE_koJ2Zjc3uX9cRf1u0_A1WbTLWduHkfKxo0sJWGfIHXZEb1tt3IfgYGGDGSVnt7Zz_SKbh5Wu-EmWv0WF_FCDIT6p8cHSoL3Uj4UEHcYZCVfGa8UXJjVhcsME1o7yGnKULAaPORE06uxPliE7CN5zgIJ-uJn6yfpq-Ac9eJMYm3d5IkRwkTbbOk8YhXHeXgUDoUbnZSq8ypBSPcmtwn-WmnGupqQJAuZXetUv8EuCcleEMRl9dCyv_rxxY6OICXIazW3R0aLFlbUsx5FwBvRkxQ43jl4HCVzgKmUXIKCoh02YXOSdT379ychPf7jyZDsMMfLEftlSY7FMv2tZwlkOS19S16aS15dxyD82ouOSAIO6EjWsRDCnuU9DniouJKzFS2NAnPm9IrVdMAbLKHQuzbeDa4oaO-mHGMUwxQzttgGOeIBYKQ0pV3ajucyu1EYqYDyL_2-GEwyvHwGs7LgWMeN6UMmBc&pr=9%3AAAABkUsNV5C9QaOGr_c2XXm-lWK0gAQAT8CEEw&cid=CAQSKQDpaXnfuc2ftPatiJxB6Eqg_4D5gwQ3AikT4qHNLoMvRQ8DUyN3S9vmGAE&xfc=https%3A%2F%2Finfolinks-usa-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAhMcGAp3SUJpdUh0UUNoHBact9Lrs_6DgrcBFrGcnqH2vo_oqAEAHBbPw_XKzc2z_c4BFuGXnuKa7ajdvQEAFvaY2esMFQY4JDczMTEwNTI0LTA3NTAtMDhjNy0wY2U4LWY2MjQwYmM0MWVmORwVAhgNTUxfRkVFU19NT0RFTBgTZm9wLW1vZGVsLWNhbmRpZGF0ZQA5DAAsHBUCABwVAgAcFQIAHBUCAAAcJtbStYgEFQQ2ztK1iAQWlruBhgQlAhUCpoYCFoYCFoYCFhQWFBYUFhQWjgQWhgIWhgIAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWnuWigAQW2ri1gAQW1u6pgAQVGBwU9AMU2AQAFQQmjgQWjgQWjgQRNQ4mjgQ0BgAsLBa1zq37heXWsagBFp-w_-nm_eaY1AEAFvaY2esMBii82ZiABBae5aKABBbW7qmABBbauLWABBgJNTE2NjY2NTE0FsbKARaOBCUEFoICGAcyNDgwODM2FQKhERgCT1gMehT4AxTaBAAWAhgDcnRiABw1BhgNT1gtWFBULWg2a3B3WRYUXCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa-rfKWBBa8rfKWBADMGwGIHk1MX0ZFRV9PUFRJTUlaRVJfSU5TVEFOQ0VfVFlQRQVvdGhlcgCsOA1haXJjYW5hZGEuY29tAAAA%26r%3D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202406030101&nel=1&rfl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ds=l&xdt=0&iif=1&cor=17643169826373458000&adk=2011417064&idt=78&cac=0&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
1ce6e5150e4f2d8421181b85a0f04d8cb44522e028bd852ced5396552c483551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 17:17:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
58014
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11751
x-xss-protection
0
server
cafe
etag
13175633136872629042
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Aug 2024 17:17:17 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 2ED3 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 02:54:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
23377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 02:54:34 GMT
pd
us-u.openx.net/w/1.0/ Frame CDA9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=e33c1420-b041-4c33-896d-fdea8d16166f
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
364
content-type
text/html
date
Tue, 13 Aug 2024 09:24:11 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
hbw_master_270443_6800.js
player.spotim.market/prebidlink/7XL4_/ Frame 66AE 		142 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/7XL4_/hbw_master_270443_6800.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/478761/wrapper_hb_270443_6800.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b4672bd8124098a18dbf7b10ff44083ff2f315655a34eb72804a06309c71503f

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
gzip
last-modified
Wed, 07 Aug 2024 10:08:10 GMT
server
nginx
etag
W/"66b3478a-239fa"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
expires
Wed, 14 Aug 2024 09:24:11 GMT
hbp_master_270443_6800.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 66AE 		328 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/478761/hb_270443_6800.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6c3aad2ec7306549d14688d9ce1b8ec296a648d85749b7dc6703062d37de517e

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Tue, 13 Aug 2024 09:24:11 GMT
content-encoding
gzip
last-modified
Tue, 06 Aug 2024 14:07:58 GMT
server
nginx
etag
W/"66b22e3e-521ae"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
expires
Wed, 14 Aug 2024 09:24:11 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame BDDE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29247
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 08:35:41 GMT
expires
Tue, 13 Aug 2024 09:25:41 GMT
last-modified
Mon, 12 Aug 2024 19:45:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
grumi.js
rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/ Frame 3ABF 		662 KB
232 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:4e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4fea3475c7a12df510b6e7fb0f8e5b055f372e1b49241fe926ec5e5fae42db4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:27:18 GMT
content-encoding
br
via
1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
x-amz-version-id
DwWB8SqzJVIuVjci.91w3IUStC0wt5Hy
x-amz-cf-pop
JFK50-P6
age
3414
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 13 Aug 2024 08:16:50 GMT
server
AmazonS3
etag
W/"7556cef9f1e024c8831458761fa4f8e5"
vary
accept-encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
rjh8tN21y9N4iNqF67mwGf-VfmUXy60gZjWwy8sVbK1SkPI6XrBBSA==
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ 		59 B
447 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/137-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.184.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-184-20.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
7017f3c81840b62cb3f98d628194f325300ab7d7506d70afb57104c8dca7f341

Request headers

x-spotim-device-uuid
3593de28-31ce-40c3-ad44-2c27d3579c59
x-post-id
no$post
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_wfO5dOu8
x-spotim-page-view-id
8ba16e39-784a-49b9-b4f5-d79982b35e11
Referer
https://www.post-gazette.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfZHk4R1g3VndRM3J6IiwiZGlzcGxheV9uYW1lIjoiQ3lhblN1Ym1hcmluZSIsInVzZXJfbmFtZSI6IkN5YW5TdWJtYXJpbmUiLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjQ3lhbi1TdWJtYXJpbmUiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJsb2NhdGlvbiI6IiIsImlzX21vZGVyYXRpb25fdmlld2VyIjpmYWxzZSwic3BvdF9pZCI6InNwX3dmTzVkT3U4IiwibGFzdF9jaGVjayI6MTcyMzU0MTA1MSwidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTI0MDgxM1ZtNVdxeC40NDc1NDYzZjRmNzczMGZlOGZjMjhjYTI2N2ZhMDNmMWJiNDc2YzBlYjk0OTc1NTc3OWU4ODAwNTgxZTIwNWVlIiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX3JFVGVXWXVFWDFvRFFhR3NNb3Z4IiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoibmV0X3Bvc3RfZ2F6ZXR0ZSIsIm5ldHdvcmtfbmFtZSI6InBvc3RfZ2F6ZXR0ZSIsIm5ldHdvcmtfaW1hZ2VfaWQiOiI5YmYyYzJiYWZkZWY4YTA0YjQ1ZDg0Nzg4ZWZjNWE4NSIsIm5ldHdvcmtfY29sb3IiOiIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3NTE5NjMwNTEsInN1YiI6InVfZHk4R1g3VndRM3J6In0.obdDyPz0eNhVhQS25FwkFsPgwSq5t_tpFevWhbDt3ME

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
x-spotim-device-uuid
3593de28-31ce-40c3-ad44-2c27d3579c59
x-guid
3593de28-31ce-40c3-ad44-2c27d3579c59
server
fasthttp
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-credentials
true
x-spotim-networkid
net_post_gazette
content-length
59
x-spotim-token
01240813Vm5Wqx.4475463f4f7730fe8fc28ca267fa03f1bb476c0eb949755779e8800581e205ee
x-request-id
cd1eb035-5955-11ef-ab81-06ffecc15d39
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.111.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-111-103.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.post-gazette.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.post-gazette.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Tue, 13 Aug 2024 09:24:11 GMT
server
fasthttp
strict-transport-security
max-age=31536000
activeview
pagead2.googlesyndication.com/pcs/ Frame EA86 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1nYnSSTSNMH-wOX3u9AFktmbzuX-fc52icP_CGJWFBt4urH7uRInnLhV7Z-df6OSSbqINc2xbEkMU2zezIPvBOVVep2BW7N27wey8ig0W9pG5jV_fUwduYkX6s3axOBQBRY1LEGzOVVZJnyUs3YhxaiqFEqekNpg&sig=Cg0ArKJSzPPPE2x5EvJeEAE&id=lidar2&mcvt=1033&p=852,1110,1102,1410&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20240812&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2757904123&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1947385000&rst=1723541050624&rpt=258&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D034 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
268535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Aug 2024 06:48:37 GMT
expires
Sun, 10 Aug 2025 06:48:37 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AVmanager.js
player.aniview.com/script/6.1/ Frame C736 		500 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.215.0.43 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-0-43.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
6332cc8c2644133128d9a6a7efe4941d2306b2d0287079146e731212859b2a8d

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

quic-version
0x00000001
date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
x-guploader-uploadid
AHxI1nPd9Zl6plfy1NAvSZvI9s_A32jEnvFjk5FszS52JWiHnz4ibDKZJXIECjSr8PbqJ7Pj_koSD7SGDA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
148075
last-modified
Sun, 11 Aug 2024 06:17:26 GMT
server
UploadServer
etag
"7ce713be2c60693265a1e3f9b6daab31"
vary
Accept-Encoding
x-goog-generation
1723357046146821
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=iVb3JQ==, md5=fOcTvixgaTJloeP5ttqrMQ==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
148075
accept-ranges
bytes
expires
Tue, 13 Aug 2024 09:39:12 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1723541052046&did=did-004d&se=e30&duid=9f2ec9c7e58b--01j55gtnmxqxp97sd5gw1v9zg9&tv=v2.14.3&pu=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11...
  • https://rp4.liadm.com/j?dtstmp=1723541052046&did=did-004d&se=e30&duid=9f2ec9c7e58b--01j55gtnmxqxp97sd5gw1v9zg9&tv=v2.14.3&pu=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F1...
49 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1723541052046&did=did-004d&se=e30&duid=9f2ec9c7e58b--01j55gtnmxqxp97sd5gw1v9zg9&tv=v2.14.3&pu=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&wpn=lc-bundle&cd=.post-gazette.com&c=PHRpdGxlPlRydW1wIHJhbGx5IGd1bm1hbiBUaG9tYXMgQ3Jvb2tzIGluIHJhcmUgY2xhc3MgYW1vbmcgaGlnaC1wcm9maWxlIHNob290ZXJzIHwgUGl0dHNidXJnaCBQb3N0LUdhemV0dGU8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy5wb3N0LWdhemV0dGUuY29tL25ld3MvY3JpbWUtY291cnRzLzIwMjQvMDgvMTEvdGhvbWFzLWNyb29rcy1idXRsZXItdHJ1bXAtcmFsbHktc2hvb3Rpbmcvc3Rvcmllcy8yMDI0MDgxMTAwNzIiPjxoMSBjbGFzcz0icGdldm9rZS1zdG9yeS10b3BhcmVhLWN1dG91dC1oZWFkbGluZSI-CgkJCUxhY2sgb2YgbW90aXZlLCBwYXN0IHdyaXRpbmdzIHB1dHMgVHJ1bXAgcmFsbHkgZ3VubWFuIGluIHJhcmUgY2xhc3MgYW1vbmcgaGlnaC1wcm9maWxlIHNob290ZXJzCgkJPC9oMT48aDEgY2xhc3M9InBnZXZva2Utc3RvcnktYm90dG9tYXJlYS1oZWFkbGluZSI-CgkJCQlMYWNrIG9mIG1vdGl2ZSwgcGFzdCB3cml0aW5ncyBwdXRzIFRydW1wIHJhbGx5IGd1bm1hbiBpbiByYXJlIGNsYXNzIGFtb25nIGhpZ2gtcHJvZmlsZSBzaG9vdGVycwoJCQk8L2gxPg&i6=MjAwMTo1NTA6MWQwNToxOjoxMA%3D%3D
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
52.7.252.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-252-0.compute-1.amazonaws.com
Software
/
Resource Hash
236dc365fe03d4bd1e43d7961594a56ac474806ec07472418ee0c81ec63bfdec

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
x-pixel-event-id
a86376b0-bcfd-4046-a5c1-5c8f1d25609b
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
49

Redirect headers

location
https://rp4.liadm.com/j?dtstmp=1723541052046&did=did-004d&se=e30&duid=9f2ec9c7e58b--01j55gtnmxqxp97sd5gw1v9zg9&tv=v2.14.3&pu=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&wpn=lc-bundle&cd=.post-gazette.com&c=PHRpdGxlPlRydW1wIHJhbGx5IGd1bm1hbiBUaG9tYXMgQ3Jvb2tzIGluIHJhcmUgY2xhc3MgYW1vbmcgaGlnaC1wcm9maWxlIHNob290ZXJzIHwgUGl0dHNidXJnaCBQb3N0LUdhemV0dGU8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy5wb3N0LWdhemV0dGUuY29tL25ld3MvY3JpbWUtY291cnRzLzIwMjQvMDgvMTEvdGhvbWFzLWNyb29rcy1idXRsZXItdHJ1bXAtcmFsbHktc2hvb3Rpbmcvc3Rvcmllcy8yMDI0MDgxMTAwNzIiPjxoMSBjbGFzcz0icGdldm9rZS1zdG9yeS10b3BhcmVhLWN1dG91dC1oZWFkbGluZSI-CgkJCUxhY2sgb2YgbW90aXZlLCBwYXN0IHdyaXRpbmdzIHB1dHMgVHJ1bXAgcmFsbHkgZ3VubWFuIGluIHJhcmUgY2xhc3MgYW1vbmcgaGlnaC1wcm9maWxlIHNob290ZXJzCgkJPC9oMT48aDEgY2xhc3M9InBnZXZva2Utc3RvcnktYm90dG9tYXJlYS1oZWFkbGluZSI-CgkJCQlMYWNrIG9mIG1vdGl2ZSwgcGFzdCB3cml0aW5ncyBwdXRzIFRydW1wIHJhbGx5IGd1bm1hbiBpbiByYXJlIGNsYXNzIGFtb25nIGhpZ2gtcHJvZmlsZSBzaG9vdGVycwoJCQk8L2gxPg&i6=MjAwMTo1NTA6MWQwNToxOjoxMA%3D%3D
access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:12 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
apstag.js
c.amazon-adsystem.com/aax2/ Frame 66AE 		319 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/7XL4_/hbw_master_270443_6800.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb91d44b4b1deecc952c953de556437e2283fb4a17261ef352cc19ea65f7984b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:56:05 GMT
content-encoding
gzip
via
1.1 1fa3f854976309f3d11907ad7125291a.cloudfront.net (CloudFront), 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2024 20:54:56 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
1684
x-amz-server-side-encryption
AES256
etag
W/"bcf5fc5f6600cc22b92be3e154b2e3e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
3pV9rOMRA7_Xt6mxnG4bE_BPWdJRBwpJp2vMy7IbDmthJ87y_Pu9wg==
grumi.js
rumcdn.geoedge.be/25d9563d-75eb-4bf7-88d6-ff77920e491c/ Frame 66AE 		255 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/25d9563d-75eb-4bf7-88d6-ff77920e491c/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/7XL4_/hbw_master_270443_6800.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:4e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fdd104bf48196109048818da157448268e709eb8d499608e40a1d6ac0025606

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:26:20 GMT
content-encoding
br
via
1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
x-amz-version-id
T_ZU_inRn6xlG2r9oH2DccBSTikP9jG_
x-amz-cf-pop
JFK50-P6
age
3473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 13 Aug 2024 08:22:00 GMT
server
AmazonS3
etag
W/"e0dda6f029b60935d86356e7a8f7914d"
vary
accept-encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
FsZTclW_THnIWI1eR4m3RQMMpWacESXUZYccBk8vNbJhD8b-lVROsA==
/
sghb.spotim.market/geo/ Frame 66AE 		168 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/7XL4_/hbw_master_270443_6800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.151.242 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
fcc42ec1f14807eb53a8beaab07f93e1119c4da181da0384213c21b4a1e2236a

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:11 GMT
Server
Spotim
Content-Type
application/json
Access-Control-Allow-Origin
https://www.post-gazette.com
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
168
tracking
sghb.spotim.market/adunit/ Frame 66AE 		43 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=6800&full_page_url=https%3A%2F%2Fwww.post-gazette.com&adid=s7ub2n.pz&features=82016&vpbv=m254&lifecycle_tte=465
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/7XL4_/hbw_master_270443_6800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.151.242 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:11 GMT
Server
Spotim
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.post-gazette.com
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
config.aps.amazon-adsystem.com/configs/ Frame 66AE 		563 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-56.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
ba7ad69beebac1b0f77dd58d076f29fc71aae2d411c0f1aa1011c157642c5812

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:43:43 GMT
via
1.1 313dd6f62ed18c58ce60182660a6ec46.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P3
age
2429
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
lL6jUt8-vlh2iJzUDSiKZzVavDZmiyaCDEm31ZP1O6NQL1fv8Ix55Q==
config
c.amazon-adsystem.com/cdn/prod/ Frame 66AE 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.post-gazette.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e1ef56745c8a9e21f6b815dec4a97440fc975920d4e7a021ba518f1a9a229974

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:15:13 GMT
via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
4139
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
5219
x-amz-cf-id
YN2CRAM7MDbjtGsTdFLcJN2JOYeDMNgSqmc7tpC78ZH3_jNrgA3w6A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 66AE 		6 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
date
Mon, 12 Aug 2024 11:02:51 GMT
x-amz-cf-pop
JFK50-P3
age
80479
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Origin,accept-encoding
x-amz-cf-id
FXBbfnA54aMKaryy22rMilWc3YKLvJPRa3hlGMKKNSO8AetBfs32Sg==
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2ED3 		204 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_280.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
4d20e34d7517ba277214444e8f314c7b75141eb1979493453252daa941808ab7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:06:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64804
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 10:06:18 GMT
index.html
s0.2mdn.net/sadbundle/11139510502153299258/POS_US_CAN_PROSPECTING_INSPO_EN_300x250/ Frame 5A81 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11139510502153299258/POS_US_CAN_PROSPECTING_INSPO_EN_300x250/index.html?ev=01_252
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_280.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
578178
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
30104
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Aug 2024 16:47:54 GMT
expires
Wed, 06 Aug 2025 16:47:54 GMT
last-modified
Wed, 13 Sep 2023 19:43:34 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 2ED3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstSl9_-iW8WyWLCJjau5g3CWc5hHC70VReVvdzVtEYmK8VF0qr7FvbMNObI5jlOM0anXRhRSsTIETuWW3eaXgS9Mvn0ETnDVUYwDda-l6o_GhOeJAJHIKuC5O6fM6vlKHMtVSLs030g5gynwO0cT5uuRm-6Rb-nx6e2c2X87aFHYMBm9oAC1tO2Iym0m-dtD12y89fkb-wsqzgefKdASmooVOvT7cdNbzlBJUH6ag1PndrlCHcY04UHGI4PzZBdle-KuLnwE1_rOyqSSdZTIH2zBF7I1ei956fd3EO8xAlYzvp_aNZGS0gOP7PLgXrVEaEIHty-Y6gP4JKdbIcQ91_mjRIjPQ85K-KOnX42HN7Qfq_-rUv07voqeRhFZ0aQkZgru3yD1tBFkUJVaWwzZrlos_AsMo2439YDz6vHfumGW7TPw_0ECIRQYDoxjnEQmZDlZr29BM1pSUtZxuR9OpaxcPlJKPc3TO9nFLXIzJ11xcyyz8LwKnLt8atwG_x5Zxe3yYs-3_IPXi6D0M3qtpY2_W-GIisqfh5gK_FGgoHuVMCu3Tnc1dYo7RPM37rYLzTsZvXIXRKKSXKn2WMvthlNy14sfzy0Yv77aWZ9essnScgNdQySL3OXW7zzz43O68BcgqRJ9EPJG9wVK58ZFUwBajyOOEmjasDaEp6Gh73aRxBdz0aGNGUiuQ82HMSf0pvlhAfJEzUlh6wMvddgzzZA0xDIPtELzllXMwr-a7R1VMzUs5C4n_qjRunurbvFF6eG1vs1Y-0Ftdq_7YDdwroDoAoBedsXFrUEMX5dsQcBVWlxoxElBYFeIZUOBGnsIf9iqjkuLreZiGnd87WYAKTous1GgsaXKRd8kmkEhHM7RT316PLW723G7UZQa3dhiJCm7hdh9YiDUAdV9ibxXvEGmMOeYVeH2Q6CsjEtVeJ6NS0gKR1lmcFIjWeiX2uBHZ-_hdbYgOGuSaF3be7868M8uBj2ibGidb2l4fwPAGUqQqzKWFBhyV31r7p8iyc57rJ0CT874vxknETCYWrw4yBqY1DHMS9ATCpXj4EcM1psC6-2Er719MxzKkC3B5lzhSRTLuNazz8PIKsXHgnSIZV62Xo7iz8jBzO5Q5GbT71V9SCexhqUKQAZ07oXy41Sw8HBvRk8mhBOHNTmuIK-nza_w4-IHwirs8td8M2WkCSsU5moi-fFs96ICBAjNYfhBrKwEl9Ydysz9TVGsltni9BKksfmAj2Ja0nJex1FOAKdu8M53UcVX54upt4oL6ZqA0cYhviR21-vpOTYVes4WyoWa6PRwcXe6rK5Pbjgui3MYANRUx-PVAR2y621cQOcFZmxe-jYzB5REKOSyv9ImC4DwiD4rCv-CfR2zJwIZKcKRbKDCNPzlMV7KYCz2ZXsYL5os7nEuJs1guznmT2KCKT5zhy-Cq1n_pYclwmkQBvFb5FYbaiBZ1YLP1BSHMqxuF-ycUAUyuvljFyEvT2DPXyitFaMLctqBOy7146e2IOaWRurAZocPTim62i0AeMUR2xKQvhgYNT15A&sai=AMfl-YSJugIUtdg_wQ1Pdxq3LzO3MyFC4GGC_G8VJoSY5n4ZpnOvFaZFDrShScghKPtZsh0kIMj37Iejsa3NhIcuIbPUCo4Nvd83-7TJ75cW6gVW2MW7vxw6W_SMkNeWOwQQe00rBvcXSfXyIuqEUrRBecqpNqAlQVYN5qaRLoV9CUV8LiCv7VuSD10w6ilSFFLnlBkGiAQudKt_IuEncVOZNorBh-I&sig=Cg0ArKJSzNrWnVftn0dfEAE&uach_m=%5BUACH%5D&pr=9:AAABkUsNV5C9QaOGr_c2XXm-lWK0gAQAT8CEEw&cry=1&crd=aHR0cHM6Ly9haXJjYW5hZGEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=293&cbvp=1&cstd=290&cisv=r20240807.49195&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 13 Aug 2024 09:24:12 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"628560324":"0x720b9e0bd6541f100000000000000000","628560325":"0x44b943bd12f4d1150000000000000000","628560326":"0xcd19a7445c59bbbf0000000000000000","628560327":"0x8e64a056fda9f5f40000000000000000"},"debug_key":"18404421845265318049","debug_reporting":true,"destination":["https://aircanada.com","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"1296000","filter_data":{"14":["7087662"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["8432219"]},"max_event_level_reports":2,"priority":"0","source_event_id":"22268691973380486"}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/png
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 13 Aug 2024 09:24:12 GMT
tag
btloader.com/ Frame 66AE
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.post-gazette.com&ver=1.2
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.post-gazette.com&ver=1.2&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=www.post-gazette.com&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=post-gazette.com&upapi=true
55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5080945107927040&domain=post-gazette.com&upapi=true
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eadd761b13081aad81ebed56792b18bd1d2b3dd4b79e6fd5d429aaef459897b8

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 13 Aug 2024 08:37:26 GMT
server
cloudflare
age
2728
etag
"e8ee3bdc1bf1bdcf007f7083fca5d199"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8b27a69a8981a57e-MIA
content-length
18634

Redirect headers

date
Tue, 13 Aug 2024 09:24:12 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
2728
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
location
/tag?o=5080945107927040&domain=post-gazette.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
8b27a69a3966a57e-MIA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 66AE 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.94.117.85 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-117-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 13 Aug 2024 09:39:12 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 66AE 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8df7fe823f75f25f7680d4cf3f49e564f65d0b0d98c2ca720355263092de463f

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 15:55:08 GMT
content-encoding
gzip
via
1.1 6d9771d39a0475d92b50bdd9caae11c2.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2024 15:12:32 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
62945
etag
W/"f1f0b047590225342fe032e4163d565a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
7vz9sSgd3KF3s5D-UZ42M42n8myt6tN3qXTEbm7On89qv22KpP6GmA==
ima.js
cdn-ima.33across.com/ Frame 66AE 		16 KB
89 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b45bdbf750c305208e17ba6044c938c0d147a9c41b5a1082fffa748ff11a5d3

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Aug 2024 14:55:11 GMT
server
cloudflare
age
584173
etag
W/"66b2394f-405e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8b27a6982cbf259a-MIA
expires
Fri, 16 Aug 2024 09:24:12 GMT
hadron.js
cdn.hadronid.net/ Frame 66AE 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ref=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&_it=amazon&partner_id=471
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
server
cloudflare
x-amz-request-id
4GNTEWM5RE8S976C
age
1088
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=432000
cf-ray
8b27a6989ee8a570-MIA
x-amz-id-2
1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 66AE 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jun 2024 08:15:00 GMT
server
cloudflare
x-amz-request-id
WM1RZ62S3TETY84Y
age
3216
etag
W/"7549ecdacdd2ca9502744f648799d58a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8b27a6989cec7434-MIA
x-amz-id-2
c1mjZawPREbT4KWV1oBN9Tw4mqD90X9k+oaPjWAfxhVSA/xCIfjtFwkE2+YHYVvo/tMw7xGHK7e802KpzTUo7g==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 66AE 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.94.117.85 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-117-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Tue, 13 Aug 2024 09:39:12 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.130.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-130-32.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.post-gazette.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 13 Aug 2024 09:24:12 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 66AE 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.130.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-130-32.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 13 Aug 2024 09:24:12 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
config.json
player.adtelligent.com/exchange_rates/279896/ Frame 66AE 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.post-gazette.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
31861d2a608fcb9daea58ae727d82b687cd876df26ab2cc76012fd78465add98

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

x-proxy-cache
HIT
date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
last-modified
Mon, 12 Aug 2024 12:01:39 GMT
server
nginx
etag
W/"66b9f9a3-84c"
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
max-age=86400
expires
Wed, 14 Aug 2024 09:24:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4a.js
static.adsafeprotected.com/ Frame 2ED3
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/779512/74291562/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=22063981&ias_pubId=543174347&ias_chanId=9&ias_placementId=55036917&bidurl=https://www.post-ga...
  • https://static.adsafeprotected.com/4a.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
2600:9000:2073:d000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f10d5bdd8d60943848d514b3aa6e7d4d663e669069c8ed946ff4ed262a288a07

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id
L6mlW4_ZvYd1_jVFewDyT_BO1LKNmMKe
content-encoding
gzip
via
1.1 cdb7a265f783ce0c07661e9c6820c2c4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
age
237802
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 05 Aug 2024 12:02:12 GMT
server
AmazonS3
etag
W/"2105f244154aad4862ff53a961b1f1a4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
71KXpYoT7rN5_pfsMZyM8pVPzTQvdrEeRqx66B6epXDa1PwtHdwNmQ==

Redirect headers

location
https://static.adsafeprotected.com/4a.js
pragma
no-cache
date
Tue, 13 Aug 2024 09:24:12 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
0
p3p
CP="COM NAV INT STA NID OUR IND NOI"
sca.17.6.4.js
static.adsafeprotected.com/ Frame 0775 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:d000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding
gzip
via
1.1 cdb7a265f783ce0c07661e9c6820c2c4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
age
237802
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 May 2024 16:44:02 GMT
server
AmazonS3
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
YGK7qVKAoB7g2VfSKG27PAYq5et1ciVM3t-xC3Ko0ub1h2skfjpjPA==
no$post
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_wfO5dOu8/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_wfO5dOu8/no$post
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.111.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-111-103.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.post-gazette.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.post-gazette.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Tue, 13 Aug 2024 09:24:12 GMT
server
fasthttp
strict-transport-security
max-age=31536000
no$post
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_wfO5dOu8/ 		33 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_wfO5dOu8/no$post
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/137-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.111.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-111-103.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
f15e81de6a31889ca1d6ccbceaecdf85a14227da03d878e2a2cc91744c53507d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
3593de28-31ce-40c3-ad44-2c27d3579c59
x-post-id
no$post
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_wfO5dOu8
x-spotim-page-view-id
8ba16e39-784a-49b9-b4f5-d79982b35e11
Referer
https://www.post-gazette.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfZHk4R1g3VndRM3J6IiwiZGlzcGxheV9uYW1lIjoiQ3lhblN1Ym1hcmluZSIsInVzZXJfbmFtZSI6IkN5YW5TdWJtYXJpbmUiLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjQ3lhbi1TdWJtYXJpbmUiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJsb2NhdGlvbiI6IiIsImlzX21vZGVyYXRpb25fdmlld2VyIjpmYWxzZSwic3BvdF9pZCI6InNwX3dmTzVkT3U4IiwibGFzdF9jaGVjayI6MTcyMzU0MTA1MSwidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTI0MDgxM1ZtNVdxeC40NDc1NDYzZjRmNzczMGZlOGZjMjhjYTI2N2ZhMDNmMWJiNDc2YzBlYjk0OTc1NTc3OWU4ODAwNTgxZTIwNWVlIiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX3JFVGVXWXVFWDFvRFFhR3NNb3Z4IiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoibmV0X3Bvc3RfZ2F6ZXR0ZSIsIm5ldHdvcmtfbmFtZSI6InBvc3RfZ2F6ZXR0ZSIsIm5ldHdvcmtfaW1hZ2VfaWQiOiI5YmYyYzJiYWZkZWY4YTA0YjQ1ZDg0Nzg4ZWZjNWE4NSIsIm5ldHdvcmtfY29sb3IiOiIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3NTE5NjMwNTEsInN1YiI6InVfZHk4R1g3VndRM3J6In0.obdDyPz0eNhVhQS25FwkFsPgwSq5t_tpFevWhbDt3ME

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
strict-transport-security
max-age=31536000
x-spotim-device-uuid
3593de28-31ce-40c3-ad44-2c27d3579c59
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
content-encoding
gzip
x-spotim-networkid
net_post_gazette
x-spotim-token
01240813Vm5Wqx.4475463f4f7730fe8fc28ca267fa03f1bb476c0eb949755779e8800581e205ee
x-request-id
cd5ccb52-5955-11ef-901b-328c7ba94386
x-guid
3593de28-31ce-40c3-ad44-2c27d3579c59
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
pixels
pix.spot.im/api/v1/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/137-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.57.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-57-62.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 13 Aug 2024 09:24:12 GMT
content-length
0
content-type
application/json
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=779512&asId=c7b8b3d8-4d95-d607-c8a0-ed9727de7a85&tv=%7Bc:ldtflO,pingTime:-2,time:145,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:771,beZ:773,mfA:778,cmA:779,inA:779,inZ:784,prA:784,prZ:795,si:802,poA:804,poZ:829,cmZ:829,mfZ:829,loA:873,loZ:876,ltA:915,ltZ:915%7D%7D,sca:%7Blts:2024-08-12%2023.24.12,dfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:30%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:145,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:10.10.1600.1200,ac:1133.1665.300.250,am:sp,cc:10.10.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B135~0%5D,as:%5B135~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:uljYBLl+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18111%7C181121%7C181122%7C181123%7C1811241%7C1811242%7C181125%7C181126%7C1812%7C1813%7C1814%7C1815%7C18161%7C18162%7C1817%7C1818%7C1819%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i%7C1j1*.779512-74291562%7C1j11%7C1j12%7C1j13%7C1j14%7C1j2%7C1j3%7C1j4%7C1k%7C1l%7C1m11%7C1m12%7C1m2%7C1m3%7C1n%7C1o1%7C1p%7C1q,idMap:1j1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:32,slid:%5Bgoogle_ads_iframe_/6785150/pg.com/news/crime-courts_3,google_ads_iframe_/6785150/pg.com/news/crime-courts_3__container__,div-gpt-ad-MIDDLE2-0,pgevoke-story-0%5D,sinceFw:111,readyFired:true%7D&br=c
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:e19:1ba3:b531:d604 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:12 GMT
server
nginx
x-server-name
dt34.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
go1.aniview.com/api/adserver/tag/ 		55 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_wfO5dOu8&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=8ba16e39-784a-49b9-b4f5-d79982b35e11&AV_CDIM5=TrZXoSXtmhKHQ6FdrlPyRJ8eLQL9QldKxiq43JLYEpOKYvRURoHqjAXdRb9vqDB9&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Atrue&AV_CDIM9=6785150&AV_CDIM10=v22.18.0&AV_CDIM12=B&AV_CDIM13=false&AV_CDIM14=sp_wfO5dOu8&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_wfO5dOu8%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=62569d35967beb67a42364be&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.post-gazette.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/62569d35967beb67a42364be/www.post-gazette.com&d36=6.2.231&responsive=1&sver=5&avtoken=52391&omv=1.0.1&clsid=a99fd622-9868-49b4-ab4d-727de250f612&rando=98&scnt=1&AV_WIDTH=630&AV_HEIGHT=355&AV_DNT=0&cb=1723541052394&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.81 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
eb5d732d514782f04a9cbb932542ff83323615e68bb65bace07b05bc76235666

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
alt-svc
h3=":443";ma=60;
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.post-gazette.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Thu, 01 Aug 2024 19:37:32 GMT
track
track1.aniview.com/ 		0
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.post-gazette.com&sn=&cd1=sp_wfO5dOu8&cd2=Desktop&cd3=pitc&cd4=8ba16e39-784a-49b9-b4f5-d79982b35e11&cd5=TrZXoSXtmhKHQ6FdrlPyRJ8eLQL9QldKxiq43JLYEpOKYvRURoHqjAXdRb9vqDB9&cd6=stable&cd7=row1-column1&cd8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Atrue&cd9=6785150&cd10=v22.18.0&cd12=B&cd13=false&cd14=sp_wfO5dOu8&cd15=ads&cd16=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ic=0&tgt=0&app=&wi=630&he=355&test=&d36=6.2.231&apppkg=&fv=1&proto=https&clsid=a99fd622-9868-49b4-ab4d-727de250f612&rando=98&scnt=1&pid=5e0e296628a061270b21ccab&cid=62569d35967beb67a42364be&stagid=&stplid=&e=inventory&vi=0&plt=4&cb=1723541052392
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
envelope
lexicon.33across.com/v1/ Frame 66AE 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003HljHyAAJ&src=aps&ver=1.13.0
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
hadron.json
id.hadron.ad.gt/v1/ Frame 66AE 		126 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=471&sync=0&domain=www.post-gazette.com&url=https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ref=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&_it=amazon&partner_id=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0502b2b1b3dd16ac2eb007be8417bbd5b3b08034316cb5039faa7cff833749

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization,content-type
cf-ray
8b27a69b2a04a527-MIA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=471&sync=0&domain=www.post-gazette.com&url=https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.post-gazette.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8b27a69ab9c9a527-MIA
content-length
0
content-type
application/json
date
Tue, 13 Aug 2024 09:24:12 GMT
debug
OPTIONS block
expires
Wed, 13 Aug 2025 09:24:12 GMT
server
cloudflare
view
ad.doubleclick.net/pcs/ Frame 2ED3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstSl9_-iW8WyWLCJjau5g3CWc5hHC70VReVvdzVtEYmK8VF0qr7FvbMNObI5jlOM0anXRhRSsTIETuWW3eaXgS9Mvn0ETnDVUYwDda-l6o_GhOeJAJHIKuC5O6fM6vlKHMtVSLs030g5gynwO0cT5uuRm-6Rb-nx6e2c2X87aFHYMBm9oAC1tO2Iym0m-dtD12y89fkb-wsqzgefKdASmooVOvT7cdNbzlBJUH6ag1PndrlCHcY04UHGI4PzZBdle-KuLnwE1_rOyqSSdZTIH2zBF7I1ei956fd3EO8xAlYzvp_aNZGS0gOP7PLgXrVEaEIHty-Y6gP4JKdbIcQ91_mjRIjPQ85K-KOnX42HN7Qfq_-rUv07voqeRhFZ0aQkZgru3yD1tBFkUJVaWwzZrlos_AsMo2439YDz6vHfumGW7TPw_0ECIRQYDoxjnEQmZDlZr29BM1pSUtZxuR9OpaxcPlJKPc3TO9nFLXIzJ11xcyyz8LwKnLt8atwG_x5Zxe3yYs-3_IPXi6D0M3qtpY2_W-GIisqfh5gK_FGgoHuVMCu3Tnc1dYo7RPM37rYLzTsZvXIXRKKSXKn2WMvthlNy14sfzy0Yv77aWZ9essnScgNdQySL3OXW7zzz43O68BcgqRJ9EPJG9wVK58ZFUwBajyOOEmjasDaEp6Gh73aRxBdz0aGNGUiuQ82HMSf0pvlhAfJEzUlh6wMvddgzzZA0xDIPtELzllXMwr-a7R1VMzUs5C4n_qjRunurbvFF6eG1vs1Y-0Ftdq_7YDdwroDoAoBedsXFrUEMX5dsQcBVWlxoxElBYFeIZUOBGnsIf9iqjkuLreZiGnd87WYAKTous1GgsaXKRd8kmkEhHM7RT316PLW723G7UZQa3dhiJCm7hdh9YiDUAdV9ibxXvEGmMOeYVeH2Q6CsjEtVeJ6NS0gKR1lmcFIjWeiX2uBHZ-_hdbYgOGuSaF3be7868M8uBj2ibGidb2l4fwPAGUqQqzKWFBhyV31r7p8iyc57rJ0CT874vxknETCYWrw4yBqY1DHMS9ATCpXj4EcM1psC6-2Er719MxzKkC3B5lzhSRTLuNazz8PIKsXHgnSIZV62Xo7iz8jBzO5Q5GbT71V9SCexhqUKQAZ07oXy41Sw8HBvRk8mhBOHNTmuIK-nza_w4-IHwirs8td8M2WkCSsU5moi-fFs96ICBAjNYfhBrKwEl9Ydysz9TVGsltni9BKksfmAj2Ja0nJex1FOAKdu8M53UcVX54upt4oL6ZqA0cYhviR21-vpOTYVes4WyoWa6PRwcXe6rK5Pbjgui3MYANRUx-PVAR2y621cQOcFZmxe-jYzB5REKOSyv9ImC4DwiD4rCv-CfR2zJwIZKcKRbKDCNPzlMV7KYCz2ZXsYL5os7nEuJs1guznmT2KCKT5zhy-Cq1n_pYclwmkQBvFb5FYbaiBZ1YLP1BSHMqxuF-ycUAUyuvljFyEvT2DPXyitFaMLctqBOy7146e2IOaWRurAZocPTim62i0AeMUR2xKQvhgYNT15A&sai=AMfl-YSJugIUtdg_wQ1Pdxq3LzO3MyFC4GGC_G8VJoSY5n4ZpnOvFaZFDrShScghKPtZsh0kIMj37Iejsa3NhIcuIbPUCo4Nvd83-7TJ75cW6gVW2MW7vxw6W_SMkNeWOwQQe00rBvcXSfXyIuqEUrRBecqpNqAlQVYN5qaRLoV9CUV8LiCv7VuSD10w6ilSFFLnlBkGiAQudKt_IuEncVOZNorBh-I&sig=Cg0ArKJSzNrWnVftn0dfEAE&uach_m=%5BUACH%5D&pr=9:AAABkUsNV5C9QaOGr_c2XXm-lWK0gAQAT8CEEw&cry=1&crd=aHR0cHM6Ly9haXJjYW5hZGEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=656&vt=11&dtpt=363&dett=3&cstd=290&cisv=r20240807.49195&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"628560324":"0x720b9e0bd6541f100000000000000000","628560325":"0x44b943bd12f4d1150000000000000000","628560326":"0xcd19a7445c59bbbf0000000000000000","628560327":"0x8e64a056fda9f5f40000000000000000"},"debug_key":"11199839152322901919","debug_reporting":true,"destination":["https://aircanada.com","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"1296000","filter_data":{"14":["7087662"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["8432219"]},"max_event_level_reports":2,"priority":"0","source_event_id":"13180291303380530618"}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/png
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Aug 2024 09:24:12 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=&gdpr_consent=&gpp_sid=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D75ab3a...
  • https://ce.lijit.com/merge?pid=16&3pid=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&gdpr=0&gdpr_consent=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
54.242.231.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-231-86.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:13 GMT
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 13 Aug 2024 09:24:13 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=&gdpr_consent=&gpp_sid=
  • https://ce.lijit.com/merge?pid=80&3pid=LZS7U90F-D-5HSJ
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LZS7U90F-D-5HSJ
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
54.242.231.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-231-86.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:12 GMT
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LZS7U90F-D-5HSJ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7654d1c22c7536dacc29d4de0f448a70
Expires
0
merge
ce.lijit.com/
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=&gdpr_consent=&gpp_sid=
  • https://ce.lijit.com/merge?pid=27&3pid=9d726017-cca8-4359-9a78-959ca9a44b9a&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=9d726017-cca8-4359-9a78-959ca9a44b9a&gdpr=0&gdpr_consent=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
54.242.231.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-231-86.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:12 GMT
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=27&3pid=9d726017-cca8-4359-9a78-959ca9a44b9a&gdpr=0&gdpr_consent=
date
Tue, 13 Aug 2024 09:24:12 GMT
server
Kestrel
content-length
223
merge
ce.lijit.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=&gdpr_consent=&gpp_sid=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dfmx%2...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=02cc4e56da5f41f9a862f20165bbd2f5&ssp=fmx&bsw_param=2274b348-066a-4986-b3e7-e410058596e5&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ce.lijit.com/merge?pid=26&3pid=2274b348-066a-4986-b3e7-e410058596e5&gdpr=&gdpr_consent=&us_privacy=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=2274b348-066a-4986-b3e7-e410058596e5&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
54.242.231.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-231-86.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:13 GMT
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=2274b348-066a-4986-b3e7-e410058596e5&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 13 Aug 2024 09:24:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=&gdpr_consent=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SkoxMEFCWkhDN0VMaTZqVFFTeUY0dGdp
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SkoxMEFCWkhDN0VMaTZqVFFTeUY0dGdp
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 13 Aug 2024 09:24:12 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT
location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SkoxMEFCWkhDN0VMaTZqVFFTeUY0dGdp
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 66AE 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.94.117.85 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-117-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Tue, 13 Aug 2024 09:39:12 GMT
map
bcp.crwdcntrl.net/6/ Frame 66AE 		156 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.65.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-65-180.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
075730452047fcc98c8833819ad04ef6f38a3b495cdcc79c31d37d6b85ec1b8d

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:12 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache
x-server
10.40.9.242
access-control-allow-credentials
true
content-length
156
expires
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2ED3 		0
482 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7yQRka2DbOFAFjo22tGDrIghwXuVTgz3ozFt20ZrMy8jRy91gGBZGP7DvziWHiPlyAkzPRWqmWtC_EyXPrTJ1pk7kteQWjy7Cmt5Z3pPPveYHIaOlLF7J4mnOuKz0T0rQ6Bn9FJinGaL1D-NCmpbSWo24nJ0KV4Pb9CSkIAzNMwTsg66xyq8SaTU8MdwFPVqetT8x3MWnuL9V8WVtuCIfxRmfoyo6Vg&sai=AMfl-YR0-KTpaj5nLGwlko4EYi8qoYQlXqMdo7nHuuOj_lmg1w0PD2PwM43N-JPTJh2PeUEk8439fd68MHEf7kq12aGjQbbswIKFAsAWwhWADSmEAF5bU-AyedU&sig=Cg0ArKJSzJl9IWrDjESpEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
passback_300x250.js
static.adsafeprotected.com/ Frame 1E9B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_300x250.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:d000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id
vr1Fa3eAVtG7AGe6kPa1Y0WAZAHvQkII
content-encoding
gzip
via
1.1 cdb7a265f783ce0c07661e9c6820c2c4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
age
237802
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:42 GMT
server
AmazonS3
etag
W/"44f0ac540dc9c11f94344414c879b658"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
5OO_qy341M0wzh5riW6kgghV6Y5W4zy56UVDMNytCDTqcm0tjUc6ZA==
px.gif
ad-delivery.net/ Frame 66AE 		43 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2429015
x-guploader-uploadid
ACJd0Nq4B4GHIgFXDlXYiHr5e525NuX9Tx34VecRzc7920YBDTMsbjDrdV0gAdsEFgFVokeRKSI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJj5bacLayu8fkNuE6hsF8lt%2FcPAMnvXhGiDkBd8emCrITrbRl9I%2BLfti%2BkPzWe2If07TAWP0ABPpiVSvNylxMNpNA%2F0BkSFe5FSI%2Fan56Z%2FQ7bAM3ngYdGTThKuA9EQsTzImZqRbCUJwfeJVA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8b27a69b5db04972-MIA
expires
Tue, 16 Jul 2024 06:57:41 GMT
favicon.ico
ad.doubleclick.net/ Frame 66AE 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49907
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Aug 2024 19:32:25 GMT
px.gif
ad-delivery.net/ Frame 66AE 		43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7210974934503533
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2429015
x-guploader-uploadid
ACJd0Nq4B4GHIgFXDlXYiHr5e525NuX9Tx34VecRzc7920YBDTMsbjDrdV0gAdsEFgFVokeRKSI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aSewFDDeiOMzjlQsFy%2FqiWhYY8GriQ5ymHPS6oxo20IOPKkj6JcAWUoOyPDcD4rkCwZHKYSq0xY6U28CH%2F%2B%2FIF3DBYFC4PlVPkey%2Fu0Azy%2FKEUblEa5T9R5mhLBMQTCoqChXfv%2B1TgIbfECfBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8b27a69b5db34972-MIA
expires
Tue, 16 Jul 2024 06:57:41 GMT
IAS_PassbackAds_300x250.png
static.adsafeprotected.com/ Frame 1E9B 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:d000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id
5gVOAFoF.BCvnrybv6D.a4lGJXzJNSyO
via
1.1 cdb7a265f783ce0c07661e9c6820c2c4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
age
237802
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14233
last-modified
Fri, 18 Feb 2022 23:28:59 GMT
server
AmazonS3
etag
"65a8b98b798ce416d94c2847aca40c71"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
0syU94XxVTAB5j0TRnlm89qdqqxKlZD8uemINZSkxpma6xcNcb01Ow==
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DE53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1723541052589-172025166255-000153-000-008120%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=104338
content-encoding
gzip
content-length
5516
content-type
text/html
date
Tue, 13 Aug 2024 09:24:12 GMT
expires
Wed, 14 Aug 2024 14:23:10 GMT
last-modified
Mon, 05 Aug 2024 09:22:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 5FE0
Redirect Chain
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1723541052589-172025166255-000153-000-008120%26biddername%3D18%26k...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=18&key=JJ10ABZHC7ELi6jTQSyF4tgi
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=18&key=JJ10ABZHC7ELi6jTQSyF4tgi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.78 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=60;
content-length
0
date
Tue, 13 Aug 2024 09:24:12 GMT

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
content-length
0
date
Tue, 13 Aug 2024 09:24:12 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=18&key=JJ10ABZHC7ELi6jTQSyF4tgi
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 3621 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1723541052589-172025166255-000153-000-008120%26biddername%3D42%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8b27a69b4d4c7bfa-MIA
content-encoding
br
content-type
text/html
date
Tue, 13 Aug 2024 09:24:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QRgzhDnqEHzOyzb9FaW%2FRTS3bNR%2BXpFdzs3L42otOlPMX7VcnCULVmQdvFuiqYv13IAMagRRR2W7yP5P30ngDSA8qGVh8XMuUrVMXzUgVygk0taFgbf6a1o6%2FOTUdUbWs1YOLQUl"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 9457
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1723541052589-172025166255-000153-000-008120%26biddern...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=72&pid=5e0e296628a061270b21ccab&key=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=72&pid=5e0e296628a061270b21ccab&key=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.78 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=60;
content-length
0
date
Tue, 13 Aug 2024 09:24:12 GMT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0,no-cache,no-store
content-length
0
date
Tue, 13 Aug 2024 09:24:11 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=72&pid=5e0e296628a061270b21ccab&key=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A
via
1.1 google
cookiesyncendpoint
sync.aniview.com/ Frame D23A
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1723541052589-172025166255-000153-000-008120%26biddername%3D41%26pid%3D5e0e29662...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=41&pid=5e0e296628a061270b21ccab&key=4441859691190386988537
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=41&pid=5e0e296628a061270b21ccab&key=4441859691190386988537
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.78 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=60;
content-length
0
date
Tue, 13 Aug 2024 09:24:12 GMT

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 13 Aug 2024 09:24:12 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1723541052589-172025166255-000153-000-008120&biddername=41&pid=5e0e296628a061270b21ccab&key=4441859691190386988537
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
avpb8.48.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame C736 		352 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.215.0.43 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-0-43.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
b29027f5e7c5b3374f5530f61e19c89e5915142c4f13223e5f48ddfb1ef76cba

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

quic-version
0x00000001
date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
x-guploader-uploadid
AHxI1nPHOJKCSCTfPBmd5Rtst5cwzimfmSSL4uQrEyDeYm5Rvv6HWv2T-x5UOKMA8fY3y77h4KI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
110100
last-modified
Sun, 11 Aug 2024 06:17:26 GMT
server
UploadServer
etag
"3a0cccdf8cf37e7f3ff3cd7ec410caf5"
vary
Accept-Encoding
x-goog-generation
1723357046444032
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=plX2Hg==, md5=OgzM34zzfn8/881+xBDK9Q==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
110100
accept-ranges
bytes
expires
Tue, 13 Aug 2024 09:39:12 GMT
avpb8.48.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame C736 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.215.0.43 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-0-43.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
f80bd049512b884446db797cc3c8193aa1eb91a1f1aaf59829a5c0a8a12eb1a1

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

quic-version
0x00000001
date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
x-guploader-uploadid
AHxI1nP_dAVY3bhgTxRG47U-IZ7xzulNc2ZsA_kUMCJVvOQ7mxrl-BHfdJTS6MK0zKLKlB6ptSNDlAJwAQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
24274
last-modified
Sun, 11 Aug 2024 06:17:26 GMT
server
UploadServer
etag
"873d73a3642ecd96e316d3358204b622"
vary
Accept-Encoding
x-goog-generation
1723357046341953
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=So2y9Q==, md5=hz1zo2QuzZbjFtM1ggS2Ig==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
24274
accept-ranges
bytes
expires
Tue, 13 Aug 2024 09:39:12 GMT
avpb8.48.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame C736 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0a2.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.215.0.43 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-0-43.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
f4073940d3a4bf5b44f2065ad230c41c6f6343bcf04015ab21b5a4ebb64b5938

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

quic-version
0x00000001
date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
x-guploader-uploadid
AHxI1nPZ2OGyVdubIxbdvcQeHEDQsdKEiq1S1JvXxV_egC4iFQBnv1bAgnll1IEDenMl8u7sfR3B8on_tg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
20369
last-modified
Sun, 11 Aug 2024 06:17:26 GMT
server
UploadServer
etag
"23b4a43a14e791770c71a7b06202e09f"
vary
Accept-Encoding
x-goog-generation
1723357046327011
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=PyP9ZQ==, md5=I7SkOhTnkXcMcaewYgLgnw==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
20369
accept-ranges
bytes
expires
Tue, 13 Aug 2024 09:39:12 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 0626 		319 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb91d44b4b1deecc952c953de556437e2283fb4a17261ef352cc19ea65f7984b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:56:05 GMT
content-encoding
gzip
via
1.1 1fa3f854976309f3d11907ad7125291a.cloudfront.net (CloudFront), 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2024 20:54:56 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
1684
x-amz-server-side-encryption
AES256
etag
W/"bcf5fc5f6600cc22b92be3e154b2e3e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
3pV9rOMRA7_Xt6mxnG4bE_BPWdJRBwpJp2vMy7IbDmthJ87y_Pu9wg==
s2s
s2ssc.aniview.com/api/adserver/ 		0
802 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=3fa7617d1bed461dea55af24fb9994a0&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1723541052589-172025166255-000153-000-008120&AV_CDIM1=sp_wfO5dOu8&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=8ba16e39-784a-49b9-b4f5-d79982b35e11&AV_CDIM5=TrZXoSXtmhKHQ6FdrlPyRJ8eLQL9QldKxiq43JLYEpOKYvRURoHqjAXdRb9vqDB9&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Atrue&AV_CDIM9=6785150&AV_CDIM10=v22.18.0&AV_CDIM12=B&AV_CDIM13=false&AV_CDIM14=sp_wfO5dOu8&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_wfO5dOu8%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=62569d35967beb67a42364be&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.post-gazette.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/62569d35967beb67a42364be/www.post-gazette.com&d36=6.2.231&responsive=1&sver=5&avtoken=52391&omv=1.0.1&clsid=a99fd622-9868-49b4-ab4d-727de250f612&rando=98&scnt=1&AV_WIDTH=630&AV_HEIGHT=355&AV_DNT=0&cb=3541052664&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=1&d5=0&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&AV_IRISID=&AV_IRISIDCTX=&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.70 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
x-bamboo-c-skst
1
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache
access-control-allow-credentials
true
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
alt-svc
h3=":443";ma=60;
expires
Thu, 01 Aug 2024 19:37:32 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame 66AE 		190 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:16::820 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Tue, 13 Aug 2024 09:54:13 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0626 		6 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
date
Mon, 12 Aug 2024 11:02:51 GMT
x-amz-cf-pop
JFK50-P3
age
80479
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Origin,accept-encoding
x-amz-cf-id
FXBbfnA54aMKaryy22rMilWc3YKLvJPRa3hlGMKKNSO8AetBfs32Sg==
9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
config.aps.amazon-adsystem.com/configs/ Frame 0626 		563 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-56.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
ba7ad69beebac1b0f77dd58d076f29fc71aae2d411c0f1aa1011c157642c5812

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:43:43 GMT
via
1.1 313dd6f62ed18c58ce60182660a6ec46.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P3
age
2429
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
lL6jUt8-vlh2iJzUDSiKZzVavDZmiyaCDEm31ZP1O6NQL1fv8Ix55Q==
config
c.amazon-adsystem.com/cdn/prod/ Frame 0626 		5 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.post-gazette.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e1ef56745c8a9e21f6b815dec4a97440fc975920d4e7a021ba518f1a9a229974

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:15:13 GMT
via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
4139
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
5219
x-amz-cf-id
YN2CRAM7MDbjtGsTdFLcJN2JOYeDMNgSqmc7tpC78ZH3_jNrgA3w6A==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 0626 		139 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&pid=Swtr0ELK0hcGH&cb=0&ws=1600x1200&v=24.806.2109&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A300%2C%22id%22%3A%22videoD%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21spotim.market%2Csp_wfO5dOu8%2C1%2C%2C%2C&sm=735ef126-18a7-4dfc-b8eb-6fb9ee3b2835&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*s83cbQntST77-wny25AjN-Q7E6-IjE1kBFPscPX_JiG6ZVHckDDww8sWpwlfXqUJ%22%2C%22pubcommon%22%3A%22fb0fd5ae-3e25-4b89-bb10-cc3e07a28ff4%22%7D%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.20.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-20-121.iad12.r.cloudfront.net
Software
Server /
Resource Hash
fcd871eea694753df07594d0932fe2d8a12fbca75bea30f5b8bf1b4d46a363c7

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
via
1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
139
x-amz-cf-id
5TD_NqkcCgpq-6AQpoYTz2CIX7t9ajUfUwy-mYc6zUbIOEnOBwTLLw==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 0626 		139 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&pid=Swtr0ELK0hcGH&cb=1&ws=1600x1200&v=24.806.2109&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A300%2C%22id%22%3A%22videoD%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21spotim.market%2Csp_wfO5dOu8%2C1%2C%2C%2C&sm=735ef126-18a7-4dfc-b8eb-6fb9ee3b2835&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*s83cbQntST77-wny25AjN-Q7E6-IjE1kBFPscPX_JiG6ZVHckDDww8sWpwlfXqUJ%22%2C%22pubcommon%22%3A%22fb0fd5ae-3e25-4b89-bb10-cc3e07a28ff4%22%7D%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.20.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-20-121.iad12.r.cloudfront.net
Software
Server /
Resource Hash
13aaac2e4d4fe5b8b373eb281ff060391254168b225e59e008740ec62e28e060

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
via
1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
139
x-amz-cf-id
xmCrq2waZnFKVHzUxST6oqdn5YXZFjLnV0JdPHG04FjeULdEHjd0ig==
tag
btloader.com/ Frame 0626
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.post-gazette.com&ver=1.2
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.post-gazette.com&ver=1.2&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=www.post-gazette.com&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=post-gazette.com&upapi=true
55 KB
64 B 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5080945107927040&domain=post-gazette.com&upapi=true
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eadd761b13081aad81ebed56792b18bd1d2b3dd4b79e6fd5d429aaef459897b8

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 13 Aug 2024 08:37:26 GMT
server
cloudflare
age
2729
etag
"e8ee3bdc1bf1bdcf007f7083fca5d199"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8b27a69dcaa2a57e-MIA
content-length
18634

Redirect headers

date
Tue, 13 Aug 2024 09:24:12 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
2728
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
location
/tag?o=5080945107927040&domain=post-gazette.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
8b27a69a3966a57e-MIA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 0626 		54 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.94.117.85 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-117-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 13 Aug 2024 09:39:12 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 0626 		42 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8df7fe823f75f25f7680d4cf3f49e564f65d0b0d98c2ca720355263092de463f

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 15:55:08 GMT
content-encoding
gzip
via
1.1 6d9771d39a0475d92b50bdd9caae11c2.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2024 15:12:32 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
62945
etag
W/"f1f0b047590225342fe032e4163d565a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
7vz9sSgd3KF3s5D-UZ42M42n8myt6tN3qXTEbm7On89qv22KpP6GmA==
ima.js
cdn-ima.33across.com/ Frame 0626 		16 KB
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b45bdbf750c305208e17ba6044c938c0d147a9c41b5a1082fffa748ff11a5d3

Request headers

Referer
https://www.post-gazette.com/
If-None-Match
W/"66b2394f-405e"
If-Modified-Since
Tue, 06 Aug 2024 14:55:11 GMT
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Aug 2024 14:55:11 GMT
server
cloudflare
age
584173
etag
W/"66b2394f-405e"
vary
Accept-Encoding
cache-control
public, max-age=259200
cf-ray
8b27a69bce22259a-MIA
expires
Fri, 16 Aug 2024 09:24:12 GMT
hadron.js
cdn.hadronid.net/ Frame 0626 		56 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ref=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&_it=amazon&partner_id=471
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
server
cloudflare
x-amz-request-id
4GNTEWM5RE8S976C
age
1088
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=432000
cf-ray
8b27a6989ee8a570-MIA
x-amz-id-2
1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 0626 		94 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jun 2024 08:15:00 GMT
server
cloudflare
x-amz-request-id
WM1RZ62S3TETY84Y
age
3216
etag
W/"7549ecdacdd2ca9502744f648799d58a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8b27a6989cec7434-MIA
x-amz-id-2
c1mjZawPREbT4KWV1oBN9Tw4mqD90X9k+oaPjWAfxhVSA/xCIfjtFwkE2+YHYVvo/tMw7xGHK7e802KpzTUo7g==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 0626 		14 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.94.117.85 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-117-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Tue, 13 Aug 2024 09:39:12 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 66AE 		139 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&pid=Mp3eLAIj5i3Pc&cb=0&ws=336x280&v=24.806.2109&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1588782711490-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22320x250%22%5D%2C%22sn%22%3A%22%2F39694909%2C6785150%2FDBV%2FDBV-PostGazette%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21spotim.market%2Csp_wfO5dOu8%2C1%2C%2C%2C&sm=735ef126-18a7-4dfc-b8eb-6fb9ee3b2835&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*s83cbQntST77-wny25AjN-Q7E6-IjE1kBFPscPX_JiG6ZVHckDDww8sWpwlfXqUJ%22%2C%22pubcommon%22%3A%22fb0fd5ae-3e25-4b89-bb10-cc3e07a28ff4%22%7D%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.20.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-20-121.iad12.r.cloudfront.net
Software
Server /
Resource Hash
fcd871eea694753df07594d0932fe2d8a12fbca75bea30f5b8bf1b4d46a363c7

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
via
1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
139
x-amz-cf-id
HdS0DErQq5kbIsU9oWJ9h5m18rnxlRMFxdTmwtIk6SbKU5_82BNGMA==
/
ghb.adtelligent.com/v2/auction/ Frame 66AE 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.151.194 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
76df23d390e160bb7e14e859339c5ff7ae7ea804a56b7bb4f558e9e65793549a

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 13 Aug 2024 09:24:12 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.post-gazette.com
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1087
hbjson
grid.bidswitch.net/ Frame 66AE 		22 B
267 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
960603c192f089e4e52a45730d8c4f289853babd8596a1e6fcfbb0000230c401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
nginx
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
47
c
prebid.a-mo.net/a/ Frame 66AE 		0
784 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:12 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
81
server
envoy
vary
origin, accept-encoding, Accept-Encoding
trinity.json
apex.go.sonobi.com/ Frame 66AE 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%229882479c70ae87%22%3A%2255f3dde57d605f7ad35c%7C300x250%2C336x280%7Cgpid%3D%2F39694909%2C6785150%2FDBV%2FDBV-PostGazette%23div-gpt-ad-1588782711490-0%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&s=f801c4b5-5231-4334-bce8-947e6f3edf15&pv=aa303bba-8451-4e58-8903-cfd30b226b7b&vp=mobile&lib_name=prebid&lib_v=8.52.0&us=0&iqid=%7B%22pcid%22%3A%22598a57ee-454b-4bd2-9e35-6f2dfcd0b7b5%22%2C%22pcidDate%22%3A1723541050614%2C%22dbsaved%22%3A%22false%22%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22post-gazette.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22post-gazette.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&coppa=0
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
2f35e8130ccdd6689e915a8c566a22294db74bc3ab25db1f64b517c98ce32034
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:13 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-41
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
701
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame 66AE 		0
228 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.52.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-1588782711490-0%22%2C%22callback_id%22%3A%22112f196fd98617%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%2C%5B320%2C250%5D%5D%2C%22ym_placement_id%22%3A%223545376294927540880%22%2C%22gpid%22%3A%22%2F39694909%2C6785150%2FDBV%2FDBV-PostGazette%23div-gpt-ad-1588782711490-0%22%7D%5D&page_url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&bust=1723541052788&dnt=false&description=&tmax=2000&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_wfO5dOu8%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.55.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-55-46.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
pragma
no-cache
date
Tue, 13 Aug 2024 09:24:12 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 66AE 		0
183 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:13 GMT
access-control-max-age
3600
access-control-allow-credentials
true
vary
Origin
access-control-allow-methods
POST
pb
ad.360yield.com/1628/ Frame 66AE 		0
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/1628/pb
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.235.181.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-181-156.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:12 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb-multi
hb.openwebmp.com/ Frame 66AE 		83 B
631 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.openwebmp.com/hb-multi
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:9e00:7:aedc:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
cbcbfe52701a633ff5979a3d07684b866387baf5bbad6aaf86a9ca76e34af959

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
content-encoding
gzip
via
1.1 86a640712a72b4264f1681744fa48612.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P6
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
x-reason
maxmind hosting provider
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
x-cache
Miss from cloudfront
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
108
x-amz-cf-id
AWBBxJY_phD4Gp-pFZ3Yo4Q9nBvn2uLMpfPHEaRaQF55_aSlvZDa0A==
471
a.ad.gt/api/v1/u/matches/ Frame 66AE 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/471?_it=amazon
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d79e0b8570144cc4526ab88855da2b83e3f83ac8cfed27bf52850b13b1693b16

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 13 Aug 2024 09:22:02 GMT
server
cloudflare
age
37
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8b27a69c7e6e67b1-MIA
country
api.btloader.com/ Frame 66AE 		37 B
153 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=5080945107927040
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.post-gazette.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 0626 		49 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.94.117.85 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-117-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:12 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Tue, 13 Aug 2024 09:39:12 GMT
ping
pagead2.googlesyndication.com/pagead/ Frame 66AE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
baker
sli.post-gazette.com/ 		19 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sli.post-gazette.com/baker?dtstmp=1723541052826
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.20 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Aug 2024 09:24:13 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
19
Expires
Tue, 13 Aug 2024 09:24:13 GMT
csyncs
sghb.spotim.market/ Frame 66AE 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.spotim.market/csyncs?aid1=852559&gdpr=0&gdpr_consent=undefined
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/7XL4_/hbw_master_270443_6800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.151.242 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
ad948294b356809e1db7bba50d826cd09e38b6c42c3d0a2786a6afeb1ff611c2

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:11 GMT
Content-Encoding
gzip
Server
Spotim
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.post-gazette.com
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
918
pv
api.btloader.com/ Frame 66AE 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=w2GuJq8x&w=6526555566637056&o=5080945107927040&cv=2.1.48&widget=true&r=false&vr=336x280&pageURL=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&sid=5B3GNMg3EU&pm=false&upapi=true
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.post-gazette.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 13 Aug 2024 09:24:12 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame 0626 		190 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:16::820 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Tue, 13 Aug 2024 09:54:13 GMT
envelope
lexicon.33across.com/v1/ Frame 0626 		42 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003HljHyAAJ&src=aps&ver=1.13.0
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 13 Aug 2024 09:24:11 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
analytics.js
www.google-analytics.com/ 		52 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1662
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 13 Aug 2024 10:56:26 GMT
collect
www.google-analytics.com/j/ 		15 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=27944109&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ul=en-us&de=UTF-8&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showOffer&ea=%20offerId_OFZW2E3CE4HO____templateId_OT6SDFZIMGWZ____aid_0Jrto77Ppu&el=Show%20offer%20offerId%3AOFZW2E3CE4HO%20templateId%3AOT6SDFZIMGWZ%20aid%3A0Jrto77Ppu&_u=6GDAAEABAAAAAGAAI~&jid=1947630581&gjid=1225956719&cid=1582922576.1723541049&tid=UA-15716261-44&_gid=155317400.1723541049&_r=1&_slc=1&z=41382209
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
89dcc80752b4e5c22316741cc29e3e9fa0c18b187b3aa363a49559f57aeb5199
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=27944109&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ul=en-us&de=UTF-8&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=checkoutStateChange&el=Checkout%20state%20change&_u=6GDAAEABAAAAAGAAI~&jid=&gjid=&cid=1582922576.1723541049&tid=UA-15716261-44&_gid=155317400.1723541049&z=361234022
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 03:02:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22910
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=27944109&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ul=en-us&de=UTF-8&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=experienceExecute&el=Experience%20execute&_u=6GDAAEABAAAAAGAAI~&jid=&gjid=&cid=1582922576.1723541049&tid=UA-15716261-44&_gid=155317400.1723541049&z=1892280011
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 03:02:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22910
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=27944109&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&ul=en-us&de=UTF-8&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=meterActive&el=Meter%20active&_u=6GDAAEABAAAAAGAAI~&jid=&gjid=&cid=1582922576.1723541049&tid=UA-15716261-44&_gid=155317400.1723541049&z=1842674553
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 03:02:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22910
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
topics_frame.html
pa.openx.net/ Frame 59B8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1912
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
1036
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 08:52:21 GMT
etag
"c5379e35e267deacc52e06ed0f5fa81f"
last-modified
Mon, 22 Jan 2024 14:38:43 GMT
server
UploadServer
supports-loading-mode
fenced-frame
vary
Origin
x-allow-fledge
true
x-goog-generation
1705934323795552
x-goog-hash
crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1036
x-guploader-uploadid
AHxI1nOj57C7HWmRuQniIplGA-18ixzYRO5SHS1GJxaAG5_v5ciO2KT_TuYPCGvKtafQ9MLMqesBg_PCaA
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=779512&asId=c7b8b3d8-4d95-d607-c8a0-ed9727de7a85&tv=%7Bc:ldtfxs,pingTime:-10,time:867,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8NjAwfHxNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjcuMC4wLjAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1723541053086%7C%7C0036bb24e01277a2225d3d2a4687d39f%7C%7C3d96f8e03a42123e5523adf5c57607ad%7C%7C13776a483fa57f42e1256327e8ca9349%7C%7C33c9ce1b01f56e54971ae212871c68b5%7C%7Cbface82bfdfa7ab929aab1b268418467%7C%7C985cb08ad63d89832476af1c640bcac5%7C%7C69f49f36416649a3421e42cbcc560ba0%7C%7C1715618633%7D
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:e19:1ba3:b531:d604 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:13 GMT
server
nginx
x-server-name
dt72.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
csync
sync.spotim.market/ Frame BBAF
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent=undefined&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D142%26t...
  • https://sync.spotim.market/csync?t=g&ep=142&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=764727&a=754412&extuid=3665426501524238000V10
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=g&ep=142&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=764727&a=754412&extuid=3665426501524238000V10
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 13 Aug 2024 09:24:13 GMT
Etag
8c8d1f210e1de076
Server
Spotim

Redirect headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Tue, 13 Aug 2024 09:24:13 GMT
expires
Tue, 13 Aug 2024 09:24:13 GMT
location
https://sync.spotim.market/csync?t=g&ep=142&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=764727&a=754412&extuid=3665426501524238000V10
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
/
de.tynt.com/deb/ Frame C0D8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2152
content-type
text/html
date
Tue, 13 Aug 2024 09:24:12 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 13 Aug 2024 09:24:13 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8340000A
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 74EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26extuid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=104337
content-encoding
gzip
content-length
5516
content-type
text/html
date
Tue, 13 Aug 2024 09:24:13 GMT
expires
Wed, 14 Aug 2024 14:23:10 GMT
last-modified
Mon, 05 Aug 2024 09:22:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 6B71
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D764710...
  • https://sync.spotim.market/csync?t=g&ep=50&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=764710&a=743293&extuid=8433293207319255994
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=g&ep=50&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=764710&a=743293&extuid=8433293207319255994
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 13 Aug 2024 09:24:13 GMT
Etag
8c8d1f210e1de076
Server
Spotim

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 13 Aug 2024 09:24:13 GMT
location
https://sync.spotim.market/csync?t=g&ep=50&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=764710&a=743293&extuid=8433293207319255994
server
nginx
sync.html
public.servenobid.com/ Frame 150E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html?gdpr=0&gdpr_consent=undefined&usp_consent={us_privacy}&redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D816%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D793400%26a%3D449072%26extuid%3D%24%7BUID%7D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-71.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
24664
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 13 Aug 2024 02:33:10 GMT
etag
W/"a421cafd19c21284be567b12002cf378"
last-modified
Fri, 09 Aug 2024 18:03:42 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 c1cecf43ad8e18f031edf5229ce4289c.cloudfront.net (CloudFront)
x-amz-cf-id
1M01fhh1LGbziOjSqiMT9I9AFMoBIyh6EjQWFh6t-hVDUuZQyDIzLw==
x-amz-cf-pop
IAD61-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:f39297af-ab1b-4fa1-9c17-e707d9442122
x-amz-meta-codebuild-content-md5
c019d5c9f38b298a15d2331367789657
x-amz-meta-codebuild-content-sha256
0c862cfbec86cf35da41ccff65cebb329952af81fbec4518f938686b910c80ab
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame D2EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 66AE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=OPTOUT
43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=OPTOUT
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:13 GMT
Server
Adtelligent
Etag
9478b0569c9575b6
Content-Length
43
Content-Type
image/gif

Redirect headers

content-type
text/html
pragma
no-cache
date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-store, no-cache, must-revalidate
location
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=OPTOUT
etag
OPTOUT
expires
0
csync
sync.spotim.market/ Frame 66AE
Redirect Chain
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D358%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%...
  • https://sync.spotim.market/csync?t=g&ep=358&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=765043&a=753378&extuid=acfaa657-8df7-41ad-bb88-0da35f0f8469
43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=g&ep=358&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=765043&a=753378&extuid=acfaa657-8df7-41ad-bb88-0da35f0f8469
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:13 GMT
Server
Spotim
Etag
8c8d1f210e1de076
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 13 Aug 2024 09:24:13 GMT
Location
https://sync.spotim.market/csync?t=g&ep=358&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=765043&a=753378&extuid=acfaa657-8df7-41ad-bb88-0da35f0f8469
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
Expires
0
csync
sync.spotim.market/ Frame 66AE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D32%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D765041%26a%3D297253%...
  • https://sync.spotim.market/csync?t=g&ep=32&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=765041&a=297253&extuid=5740716073175427095
43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=g&ep=32&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=765041&a=297253&extuid=5740716073175427095
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:13 GMT
Server
Spotim
Etag
8c8d1f210e1de076
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:13 GMT
an-x-request-uuid
a5754ffd-f00e-4111-992f-022108d89e91
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.spotim.market/csync?t=g&ep=32&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=765041&a=297253&extuid=5740716073175427095
x-proxy-origin
38.132.118.74; 38.132.118.74; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
vid.vidoomy.com/ Frame 66AE 		0
0
csync
sync.spotim.market/ Frame 66AE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D32%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D764726%26a%3D751004%...
  • https://sync.spotim.market/csync?t=g&ep=32&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=764726&a=751004&extuid=5740716073175427095
43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=g&ep=32&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=764726&a=751004&extuid=5740716073175427095
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:13 GMT
Server
Spotim
Etag
8c8d1f210e1de076
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:13 GMT
an-x-request-uuid
5d1832b3-e350-40c0-9618-c55698a5950b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.spotim.market/csync?t=g&ep=32&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=764726&a=751004&extuid=5740716073175427095
x-proxy-origin
38.132.118.74; 38.132.118.74; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame 66AE 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=8c8d1f210e1de076
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="NON DSP COR CURa TIA"
Date
Tue, 13 Aug 2024 09:24:13 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
csync
sync.spotim.market/ Frame 66AE
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D13%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D675886%26a%3D31...
  • https://sync.spotim.market/csync?t=g&ep=13&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=675886&a=310570&extuid=JJ10ABZHC7ELi6jTQSyF4tgi
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=g&ep=13&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=675886&a=310570&extuid=JJ10ABZHC7ELi6jTQSyF4tgi
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:13 GMT
Server
Spotim
Etag
8c8d1f210e1de076
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Tue, 13 Aug 2024 09:24:13 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT
location
https://sync.spotim.market/csync?t=g&ep=13&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=675886&a=310570&extuid=JJ10ABZHC7ELi6jTQSyF4tgi
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
csync
sync.spotim.market/ Frame 66AE
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D307558%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3...
  • https://sync.spotim.market/csync?t=a&ep=307558&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=765812&a=307558&extuid=8f6d3737-bb50-4233-9df1-ec6cd7d2b3c2
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=307558&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=765812&a=307558&extuid=8f6d3737-bb50-4233-9df1-ec6cd7d2b3c2
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:13 GMT
Server
Spotim
Etag
8c8d1f210e1de076
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=307558&traffic_source=snippet&session=85E6F5BAF9D3794F&sp=852559&pb=753264&c=765812&a=307558&extuid=8f6d3737-bb50-4233-9df1-ec6cd7d2b3c2
date
Tue, 13 Aug 2024 09:24:14 GMT
cache-control
no-store no-transform
server
nginx
content-length
274
content-type
text/html; charset=utf-8
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame C736 		11 B
238 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:14 GMT
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame C736 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
iu3
s.amazon-adsystem.com/ Frame 741C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-onetag_ppt_rx_n-inmobi_an-db5_3lift
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
309
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 13 Aug 2024 09:24:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SV3GMGQYSERCQ1J9J9EP
js
www.googletagmanager.com/gtag/ 		262 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-52VEWRBBMT&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
fb5fde43d3e46e757bdd4b3b9479f883f0c653600ac3008e58d61c88c01c459a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94410
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Aug 2024 09:24:13 GMT
iu3
s.amazon-adsystem.com/ Frame 43A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-onetag_ppt_rx_n-inmobi_an-db5_3lift
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
309
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 13 Aug 2024 09:24:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
AYSP6WJFY1KJ5BX20ER4
hadron.js
cdn.hadronid.net/ Frame 66AE 		56 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?partner_id=471&sync=1&url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/471?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
server
cloudflare
x-amz-request-id
4GNTEWM5RE8S976C
age
1089
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=432000
cf-ray
8b27a69e7986a570-MIA
x-amz-id-2
1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=
471
p.ad.gt/api/v1/p/ Frame 66AE 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/471
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/471?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c60755d4228e3e0816d4243f5bbb2ffef2a9023beb6e9db13ecf4c4401bd445

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 13 Aug 2024 09:19:26 GMT
server
cloudflare
age
236
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8b27a69f28f46dd3-MIA
ip_match
ids.ad.gt/api/v1/ Frame 66AE 		0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.26.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-26-15.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
server
nginx/1.24.0
content-length
0
content-type
text/html; charset=utf-8
match
ids.ad.gt/api/v1/ Frame 66AE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&adnxs_id=$UID&gdpr=0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&adnxs_id=5740716073175427095&gdpr=0
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&adnxs_id=5740716073175427095&gdpr=0
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
52.37.26.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-26-15.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:13 GMT
an-x-request-uuid
004b63c3-ed25-4f41-a3e1-01f8bde78723
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&adnxs_id=5740716073175427095&gdpr=0
x-proxy-origin
38.132.118.74; 38.132.118.74; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/ Frame 66AE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001723541053-TX1F1HDK-6LR6&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=9d726017-cca8-4359-9a78-959ca9a44b9a&id=AU1D-0100-001723541053-TX1F1HDK-6LR6
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=9d726017-cca8-4359-9a78-959ca9a44b9a&id=AU1D-0100-001723541053-TX1F1HDK-6LR6
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
52.37.26.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-26-15.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=9d726017-cca8-4359-9a78-959ca9a44b9a&id=AU1D-0100-001723541053-TX1F1HDK-6LR6
date
Tue, 13 Aug 2024 09:24:13 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/ Frame 66AE
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723541053-TX1F1HDK-6LR6
  • https://ids.ad.gt/api/v1/pbm_match?pbm=20AE8506-B39B-4ED3-911A-D0EB0876E76D&id=AU1D-0100-001723541053-TX1F1HDK-6LR6
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=20AE8506-B39B-4ED3-911A-D0EB0876E76D&id=AU1D-0100-001723541053-TX1F1HDK-6LR6
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
52.37.26.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-26-15.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=20AE8506-B39B-4ED3-911A-D0EB0876E76D&id=AU1D-0100-001723541053-TX1F1HDK-6LR6
date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rub_match
ids.ad.gt/api/v1/ Frame 66AE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001723541053-TX1F1HDK-6LR6&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&rub=LZS7U90F-D-5HSJ&gdpr=0
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&rub=LZS7U90F-D-5HSJ&gdpr=0
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
52.37.26.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-26-15.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&rub=LZS7U90F-D-5HSJ&gdpr=0
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
tapad_match
ids.ad.gt/api/v1/ Frame 66AE
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001723541053-TX1F1HDK-6LR6&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723541053...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dd22e5234-c6ec-4bdd-ae01-1e4d51f157c3%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5740716073175427095&pt=d22e5234-c6ec-4bdd-ae01-1e4d51f157c3%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&tapad_id=d22e5234-c6ec-4bdd-ae01-1e4d51f157c3
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&tapad_id=d22e5234-c6ec-4bdd-ae01-1e4d51f157c3
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
52.37.26.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-26-15.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

date
Tue, 13 Aug 2024 09:24:13 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&tapad_id=d22e5234-c6ec-4bdd-ae01-1e4d51f157c3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/ Frame 66AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001723541053-TX1F1HDK-6LR6
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&google_gid=CAESEFIRrkT9CyeT4D2upTnUpME&google_cver=1&google_ula=450542624,0
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&google_gid=CAESEFIRrkT9CyeT4D2upTnUpME&google_cver=1&google_ula=450542624,0
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
52.37.26.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-26-15.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&google_gid=CAESEFIRrkT9CyeT4D2upTnUpME&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 66AE
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001723541053-TX1F1HDK-6LR6
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzU0MTA1My1UWDFGMUhESy02TFI2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzU0MTA1My1UWDFGMUhESy02TFI2
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzU0MTA1My1UWDFGMUhESy02TFI2
date
Tue, 13 Aug 2024 09:24:13 GMT
server
nginx/1.24.0
content-length
453
content-type
text/html; charset=utf-8
ux
ad.360yield.com/ Frame 66AE 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001723541053-TX1F1HDK-6LR6%26impr_uid%3D%7BPUB_USER_ID%7D
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.235.181.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-181-156.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 13 Aug 2024 09:24:13 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif
son_match
ids.ad.gt/api/v1/ Frame 66AE
Redirect Chain
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&uid=[UID]&gdpr=0
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&uid=cb9aafa1-bfe6-44b6-af4a-589a78bec437&gdpr=0
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&uid=cb9aafa1-bfe6-44b6-af4a-589a78bec437&gdpr=0
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
52.37.26.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-26-15.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:13 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-41
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723541053-TX1F1HDK-6LR6&uid=cb9aafa1-bfe6-44b6-af4a-589a78bec437&gdpr=0
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
amo_match
ids.ad.gt/api/v1/ Frame 66AE
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001723541053-TX1F1HDK-6LR6
  • https://ids.ad.gt/api/v1/amo_match?turn_id=8933845372045468879&id=AU1D-0100-001723541053-TX1F1HDK-6LR6
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/amo_match?turn_id=8933845372045468879&id=AU1D-0100-001723541053-TX1F1HDK-6LR6
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
52.37.26.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-26-15.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/amo_match?turn_id=8933845372045468879&id=AU1D-0100-001723541053-TX1F1HDK-6LR6
pragma
no-cache
date
Tue, 13 Aug 2024 09:24:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
px.gif
ad-delivery.net/ Frame 0626 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.post-gazette.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.post-gazette.com/
If-None-Match
"ad4b0f606e0f8465bc4c4c170b37e1a3"
If-Modified-Since
Wed, 05 May 2021 19:25:32 GMT
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2429016
x-guploader-uploadid
ACJd0Nq4B4GHIgFXDlXYiHr5e525NuX9Tx34VecRzc7920YBDTMsbjDrdV0gAdsEFgFVokeRKSI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZIm2SyJciZ0LESlKXHftiV8kTvYlV%2FhjIbb%2FYSj%2BawuunGa02i3HQLLkBlg%2FTPOrmP7XlXK9JG3Crw0GggfZZ2DbSa6r8eqQzxKzme1uOmKY7NCZL18EZr756OEmQ0YA2DhktHYcce7Dxu7fiw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
43
cf-ray
8b27a69e8f484972-MIA
expires
Tue, 16 Jul 2024 06:57:41 GMT
favicon.ico
ad.doubleclick.net/ Frame 0626 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.post-gazette.com&ver=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49907
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Aug 2024 19:32:25 GMT
px.gif
ad-delivery.net/ Frame 0626 		43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6867407460249766
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2429016
x-guploader-uploadid
ACJd0Nq4B4GHIgFXDlXYiHr5e525NuX9Tx34VecRzc7920YBDTMsbjDrdV0gAdsEFgFVokeRKSI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FExspN5aRyQpfuJ9BORGSO%2FwwaJ16QQ7kOTibvGafdDoTYn13e6NXBtw6HGS4qYWEEOlxUumLw2Ld38muaCV4KUy3hyYr1rdfRYOYjzrbQS%2FD09N3yoypN6qiR92LO7Y4IPBBuH9j3qufUt8rA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8b27a69e8f474972-MIA
expires
Tue, 16 Jul 2024 06:57:41 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.post-gazette.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.post-gazette.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 13 Aug 2024 09:24:06 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame 66AE 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.94.117.85 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-117-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Tue, 13 Aug 2024 09:39:13 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame 0626 		229 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.94.117.85 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-117-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Tue, 13 Aug 2024 09:39:13 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-52VEWRBBMT&gtm=45je4880v9124630060za200&_p=1723541048293&gcs=G1--&gcd=13l3l3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&ul=en-us&sr=1600x1200&cid=1582922576.1723541049&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&sid=1723541053&sct=1&seg=0&en=%20offerId_OFZW2E3CE4HO____templateId_OT6SDFZIMGWZ____aid_0Jrto77Ppu&_fv=1&_ss=1&_ee=1&ep.event_category=showOffer&ep.event_label=Show%20offer%20offerId%3AOFZW2E3CE4HO%20templateId%3AOT6SDFZIMGWZ%20aid%3A0Jrto77Ppu&tfd=6039
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52VEWRBBMT&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 66AE 		52 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1662
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 13 Aug 2024 10:56:26 GMT
js
www.googletagmanager.com/gtag/ Frame 66AE 		254 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
40a80416d016cbfad0b932ab1f03f41ca8ad1cd2b054412a754faf6de1cc309c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91605
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Aug 2024 09:24:13 GMT
collect
a.ad.gt/api/v1/ Frame 66AE 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:13 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8b27a69fcf5167b1-MIA
vary
Origin
getpixels
pixels.ad.gt/api/v1/ Frame 66AE 		0
87 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=8ac6b768036b82b2e03f5cb74a6e0c5e&url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&code=%27none%27
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8b27a6a1fa2ca52e-MIA
apple-touch-icon.png
www.post-gazette.com/ 		9 KB
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.post-gazette.com/apple-touch-icon.png
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.124.88 Pittsburgh, United States, ASN33154 (DQECOM, US),
Reverse DNS
Software
PGERSO3 /
Resource Hash
7fc93a50358a0b0dcd4eb255f276cb9970df4af8971aa6b9af67fede18d07747

Request headers

Referer
https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
public
Date
Thu, 07 Sep 2023 19:33:19 GMT
Via
1.1 varnish (Varnish/5.1)
Last-Modified
Wed, 22 May 2019 20:04:28 GMT
Server
PGERSO3
Age
29425853
ETag
"5ce5ab4c-24a8"
X-Cache
HIT
X-Varnish
98936078 196647
x-url
/apple-touch-icon.png
Content-Type
image/png
Cache-Control
public, must-revalidate, proxy-revalidate
x-host
www.post-gazette.com
Accept-Ranges
bytes
Content-Length
9384
ecommerce.js
www.google-analytics.com/plugins/ua/ Frame 66AE 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 13 Aug 2024 10:24:13 GMT
ec.js
www.google-analytics.com/plugins/ua/ Frame 66AE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:50:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
2027
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 13 Aug 2024 09:50:26 GMT
bounce
id5-sync.com/ Frame 66AE 		30 B
238 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin
content-type
text/plain;charset=utf-8
v1
lb.eu-1-id5-sync.com/lb/ Frame 66AE 		33 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
7894e33e29b2797a86247aaa0870128969e5e7b23dfcaa561611fb83fd399a8f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ Frame 66AE 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202408080101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
24557d1dcf4ead9574be412a3b2e3838b84183e1a7cedec99a89113da88a2c8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12800
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 66AE 		46 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=599345914667984&correlator=250047398764116&eid=44809527%2C31085739%2C21065724%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fifs&gdpr=0&iu_parts=39694909%3A6785150%2CDBV%2CDBV-PostGazette&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C320x250&ifi=1&didk=77438785&sfv=1-0-40&eri=5&sc=1&cookie=ID%3D29cab651e6ac5e90%3AT%3D1723541049%3ART%3D1723541049%3AS%3DALNI_Ma9DyzRvPslKPEPFnInQlzl5aVcmQ&gpic=UID%3D00000eca43bdbf4a%3AT%3D1723541049%3ART%3D1723541049%3AS%3DALNI_MYgx_jfyW5KHJ6YxI_lp2UobEZmjQ&abxe=1&dt=1723541053569&adxs=373&adys=10152&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=jydcjjb5eaty&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&top=www.post-gazette.com&vis=1&psz=336x280&msz=300x0&fws=260&ohw=336&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723541051607&idt=276&prev_scp=DisplayTest%3DGroup-A%26pitcSpotId%3Dsp_wfO5dOu8%26abTestConfig%3DB%26assetGroupId%3Dstable%26isSliding%3Dfalse%26isStickyAdUnit%3Dfalse%26pageViewId%3D8ba16e39-784a-49b9-b4f5-d79982b35e11%26slot%3Drow1-column1%26source_version%3Dv22.18.0%26topSpotId%3Dsp_wfO5dOu8%26source%3Dpitc%26hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1588782711490-0%26amznbid%3D2%26amznp%3D2%26excl_cat%3DPREPOST&adks=1510233806&frm=23&eo_id_str=ID%3D44ab206e5d01c8fb%3AT%3D1723541049%3ART%3D1723541049%3AS%3DAA-AfjbhS0-3l-4dbPm7dXsIMLXS
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
fb6ce995d494927aef45d6f65f161b2b01f85090507b94c86cfa053873506ffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19260
x-xss-protection
0
google-lineitem-id
6063787677
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138398716273
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cbdf5d4f9ce42ab1d77be4c58877683e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7DC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cbdf5d4f9ce42ab1d77be4c58877683e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 09:24:13 GMT
expires
Tue, 13 Aug 2024 09:24:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 66AE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 09:24:13 GMT
v3
id5-sync.com/gm/ Frame 66AE 		700 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
81180adbd3a691c2e946317340e4c3ea803b8db3fa4d3cc83b6b6a647594ee0e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.post-gazette.com
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A84E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
36303
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Aug 2024 23:19:10 GMT
expires
Tue, 12 Aug 2025 23:19:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7D11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.105 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f105.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yEB9mb4dZ0eloOuda0IToA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-yEB9mb4dZ0eloOuda0IToA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 09:24:13 GMT
expires
Tue, 13 Aug 2024 09:24:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
9.gif
id5-sync.com/c/952/1242/0/ Frame 66AE
Redirect Chain
  • https://id5-sync.com/i/952/8.gif?o=api&id5id=ID5*scxWFQvsw0b5-oOK2ZGpT-Y6mdeKjcccBlJmCPf-rFm6ZZKzkwsxZdkS7ECtod34&gdpr_consent=undefined&gdpr=false
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F952%2F796%2F7%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/952/796/7/2.gif?puid=3b73fd54-5fed-4fd7-8d02-edfe7aa310c3&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F952%2F108%2F6%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/952/108/6/3.gif?puid=d22e5234-c6ec-4bdd-ae01-1e4d51f157c3&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F952%2F441%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/952/441/5/4.gif?puid=u_999cd69a-554f-47ce-92ad-a944415cfd39&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AAIrHE7NdkwAABeoiAE-dg&id5AccountNum=155&numCascadesAllowed=9
  • https://ce.lijit.com/merge?pid=92&3pid=5740716073175427095&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F952%2F1246%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/952/1246/3/6.gif?puid=JJ10ABZHC7ELi6jTQSyF4tgi&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F952%2F203%2F2%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/952/203/2/7.gif?puid=ba61934f-3602-4d22-b069-025109161efe&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AAIrHE7NdkwAABeoiAE-dg&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F952%2F1241%2F1%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/952/1241/1/8.gif?puid=JJ10ABZHC7ELi6jTQSyF4tgi&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=58&3pid=20AE8506-B39B-4ED3-911A-D0EB0876E76D&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F952%2F1242%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/952/1242/0/9.gif?puid=JJ10ABZHC7ELi6jTQSyF4tgi&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/952/1242/0/9.gif?puid=JJ10ABZHC7ELi6jTQSyF4tgi&gdpr=0&gdpr_consent=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
CP="CAO PSA OUR"
date
Tue, 13 Aug 2024 09:24:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/gif;charset=UTF-8

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:16 GMT
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://id5-sync.com/c/952/1242/0/9.gif?puid=JJ10ABZHC7ELi6jTQSyF4tgi&gdpr=0&gdpr_consent=
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
expires
Fri, 20 Mar 2009 00:00:00 GMT
avpb8.48.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame C736 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0a4.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.215.0.43 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-0-43.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
6edc07cac2192c4e4e179e8466ab805e728444ad00ee4f72e51425020da1d78f

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

quic-version
0x00000001
date
Tue, 13 Aug 2024 09:24:13 GMT
content-encoding
gzip
x-guploader-uploadid
AHxI1nO0M1a-Xz7wp-luLMt1XR4ORNexC5bQC2lXjb-iR0ecV1lnkVxU5_Ijm-4m9ld9poX5eIg-yz7BBw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
23621
last-modified
Sun, 11 Aug 2024 06:17:26 GMT
server
UploadServer
etag
"3f79476dcb55a169fb181366e9668fc0"
vary
Accept-Encoding
x-goog-generation
1723357046267519
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=8vj3zA==, md5=P3lHbctVoWn7GBNm6WaPwA==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
23621
accept-ranges
bytes
expires
Tue, 13 Aug 2024 09:39:13 GMT
s2s
s2ssc.aniview.com/api/adserver/ 		0
801 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=3fa7617d1bed461dea55af24fb9994a0&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1723541052589-172025166255-000153-000-008120&AV_CDIM1=sp_wfO5dOu8&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=8ba16e39-784a-49b9-b4f5-d79982b35e11&AV_CDIM5=TrZXoSXtmhKHQ6FdrlPyRJ8eLQL9QldKxiq43JLYEpOKYvRURoHqjAXdRb9vqDB9&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Atrue&AV_CDIM9=6785150&AV_CDIM10=v22.18.0&AV_CDIM12=B&AV_CDIM13=false&AV_CDIM14=sp_wfO5dOu8&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_wfO5dOu8%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=62569d35967beb67a42364be&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.post-gazette.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/62569d35967beb67a42364be/www.post-gazette.com&d36=6.2.231&responsive=1&sver=5&avtoken=52391&omv=1.0.1&clsid=a99fd622-9868-49b4-ab4d-727de250f612&rando=98&scnt=1&AV_WIDTH=630&AV_HEIGHT=355&AV_DNT=0&cb=3541053825&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=2&d5=1&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&AV_IRISID=&AV_IRISIDCTX=&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.70 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:14 GMT
x-bamboo-c-skst
1
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache
access-control-allow-credentials
true
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
alt-svc
h3=":443";ma=60;
expires
Thu, 01 Aug 2024 19:37:34 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 0626 		117 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&pid=Swtr0ELK0hcGH&cb=2&ws=1600x1200&v=24.806.2109&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A300%2C%22id%22%3A%22videoF%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21spotim.market%2Csp_wfO5dOu8%2C1%2C%2C%2C&sm=735ef126-18a7-4dfc-b8eb-6fb9ee3b2835&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*scxWFQvsw0b5-oOK2ZGpT-Y6mdeKjcccBlJmCPf-rFm6ZZKzkwsxZdkS7ECtod34%22%2C%22pubcommon%22%3A%22fb0fd5ae-3e25-4b89-bb10-cc3e07a28ff4%22%2C%22audigent%22%3A%22060ixdlju6a65kihgfc676faj6hbef6ekceuok0wi0e0yyusqoi020oew0sgmo0my%22%7D%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.20.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-20-121.iad12.r.cloudfront.net
Software
Server /
Resource Hash
bdd0c58acdaad32ef808553bf980dd1360357c5a2b60a124d47de73b93dece99

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:13 GMT
via
1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
117
x-amz-cf-id
6cNKcYuSVZ4v72JAiza9aA0ssfPxOlCwB4owygWZF2hGai4Sy_yqeg==
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame C736 		11 B
237 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:15 GMT
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame C736 		67 B
569 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=25724882&componentId=prebid&componentSubId=mustang&timestamp=1723541053901&_fw_bidfloor=2&_fw_bidfloorcur=USD&pbjs_version=8.48.0&pKey=-861606149&schain=1.0%2C1!spotim.market%2Csp_wfO5dOu8%2C1%2C%2C%2C!&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229b3a0db6-a24e-4ce1-8f29-265e6257ee95%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&playerSize=630x355&video_context=instream&video_placement=3&video_plcmt=4
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.231 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Aug 2024 09:24:14 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.post-gazette.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1723541054163035-134
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame C736 		67 B
567 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=28922242&componentId=prebid&componentSubId=mustang&timestamp=1723541053904&_fw_bidfloor=3&_fw_bidfloorcur=USD&pbjs_version=8.48.0&pKey=-860709539&schain=1.0%2C1!spotim.market%2Csp_wfO5dOu8%2C1%2C%2C%2C!&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229b3a0db6-a24e-4ce1-8f29-265e6257ee95%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&playerSize=630x355&video_context=instream&video_placement=3&video_plcmt=4
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.231 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Aug 2024 09:24:14 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.post-gazette.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1723541054139048-174
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame C736 		67 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=25724882&componentId=prebid&componentSubId=mustang&timestamp=1723541053905&_fw_bidfloor=2&_fw_bidfloorcur=USD&pbjs_version=8.48.0&pKey=-861606145&schain=1.0%2C1!spotim.market%2Csp_wfO5dOu8%2C1%2C%2C%2C!&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229b3a0db6-a24e-4ce1-8f29-265e6257ee95%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&playerSize=630x355&video_context=instream&video_placement=3&video_plcmt=4
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.231 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Aug 2024 09:24:14 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.post-gazette.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1723541054147036-1176
cdb
bidder.criteo.com/ Frame C736 		0
227 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.48.0&cb=96596528041&lsavail=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:14 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Origin
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
view
securepubads.g.doubleclick.net/pcs/ Frame 797E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvT8Lqx0_BY-cv0UFpoj2UUN6j0Sl6qfke3_A-_KPLrKf6yBL4kuWct_wfKOLdiKQl9gg010FvOk6Omy0uNAEpp4uB_DBkVBVQWVskdnfGIO_HZWBRtwNnoTVkv_vw2BFmNc30IbgcB8BD9LKxmSpDBxpgl3mYvA0LBxNUNbqEA2Jx4Z0OOMpaD4GbrwWu7eufpPeTfkBcIYXGK6GfdJwByJTRJLV1xIlZna5s3u5xbQDnShSr0c9B4LL6XFUfuvre_YNIdLGTPrB4RCxijSSruq7dnbSmFdkld4KNK6-eGO5pSlPHgtw7NFN4BeOsLkNOfGPH8fWNwEnL_XJAD0fQ0daE5N-DFqsqCjdjSPWxg8kFBq959oGbh3E1K65ZqeA&sai=AMfl-YTaP3AHvbYMq76bHsPbvsuxWnwfb9_i5JIhXE37wW0YRVqtzKqGatqTAi37R23KdDKBJAWx8_pHXzIjptnuvGgAcyPG60dDOlpJe5LBhONrUnYulNykcA4wjcf3fw&sig=Cg0ArKJSzJmi4yJMIR2rEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240812/r20110914/ Frame 797E 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240812/r20110914/abg_lite_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f132.1e100.net
Software
cafe /
Resource Hash
5fe8c68f318aa1e9cb2cfe4be20519c3f7bf75564b9ba3e9822e0d93fe4b7491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 14:32:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
67892
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9141
x-xss-protection
0
server
cafe
etag
15499051073851929161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Aug 2024 14:32:38 GMT
ajs.js
cdn2.decide.dev/_js/ Frame 797E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.decide.dev/_js/ajs.js
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:ea00:3:7df3:55c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6116ed1dab3ec90e30b3f650dee455a7b4813e3b357766d6e1857a9326cd699f

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 09:53:45 GMT
content-encoding
gzip
via
1.1 google, 1.1 be85287d15abd3cfecdfa319493ba256.cloudfront.net (CloudFront)
last-modified
Tue, 30 Jul 2024 03:09:45 GMT
x-amz-cf-pop
JFK52-P2
age
84629
etag
W/"1697-191019d8239"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
LaQA8sbRd9zTYzxN9BaZOHY2n5WxwrAwb6B8ocisnswCWdvqTDBVgQ==
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 797E 		204 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e9290b68-6963-4aa4-82cf-f1240aec5193/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
4d20e34d7517ba277214444e8f314c7b75141eb1979493453252daa941808ab7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:06:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64804
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 10:06:18 GMT
truncated
/ Frame 797E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd96de5d1465f9392d8851b4bea65c8057f118698eb117047791d72458d39527

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 797E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BE42 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=104336
content-encoding
gzip
content-length
5516
content-type
text/html
date
Tue, 13 Aug 2024 09:24:14 GMT
expires
Wed, 14 Aug 2024 14:23:10 GMT
last-modified
Mon, 05 Aug 2024 09:22:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pixie
jelly.mdhv.io/v4/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5cab532785e117d2d953dbfd2cf7a8aa&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umeb851_7403706402735367483&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=null&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=9d726017-cca8-4359-9a78-959ca9a44b9a&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AAIrHE7NdkwAABeoiAE-dg&dataProviderId=817&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NWNhYjUzMjc4NWUxMTdkMmQ5NTNkYmZkMmNmN2E4YWE=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBS7kBfxuKUG8p6x1WdeGbA&google_cver=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/5cab532785e117d2d953dbfd2cf7a8aa?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-FgRsl8BE2oMxn3mejpzuaW9EjrwDMb798q9RN_uo~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D%26gdpr_consent%3D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=5740716073175427095&gdpr=&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=null&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=BrotW24q1SDNLd5&gdpr=null&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&gdpr=&gdpr_consent=&gdpr=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5091616&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=3b73fd54-5fed-4fd7-8d02-edfe7aa310c3
  • https://jelly.mdhv.io/v4/pixie?
0
0
15261875772562278
decide.dev/lad/ Frame 9C51 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://decide.dev/lad/15261875772562278?pubid=ld-5018-4415&pubo=https%3A%2F%2Fwww.post-gazette.com&rid=&width=300&path=%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&x=0&y=0&external_tag_id=%2F39694909%2C6785150%2FDBV%2FDBV-PostGazette&embed_type=7&embed_frame_container_type=1
Requested by
Host: cdn2.decide.dev
URL: https://cdn2.decide.dev/_js/ajs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.139.129 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
129.139.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
943
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 09:24:14 GMT
via
1.1 google
sodar
pagead2.googlesyndication.com/pagead/ Frame 66AE 		0
0
multitracking
sghb.spotim.market/adunit/ Frame 66AE 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/7XL4_/hbw_master_270443_6800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.151.242 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.post-gazette.com
Date
Tue, 13 Aug 2024 09:24:14 GMT
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Server
Spotim
Connection
Keep-Alive
X-Robots-Tag
noindex
view
securepubads.g.doubleclick.net/pcs/ Frame 797E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssITMM2XJ3oJYvBBZ1EoAfTn-LBn4gEgtvZJW1Fo4FzF0bRPFcqB6LFberIspbnRPfPe5Nfc1FVSI8wZ-nNiLd4LrGcoQampjpxD2AbfrVAZB648BXLQd3jy0sn5CJ2YvmuFrPqKri_naIOkEvvXx42cd6bIpUsvVP3g9vK0Ik8MieTufOfV63oWkzDmNVdiWGst_zakc5vkxYIkfW79hs3aqDDOvbG_HCvqGD-RzSeV8ModB6mfuFZI7uhOfP07ezlyyQzcHh-ZQrneyN0VE2AJLgeXa1EYO_aukMqMe-9qEr2fPfe2bVE5uf2DaPiQFsuIe6-DmcHeaRdnBdqbC8bdGQq0OJiKwFESwMbZnrHlEVmffbcXaYtO34oGtLXB5x1&sai=AMfl-YQjXDBi9ou1hyrjTcZaKXWNbya2f8P1RqiQ8b6xOLHC8Avjm8u7O25aiKy8UBELM_Sm879xH7ruzfToi5-YteYpC8hzysZ0vfHOfV0loAbhOyabafeIw_0jzvD30Q&sig=Cg0ArKJSzAwBZ4Gl_snNEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Aug 2024 09:24:14 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VZTY4SK8JP&gtm=45je4880v875162335z89138481794za200&_p=1723541048293&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1582922576.1723541049&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&sid=1723541049&sct=1&seg=1&dl=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&dt=Trump%20rally%20gunman%20Thomas%20Crooks%20in%20rare%20class%20among%20high-profile%20shooters%20%7C%20Pittsburgh%20Post-Gazette&_s=6&tfd=8358
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZTY4SK8JP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 8872 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 30AC
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D13EA00E2650FB5B9%26sp%3D852559%26pb%3D753264%26c%3D7647...
  • https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=13EA00E2650FB5B9&sp=852559&pb=753264&c=764710&a=743293&domain=https://www.post-gazette.com/news/crime-courts/2024/08/11/t...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=13EA00E2650FB5B9&sp=852559&pb=753264&c=764710&a=743293&domain=https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072&extuid=8433293207319255994
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 13 Aug 2024 09:24:16 GMT
Etag
9478b0569c9575b6
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 13 Aug 2024 09:24:16 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=50&traffic_source=snippet&session=13EA00E2650FB5B9&sp=852559&pb=753264&c=764710&a=743293&domain=https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072&extuid=8433293207319255994
server
nginx
isyn
prebid.a-mo.net/ Frame 0DE3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
672
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 09:24:15 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
0
pbcas
ads.yieldmo.com/ Frame 403C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.56.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-56-160.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 13 Aug 2024 09:24:16 GMT
pragma
no-cache
vary
accept-encoding
csync
sync.adtelligent.com/ Frame 3ED8
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D...
  • https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=13EA00E2650FB5B9&sp=852559&pb=753264&c=764727&a=754412&domain=https://www.post-gazette.com/news/crime-courts/2024/08/11/...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=13EA00E2650FB5B9&sp=852559&pb=753264&c=764727&a=754412&domain=https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072&extuid=3665426501524238000V10
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 13 Aug 2024 09:24:16 GMT
Etag
9478b0569c9575b6
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Tue, 13 Aug 2024 09:24:16 GMT
expires
Tue, 13 Aug 2024 09:24:16 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=13EA00E2650FB5B9&sp=852559&pb=753264&c=764727&a=754412&domain=https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072&extuid=3665426501524238000V10
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
/
de.tynt.com/deb/ Frame F375
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D13EA00E2650FB5B9%26sp%3D8...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D13EA00E2650FB5B9%26sp%3D852559%26...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D13EA00E2650FB5B9%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%26extuid%3D33XUSERID33X
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1797
content-type
text/html
date
Tue, 13 Aug 2024 09:24:16 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 13 Aug 2024 09:24:16 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D13EA00E2650FB5B9%26sp%3D852559%26pb%3D753264%26c%3D763280%26a%3D304056%26domain%3Dhttps%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8340000A
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B597 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D13EA00E2650FB5B9%26sp%3D852559%26pb%3D753264%26c%3D765040%26a%3D558003%26domain%3Dhttps%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072%26extuid%3D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6800.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.post-gazette.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=104334
content-encoding
gzip
content-length
5516
content-type
text/html
date
Tue, 13 Aug 2024 09:24:16 GMT
expires
Wed, 14 Aug 2024 14:23:10 GMT
last-modified
Mon, 05 Aug 2024 09:22:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
x.bidswitch.net/ Frame 66AE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=2274b348-066a-4986-b3e7-e410058596e5&google_hm=MjI3NGIzNDgtMDY2YS00OTg2LWIzZTctZTQxMDA1ODU...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKz-lXtYln70nVVQyu5JlQ0&google_cver=1&ssp=themediagrid&bsw_param=2274b348-066a-4986-b3e7-e410058596e5&gdpr_consent=&gdpr=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKz-lXtYln70nVVQyu5JlQ0&google_cver=1&ssp=themediagrid&bsw_param=2274b348-066a-4986-b3e7-e410058596e5&gdpr_consent=&gdpr=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 09:24:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKz-lXtYln70nVVQyu5JlQ0&google_cver=1&ssp=themediagrid&bsw_param=2274b348-066a-4986-b3e7-e410058596e5&gdpr_consent=&gdpr=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
393
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 66AE
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2018808924740174545
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2018808924740174545
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:16 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-41
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2018808924740174545
Date
Tue, 13 Aug 2024 09:24:16 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
7318ffc0e8fa1d771446
s.amazon-adsystem.com/x/ Frame 66AE 		0
0
us.gif
sync.go.sonobi.com/ Frame 66AE
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dif%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=if&nuid=6a8a66bb-263d-4e00-a2b4-8c6d67dd8cf9
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=if&nuid=6a8a66bb-263d-4e00-a2b4-8c6d67dd8cf9
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:16 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-41
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 13 Aug 2024 09:24:16 GMT
Strict-Transport-Security
31536000
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
all
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin
Server
MT3 1637 26565ec master ord ord-pixel-x28 config_version:"3323"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=if&nuid=6a8a66bb-263d-4e00-a2b4-8c6d67dd8cf9
Cache-Control
no-cache,no-store,must-revalidate
Keep-Alive
timeout=360
us.gif
sync.go.sonobi.com/ Frame 66AE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=zHkEbz5_WpRiKy-t28ZjNCaEdko
49 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=zHkEbz5_WpRiKy-t28ZjNCaEdko
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:16 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-41
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=zHkEbz5_WpRiKy-t28ZjNCaEdko
Date
Tue, 13 Aug 2024 09:24:16 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
pixel
capi.connatix.com/us/ Frame 66AE 		82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=cb9aafa1-bfe6-44b6-af4a-589a78bec437&pId=43&gdpr_consent=&callback=&us_privacy=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.7.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
access-control-max-age
86400
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8b27a6b3ea5d228d-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
95
alt-svc
h3=":443"; ma=86400
us.gif
sync.go.sonobi.com/ Frame 66AE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=bs&nuid=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&gdpr=0&gdpr_consent=
49 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&gdpr=0&gdpr_consent=
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:16 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-41
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:16 GMT
via
1.1 google
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
us.gif
sync.go.sonobi.com/ Frame 66AE
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=cb9aafa1-bfe6-44b6-af4a-589a78bec437&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=XrIgtp7oqH9V
49 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=XrIgtp7oqH9V
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:16 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-41
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=XrIgtp7oqH9V
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7d978d4789-kfh7j
expires
-1
getuid
ads.avct.cloud/ Frame 66AE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsonobi
0
0
usg.gif
sync.go.sonobi.com/ Frame 66AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Y2I5YWFmYTEtYmZlNi00NGI2LWFmNGEtNTg5YTc4YmVjNDM3
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEHKTYt4p5Tdj-_aWjzdFaAQ&google_cver=1
49 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEHKTYt4p5Tdj-_aWjzdFaAQ&google_cver=1
Requested by
Host: www.post-gazette.com
URL: https://www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories/202408110072
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:16 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-41
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEHKTYt4p5Tdj-_aWjzdFaAQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s2s
s2ssc.aniview.com/api/adserver/ 		0
801 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=3fa7617d1bed461dea55af24fb9994a0&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1723541052589-172025166255-000153-000-008120&AV_CDIM1=sp_wfO5dOu8&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=8ba16e39-784a-49b9-b4f5-d79982b35e11&AV_CDIM5=TrZXoSXtmhKHQ6FdrlPyRJ8eLQL9QldKxiq43JLYEpOKYvRURoHqjAXdRb9vqDB9&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Atrue&AV_CDIM9=6785150&AV_CDIM10=v22.18.0&AV_CDIM12=B&AV_CDIM13=false&AV_CDIM14=sp_wfO5dOu8&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_wfO5dOu8%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=62569d35967beb67a42364be&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.post-gazette.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/62569d35967beb67a42364be/www.post-gazette.com&d36=6.2.231&responsive=1&sver=5&avtoken=52391&omv=1.0.1&clsid=a99fd622-9868-49b4-ab4d-727de250f612&rando=98&scnt=1&AV_WIDTH=630&AV_HEIGHT=355&AV_DNT=0&cb=3541057264&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=3&d5=4&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&AV_IRISID=&AV_IRISIDCTX=&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.70 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:17 GMT
x-bamboo-c-skst
1
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache
access-control-allow-credentials
true
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
alt-svc
h3=":443";ma=60;
expires
Thu, 01 Aug 2024 19:37:37 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 0626 		117 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&pid=Swtr0ELK0hcGH&cb=3&ws=1600x1200&v=24.806.2109&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A300%2C%22id%22%3A%22videoF%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21spotim.market%2Csp_wfO5dOu8%2C1%2C%2C%2C&sm=735ef126-18a7-4dfc-b8eb-6fb9ee3b2835&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*scxWFQvsw0b5-oOK2ZGpT-Y6mdeKjcccBlJmCPf-rFm6ZZKzkwsxZdkS7ECtod34%22%2C%22pubcommon%22%3A%22fb0fd5ae-3e25-4b89-bb10-cc3e07a28ff4%22%2C%22audigent%22%3A%22060ixdlju6a65kihgfc676faj6hbef6ekceuok0wi0e0yyusqoi020oew0sgmo0my%22%7D%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.20.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-20-121.iad12.r.cloudfront.net
Software
Server /
Resource Hash
6a55b8b8d9c3beb34b656a96423568fdcdc31de5df17f787a144e63f68f207a6

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:24:16 GMT
via
1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.post-gazette.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
117
x-amz-cf-id
W45CGv2x6rj86qw-Dq3gP9xJTTWrtvlw7LWoXE_PomWo-ub1HWZw5g==
unruly_prebid
targeting.unrulymedia.com/ Frame C736 		11 B
238 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:17 GMT
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame C736 		11 B
237 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:28 GMT
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
track
track1.aniview.com/ Frame C736 		0
171 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=US&cos=Linux&r=www.post-gazette.com&rs=www.post-gazette.com&sid=3954&t=1723541052&cip=38.132.118.74&sn=&tgt=0&osv=&bv=127.0&brn=Chrome&wi=630&he=355&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&d64=3fa7617d1bed461dea55af24fb9994a0&d63=3fa7617d1bed461dea55af24fb9994a0&aafaid=&proto=https&uid=1723541052589-172025166255-000153-000-008120&stagid=&stplid=&d35=&d36=6.2.231&cb=83650352757&d39=&d65=&d66=&d74=&d56=&d86=&d87=&d88=&d89=&d90=&apppkg=&cd14=sp_wfO5dOu8&cd15=ads&cd16=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&cd1=sp_wfO5dOu8&cd2=Desktop&cd3=pitc&cd4=8ba16e39-784a-49b9-b4f5-d79982b35e11&cd5=TrZXoSXtmhKHQ6FdrlPyRJ8eLQL9QldKxiq43JLYEpOKYvRURoHqjAXdRb9vqDB9&cd6=stable&cd7=row1-column1&cd8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Atrue&cd9=6785150&cd10=v22.18.0&cd12=B&cd13=false&d9=0000&d22=5e0e296628a061270b21ccab&d24=62569d35967beb67a42364be&d37=realtime&d65=General_GlobalConfig&AV_WIDTH=630&AV_HEIGHT=355
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 13 Aug 2024 09:24:17 GMT
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
s2s
s2ssc.aniview.com/api/adserver/ 		0
801 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2ssc.aniview.com/api/adserver/s2s?auc_id=3fa7617d1bed461dea55af24fb9994a0&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1723541052589-172025166255-000153-000-008120&AV_CDIM1=sp_wfO5dOu8&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=8ba16e39-784a-49b9-b4f5-d79982b35e11&AV_CDIM5=TrZXoSXtmhKHQ6FdrlPyRJ8eLQL9QldKxiq43JLYEpOKYvRURoHqjAXdRb9vqDB9&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Atrue&AV_CDIM9=6785150&AV_CDIM10=v22.18.0&AV_CDIM12=B&AV_CDIM13=false&AV_CDIM14=sp_wfO5dOu8&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&AV_DNTCHECK=0&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_wfO5dOu8%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.post-gazette.com%2Fnews%2Fcrime-courts%2F2024%2F08%2F11%2Fthomas-crooks-butler-trump-rally-shooting%2Fstories%2F202408110072&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=62569d35967beb67a42364be&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.post-gazette.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/62569d35967beb67a42364be/www.post-gazette.com&d36=6.2.231&responsive=1&sver=5&avtoken=52391&omv=1.0.1&clsid=a99fd622-9868-49b4-ab4d-727de250f612&rando=98&scnt=1&AV_WIDTH=630&AV_HEIGHT=355&AV_DNT=0&cb=3541057818&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=4&d5=5&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&AV_IRISID=&AV_IRISIDCTX=&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.70 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 09:24:18 GMT
x-bamboo-c-skst
1
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.post-gazette.com
cache-control
no-cache
access-control-allow-credentials
true
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
alt-svc
h3=":443";ma=60;
expires
Thu, 01 Aug 2024 19:37:38 GMT
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame C736 		11 B
237 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
translator
hbopenbid.pubmatic.com/ Frame C736 		0
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.post-gazette.com
date
Tue, 13 Aug 2024 09:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame C736 		11 B
237 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 09:24:10 GMT
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.post-gazette.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
pixels
pix.spot.im/api/v1/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.25.0/launcher/137-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.57.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-57-62.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.post-gazette.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 13 Aug 2024 09:24:19 GMT
content-length
0
content-type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.krxd.net
URL
https://cdn.krxd.net/controltag/r7o3vzlr6.js
Domain
sync.rtk.io
URL
https://sync.rtk.io/cs
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOnc0R8LB8L8OPYw_yaSKTQNrQw4Y4bCOAr5EMEXgu2b87IU3VkNo-fj6lxKdipnnW7wfa
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTrY8VKvIiCNUP8Gobz3kLPRAPGOGx6Az-s2pmmKXd8KMOUelHQryuFL1MadHhaWmc_6p2
Domain
vid.vidoomy.com
URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=undefined&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Dg%26ep%3D380%26traffic_source%3Dsnippet%26session%3D85E6F5BAF9D3794F%26sp%3D852559%26pb%3D753264%26c%3D764707%26a%3D556847%26extuid%3D%7B%7BVID%7D%7D
Domain
jelly.mdhv.io
URL
https://jelly.mdhv.io/v4/pixie?
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408080101&jk=599345914667984&bg=!NzSlNHvNAAZjy5caQ8s7ADQBe5WfONhk9r2NwLXapqxa0KdEkiOA386B_JUi8mtIBemeU_PzGgnB-Qa2mp-Xkpj7kFdLAgAAAEVSAAAABGgBB34ANoUP-CMS7Ks4ovUhfW-Kf5LYCr_wALyMKFdLhsc1ss8HAy6ViqlRKaFZgeuBgy4YzoMgorecBAoAZkGUre9kteY-xTYWdkl1p6NlZn3eTwXCUH9xNFGG8Epk6Vo0yiZrgYZiwWl6EhPCyPCCciWujNVtCKk1Pjzqdo-XTYZSzKlwb0LCJy9QBAxARpDv6iLHioaNoZ3DovDE42gKM3GUGJkCz2bxoo-ohhWEq0P8S5EswtXqKL_YkltNx54wYC4b9rMX2Z7_k4iLJ4rqnCJjxs6xwBLxsaTd0YyENFmFxipsQaP5Qi12O1jVTtD_w-xaNNbp97ODSKGaWZbAwcwSFyRZUDyeaTHH8_sg7GuE20mlmGzZz7PaEYQr5o6Go2okpmfS2auGdx-_8EYbL5X5CLpgrTa7LAPj4vSD1UWMKSB_7-OAwJUM8_I-0oAl-xiD09Z5GE3tP7owx2jNhJVF1arxWu9MnIxsxYGeq6_H8_smZYPeO9cQJn5SyCnbVplZDvI9nkFqLUjGHGg8abJTluhFQVPixvQJpL8TnQ4FwMFTFTYkMGAGpG7LCb9ks2ZBD6-8wI08W95BpI7dH-Sysdkp9O1DRSA1G3AJwExKUBDkY7ITVVrYcB42nOtZq4GDyQ0x9_PoNWFdNQr2LvgJLABXdlIBwR83kaLFBTamHqn9IqnCTVlfUCV0wgGrwRbzN7nne_P02c5RnIj3dGXRaz22vqGd7pX4M2tO9sQD3Hku3EzgEtbN4ATnvzMin5KLFmj3r6DqfUcnLMURxItjiehDZ05MMdQTOoOMAd_9Pae4CYVAdMLfnvjd4JEx60Sd1qmmwJKzleIsra5GZ176xthinIwB9LQJDQ1D39uqi-Yvt6oFUnAlciG3bz_VkfLsNCDZedRARERoRuNHtHf7Xs39miyQ6HLot0UckN99SxwJGFqs5zAiJbNyWHVip1Z_t3hr-2OQxGs6Gt7fi-90CmBxADwpXK3QRNwbBp1Uw1IjEEK9IQRDdJlwc12hevpzNVto59k1VS6hp7t9g_Ssw877wp-RYtqdyVAUjFLQihC1siBnQnjT7g85PCtcI1zNcUa57DzxdwN9c2wp7jOZiB7fMkRYAALuNuzwS0fUFhsonmG8lZ5JvXqPpPLqzmQPONRDQ8Zqk-SoepqJXOK76GQw
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Domain
ads.avct.cloud
URL
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsonobi

Verdicts & Comments Add Verdict or Comment

287 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 string| cGdwd2Rza2lwcGVy object| PGVARS string| PGPageVersion string| PGRequestType string| PGAPIBaseURL object| dataLayer function| setNptTechAdblockerCookie object| script object| _prx function| gtag string| GoogleAnalyticsObject function| ga object| pgStoryZeroJSON object| PGPAGEDATA object| S2NSTORYDATA object| CryptoJS object| _PGDETECTBROWSER function| $ function| jQuery object| jQuery111208579547235016225 function| moment function| FastClick function| Swiper object| amplify function| EvEmitter function| imagesLoaded function| _ function| axios object| DEBUGLOGR function| Cookies object| queryly object| _PGNEW object| _PG object| tp object| SignUp object| PWController object| pset object| PGUser object| PGUtils function| Krux object| $jscomp function| $jscomp$lookupPolyfilledValue object| PGLIB object| Stickyboxes object| BINDER object| TheAgent object| PGFNS function| getResponsiveSize object| PGSITESETTINGS object| ADSYSTEMCONFIG object| currentDevice object| DFPADS object| allbids object| dfpUserType number| PREBID_TIMEOUT object| pbjs object| apstag object| googletag object| ADBIDDERS object| dfpwallpaper object| dfpinterstitial object| dfppencilexpander object| dfppeelback object| dfpadhesionbanner object| dfpadhesionbannermobile object| dfpinterstitialmobile object| dfpnavsponsor object| $items object| PGDFPADS object| thestoryobj function| pgEmailShareSubmit object| UA object| opts object| tptags object| BlockAdBlock object| blockAdBlock object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| pbjsChunk object| _pbjsGlobals object| $immediateparent object| $parentelem object| $thestory object| $thebutton object| $thisbutton object| __twttrll object| twttr object| __twttr object| ggeac object| google_js_reporting_queue object| google_tag_manager function| OX object| OX_swfobject object| oxhbjs string| currTimeStr string| new_bi object| browser_id_array object| OXHBConfig function| OX_288dc36383d55e function| OX_288dc36383d55e_onAdRequestError function| originalFunc function| OX_9709164533_onAdRequestError function| OX_9709164533 function| postscribe object| google_tag_manager_external function| onYouTubeIframeAPIReady object| _pgresponsevariables function| thing object| _aps boolean| apstagLOADED object| PianoESPConfig number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability object| ntvData function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| csV3V5Init2031005132 number| csReadyStateCheckInterval2031005132 object| __OW_CONFIG__ object| webpackChunk_spotim_launcher object| TQ object| __SPOTIM__ object| __OPEN_WEB__ object| GooglebQhCsO object| pgpageapi object| apscustom object| $targetbydata number| targetbydatacount object| $adtarget object| google_reactive_ads_global_state boolean| pnFullTPVersion number| pnInitPerformance object| pn string| __tpVersion object| SWG function| setGoogleTagConfig function| ___tp object| webpackChunkads function| OX_5563d8f60d8871 function| OX_5563d8f60d8871_onAdRequestError function| OX_1703872863_onAdRequestError function| OX_1703872863 function| OX_67075260222ecf function| OX_67075260222ecf_onAdRequestError function| OX_1675827267_onAdRequestError function| OX_1675827267 object| process object| regeneratorRuntime object| SPOTIM string| __OW_ENV__ string| __SPOTIM_ENV__ string| __SPOTIMENV__ string| __SPOTIM_PAGE_VIEW_ID__ object| PianoESP object| webpackJsonpCSW function| setImmediate function| clearImmediate object| civicscience object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| OTZlZDRlOGZjYTAwYmQyYWxvYWRlcl9qcw== string| OTZlZDRlOGZjYTAwYmQyYWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state object| cX function| cxCCE_callQueueExecute object| cxTest number| google_unique_id object| ari string| OPENWEB_BUTTON_OFFER string| OPENWEB_BUTTON_TEMPLATE string| END_OF_STORY_TEMPLATE string| END_OF_STORY_OFFERID string| END_OF_STORY_TESTVAR function| pgDrawPixel function| pgPxInit function| dDotInit object| PGGA string| x function| generateIDSyncID function| getIDSyncID function| drawIDSyncPixel function| pgDrawPWPixel object| _sf_async_config object| _cbq function| pgDrawCheckoutPixel function| owActionQueue object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY number| infolinks_pid boolean| infolinks_iframe string| infolinks_basePath object| infolinks_slots boolean| infolinks_initFromFrame boolean| iceLoadStarted function| _typeof function| _defineProperty function| cXJsonpCB1 object| iqscript number| $iceId function| getIfbip number| iqilsource function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| PartnersWinEvent object| iiq_object_array object| ID5 boolean| 10a29242-8452-476b-ad12-6a1b78e538f9 number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| adsbygoogle string| google_user_agent_client_hint function| _33AcrossIdMappingsProvider object| liQd object| stip object| liQd_did_004d object| liQ_instances object| hook object| dimObj string| adviewUrl object| webpackChunkregistration object| webpackChunknotifications function| __SPOTIM_DISABLE_ADS__ object| googDdmPs object| webpackChunkpitc function| avPlayer function| __IntegralASAdPush object| storageAni object| hadron boolean| __halo_loaded__ object| __bt_intrnl object| au object| optsList object| freewheelssp_cache

479 Cookies

Domain/Path Name / Value
www.post-gazette.com/news/crime-courts/2024/08/11/thomas-crooks-butler-trump-rally-shooting/stories Name: logglytrackingsession
Value: 0462af2a-93f2-4bf3-8400-2c65e92e35eb
ad-cdn.technoratimedia.com/html Name: tads_tbla_bidi
Value: 1723541050788
.3lift.com/sync Name: sync
Value: CgoIoQEQ3Ku12JQyCgoI4gEQ3Ku12JQyCgoI5gEQ3Ku12JQyCgoIhwIQ3Ku12JQyCgkIOhDcq7XYlDIKCQgbENyrtdiUMgoKCIwCENyrtdiUMgoKCKwCENyrtdiUMgoKCK0CENyrtdiUMgoJCF8Q3Ku12JQy
.smartadserver.com/api Name: pid
Value: 4736481619593786388
.liadm.com/j Name: lidid
Value: abf38956-c342-4bd4-92ea-d883a3b7b916
.post-gazette.com/ Name: _gid
Value: GA1.2.155317400.1723541049
www.post-gazette.com/ Name: __adblocker
Value: false
www.post-gazette.com/ Name: OX_sd
Value: 1
www.post-gazette.com/ Name: OX_plg
Value: wmp|pm
.openx.net/ Name: i
Value: 73110524-0750-08c7-0ce8-f6240bc41ef9|1723541048
.post-gazette.com/ Name: _dc_gtm_UA-15716261-5
Value: 1
.post-gazette.com/ Name: _dc_gtm_UA-46728690-3
Value: 1
.post-gazette.com/ Name: _dc_gtm_UA-15716261-37
Value: 1
.post-gazette.com/ Name: _gat_itExperiments
Value: 1
.post-gazette.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOAmAdgGZuANkEBWcUNEBOABz8O-EAF8gA
.post-gazette.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lzs7u8xpgeq65hpm%22%7D
.post-gazette.com/ Name: _ga_Y6C45WCK4K
Value: GS1.2.1723541049.1.0.1723541049.0.0.0
.post-gazette.com/ Name: _ga_1W1CPF4CTB
Value: GS1.2.1723541049.1.0.1723541049.60.0.0
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.post-gazette.com/ Name: _ga_LH0XLL8C5N
Value: GS1.2.1723541049.1.0.1723541049.60.0.0
.piano.io/ Name: __cf_bm
Value: JA7kPfp3CBNiIZZUWVBI66.xuEQ34JPnqmmhIub7u7I-1723541049-1.0.1.1-Em_vPKHjm8BKxB4qXGfS6Y583TpbCZpRxRS2wgQYCr1rOU5wfXoHIo8KnXCQiu5RE8EB7GSw_2lyWU9CuSR4Kg
.post-gazette.com/ Name: _ga_GXQ6MXWREN
Value: GS1.2.1723541049.1.0.1723541049.60.0.0
.adsrvr.org/ Name: TDID
Value: 9d726017-cca8-4359-9a78-959ca9a44b9a
.turn.com/ Name: uid
Value: 8933845372045468879
.lijit.com/ Name: ljt_reader
Value: JJ10ABZHC7ELi6jTQSyF4tgi
.yahoo.com/ Name: A3
Value: d=AQABBDkmu2YCEGJYYlgZV-H7YvR3ytyFQhUFEgEBAQF3vGbFZtxH0iMA_eMAAA&S=AQAAAp4Z2kXGv2JHcu2KynEDujI
.doubleclick.net/ Name: IDE
Value: AHWqTUkdWS_rdad6yUygZGzhAF_fnrRrI5kAZxDD72tkC1VOD2U24htEXGOZaXu1_i8
.amazon-adsystem.com/ Name: ad-id
Value: A3rzi52kJEuIv31y3iarccY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: XANDR_PANID
Value: O1hTwYAUPMGfRwbbNuWm9iUt60A2vRvERja-F00rqYvdz_ysMusRvOZmXxmhUFVkx-IkiMiFtJHDt3zWF27TvKlXFL8rXPvqppQuJgupxkw.
.adnxs.com/ Name: icu
Value: ChgIwIosEAoYASABKAEwuczstQY4AUABSAEQuczstQYYAA..
.adnxs.com/ Name: uuid2
Value: 5740716073175427095
id.tinypass.com/ Name: AWSELBCORS
Value: D54D83371CA73269B30D9CD8F7A2329AB776287862274343263B441C07542FF48E5D6C7E063B6393142EC5E77099C3D8C3B1E4EE0ECADA83FEFB72C94C5AD099F27EBB6BAE
.rubiconproject.com/ Name: khaos
Value: LZS7U90F-D-5HSJ
.pippio.com/ Name: did
Value: S8bhZzDA6tW1nOIn
.pippio.com/ Name: didts
Value: 1723541049
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CLnM7LUGEgYIgr0rEAA=
.post-gazette.com/ Name: __pid
Value: .post-gazette.com
www.post-gazette.com/ Name: __pnahc
Value: 0
.spot.im/ Name: device_uuid
Value: 3593de28-31ce-40c3-ad44-2c27d3579c59
www.post-gazette.com/ Name: pnespsdk_ssn
Value: %7B%22%24s%22%3A1723541049796%2C%22visitNumber%22%3A1%7D
www.post-gazette.com/ Name: pnespsdk_visitor
Value: gkw3de45bb8b89uz
.post-gazette.com/ Name: __tbc
Value: %7Bkpex%7D33l1s_KDOfldR8on9ZagTVw88gDo3iRinRczt82_c22kG1_xEDnAms4nHGEUpTkS
.post-gazette.com/ Name: __pat
Value: -14400000
.post-gazette.com/ Name: __pvi
Value: eyJpZCI6InYtbHpzN3U4eHdxbmJwdXYxbiIsImRvbWFpbiI6Ii5wb3N0LWdhemV0dGUuY29tIiwidGltZSI6MTcyMzU0MTA0OTg0NX0%3D
.post-gazette.com/ Name: xbc
Value: %7Bkpex%7D40JwA4yVNqslrMmab_y_uMBQhBYfQB08IE22V3khcUWnylegG0vdXNrsaSEFL-bVFkTES0GNzW9qdu8LVz0AeQ
.civicscience.com/ Name: ballotbox/respondent_id
Value: cookie%2F919480df9c28ffc75569bf95efe2020d
.civicscience.com/ Name: ballotbox_ss
Value: 1
.post-gazette.com/ Name: _gat_segmentTracker
Value: 1
.linkedin.com/ Name: li_sugr
Value: a88a0866-b38c-473e-a513-a0dbd4f28977
.linkedin.com/ Name: bcookie
Value: "v=2&f6a017b4-9c51-4e23-8c0c-ba8e8ed5f031"
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2993:u=1:x=1:i=1723541049:t=1723627449:v=2:sig=AQG__MYB8dXrl5O-cm5qU87qAOn-vCPF"
.tapad.com/ Name: TapAd_TS
Value: 1723541049859
.tapad.com/ Name: TapAd_DID
Value: d22e5234-c6ec-4bdd-ae01-1e4d51f157c3
.post-gazette.com/ Name: cX_P
Value: lzs7u8xpgeq65hpm
.smaato.net/ Name: SCM
Value: 22379858bd
.smaato.net/ Name: SCMaps
Value: 22379858bd
aorta.clickagy.com/ Name: chs
Value: [{"ch":"4","t":"2024-08-13 09:24:09"}]
.sitescout.com/ Name: ssi
Value: 75ab3afa-5214-46b5-a6d8-a2427272e156#1723541049909
.contextweb.com/ Name: V
Value: XrIgtp7oqH9V
.contextweb.com/ Name: VP
Value: part_XrIgtp7oqH9V
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f86fc97fc9351838
.yieldmo.com/ Name: yieldmo_id
Value: VmZJYzzTyJz8ywlsn9Sa%7C1723507200000%7C0
.s3xified.com/ Name: admRtbUidCkey34334Ssp245
Value: 7d1036c5beb5fb6de7958211df3c22cb
.mediago.io/ Name: __mguid_
Value: 213bd2cb133855712nmjuk00lzs7u9gf
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-cc79046f-3e7f-5a94-622b-2faddbc66334.AXgSjAM4GBrLfi12LubQJlGyAcSEE6L2iV8O5O%2B8H5M
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-cc79046f-3e7f-5a94-622b-2faddbc66334.AXgSjAM4GBrLfi12LubQJlGyAcSEE6L2iV8O5O%2B8H5M
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AzHkEbz5_WpRiKy-t28ZjNCaEdko.BWk5qocmiTLT9grcNyBnt%2BQ5fIN3G%2Frc89I0oYh03Yo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AzHkEbz5_WpRiKy-t28ZjNCaEdko.BWk5qocmiTLT9grcNyBnt%2BQ5fIN3G%2Frc89I0oYh03Yo
.post-gazette.com/ Name: __gads
Value: ID=29cab651e6ac5e90:T=1723541049:RT=1723541049:S=ALNI_Ma9DyzRvPslKPEPFnInQlzl5aVcmQ
.post-gazette.com/ Name: __gpi
Value: UID=00000eca43bdbf4a:T=1723541049:RT=1723541049:S=ALNI_MYgx_jfyW5KHJ6YxI_lp2UobEZmjQ
.clickagy.com/ Name: cb
Value: ZrsmOX0HObA13GVFFlIHlZOa
.post-gazette.com/ Name: __eoi
Value: ID=44ab206e5d01c8fb:T=1723541049:RT=1723541049:S=AA-AfjbhS0-3l-4dbPm7dXsIMLXS
.agkn.com/ Name: ab
Value: 0001%3AGAhHf3Y4ASeTPLgnOl4n9gGUgK2ZfB%2Fg
.zemanta.com/ Name: zuid
Value: 4FFATPiVGUSPZX_ofiwo
.bidr.io/ Name: bito
Value: AAIrHE7NdkwAABeoiAE-dg
.bidr.io/ Name: bitoIsSecure
Value: ok
.ipredictive.com/ Name: cu
Value: 3b73fd54-5fed-4fd7-8d02-edfe7aa310c3|1723541050014
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBLFZSEcuVvcYKPRA2LvKzVHZqLmtKLx9YrejUtnrt_9EGcYBCC6zOy1BjABOgTwU00QQgS2ivqu.3NVPObFOM%2Fgq98mkrVEVP%2BdvkJkoki0U7pFDaXKtb6I
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBLFZSEcuVvcYKPRA2LvKzVHZqLmtKLx9YrejUtnrt_9EGcYBCC6zOy1BjABOgTwU00QQgS2ivqu.3NVPObFOM%2Fgq98mkrVEVP%2BdvkJkoki0U7pFDaXKtb6I
.bidswitch.net/ Name: tuuid
Value: 2274b348-066a-4986-b3e7-e410058596e5
.bidswitch.net/ Name: c
Value: 1723541050
.bidswitch.net/ Name: tuuid_lu
Value: 1723541050
.tinypass.com/ Name: ch_sid
Value: ANLYIjluB5mnVt2
.bluekai.com/ Name: bkdc
Value: phx
.media6degrees.com/ Name: clid
Value: 2si5gsa01171vpifo36y827i000000016a010x01801
.media6degrees.com/ Name: acs
Value: 012020k1si5gsaxzt10
.technoratimedia.com/ Name: tads_ipv6
Value: 2001:550:1d05:1::10
.sharethrough.com/ Name: stx_user_id
Value: 2b0f3c79-b8ac-4f8a-b294-e845f3fad1cc
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjJSsjI0NzIxNzUwMzXQUTI0MEYXMEMVMEFXYGiILFALALOMEI8%3D
.omnitagjs.com/ Name: ayl_visitor
Value: f64113ab135a5b64d8bd611427473cd9
.bluekai.com/ Name: bku
Value: ZoW99eGZrtjP3byG
.rubiconproject.com/ Name: khaos_p
Value: LZS7U90F-D-5HSJ
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.post-gazette.com/ Name: _cb
Value: D7r8J4pivinBqf0wT
.post-gazette.com/ Name: _chartbeat2
Value: .1723541050224.1723541050224.1.BNI1ntD322lxBLqJDdBEu9RgBLoxYj.1
.post-gazette.com/ Name: _cb_svref
Value: external
.technoratimedia.com/ Name: tads_uidp_16
Value: 1551371482546
.technoratimedia.com/ Name: tads_uidp_37
Value: b4524674-8eff-38e0-ac32-40d4cc348ac3
.technoratimedia.com/ Name: tads_uidp_45
Value: 79F2060E-A633-4206-A893-10347237D95B
.technoratimedia.com/ Name: tads_uidp_46
Value: 4921493287091222090
.technoratimedia.com/ Name: tads_uidp_64
Value: refuPMYupazP7_TXy7tFuwoSQ-VRCXiM
.technoratimedia.com/ Name: tads_uidp_70
Value: 1668364574412-986994375386-009124-010-008838
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-5b53036e-7a45-4de6-8efa-6522b054082f-005
.technoratimedia.com/ Name: tads_uidp_77
Value: 62uNhpjmYnwaw0vxFYYvn2bIAW0P7thoNxOinHfb8-w
.technoratimedia.com/ Name: tads_uidp_79
Value: 5530add7-843c-4051-b15b-40ab6359c992
.technoratimedia.com/ Name: tads_uidp_83
Value: R9WXtN4HSgtT
.technoratimedia.com/ Name: tads_uidp_90
Value: 10c87e9f-8a95-459f-8d8c-ece36ac01bef
.technoratimedia.com/ Name: tads_uidp_91
Value: 1127780877599371273brt56851661351334633785b9
.technoratimedia.com/ Name: tads_uid
Value: 0ACA07A79B244833993E8B9798357D18
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230514043511+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1706659281636
.simpli.fi/ Name: suid
Value: 1B83C3318C8E4AA0BE818BFB6CBDF8EF
.storygize.net/ Name: U
Value: a18d6014-0910-4c1f-9fdd-e45488488b6c
.quantserve.com/ Name: mc
Value: 66bb263a-48b24-2d952-c7456
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 20AE8506-B39B-4ED3-911A-D0EB0876E76D
.post-gazette.com/ Name: __pil
Value: en_US
.lijit.com/ Name: _ljtrtb_2
Value: 1B83C3318C8E4AA0BE818BFB6CBDF8EF
.s3xified.com/ Name: rtbDspUserSyncIDs231123sd3r32
Value: {"1642":"0ACA07A79B244833993E8B9798357D18"}
.lijit.com/ Name: _ljtrtb_43
Value: 6F4XyOxeRsvzXE3I7FxYmLpRQJjzC0Ke6149P0pm
.ads.yieldmo.com/ Name: ptrpp
Value: XrIgtp7oqH9V
.ads.yieldmo.com/ Name: ptrrc
Value: LZS7U90F-D-5HSJ
.ads.yieldmo.com/ Name: ptrunl
Value: OPTOUT
.lijit.com/ Name: _ljtrtb_106
Value: 4736481619593786388
.tinypass.com/ Name: LANG
Value: en_US
.tinypass.com/ Name: JSESSIONID
Value: B30D6250674DB03097808D4461F36193
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:1B83C3318C8E4AA0BE818BFB6CBDF8EF&KRTB&23486-uid:1B83C3318C8E4AA0BE818BFB6CBDF8EF&KRTB&23489-uid:1B83C3318C8E4AA0BE818BFB6CBDF8EF&KRTB&23539-uid:1B83C3318C8E4AA0BE818BFB6CBDF8EF
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGjj7SG9qjFFKICRWRlVRS0&KRTB&23025-CAESEGjj7SG9qjFFKICRWRlVRS0&KRTB&23386-CAESEGjj7SG9qjFFKICRWRlVRS0
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-9d726017-cca8-4359-9a78-959ca9a44b9a&KRTB&22918-9d726017-cca8-4359-9a78-959ca9a44b9a&KRTB&22926-9d726017-cca8-4359-9a78-959ca9a44b9a&KRTB&23031-9d726017-cca8-4359-9a78-959ca9a44b9a
.infolinks.com/ Name: cuid
Value: ce618014-4649-42ad-9f85-b83804158eb9
.3lift.com/ Name: tluidp
Value: 4441859691190386988537
.3lift.com/ Name: tluid
Value: 4441859691190386988537
.cxense.com/ Name: gckp
Value: 1s8w99z2u947j3reed975b04i4
.adx.opera.com/ Name: UID
Value: OPUa94d6c6404254703a2ff0dbf686f17ea
.post-gazette.com/ Name: cX_G
Value: cx%3A18tlfpf3ybq6r5y74tihz6n9%3A3k9hnxqw3dbut
.advertising.com/ Name: A3
Value: d=AQABBDomu2YCENw8PR1Vt0fN-2UhE9NrzTsFEgEBAQF3vGbFZtxH0iMA_eMAAA&S=AQAAAh581OSAYclJotwflhTKwY0
.casalemedia.com/ Name: CMID
Value: ZrsmOsAoJHcAADWSAeqtrgAA
.casalemedia.com/ Name: CMPS
Value: 1565
.casalemedia.com/ Name: CMPRO
Value: 1565
.lijit.com/ Name: _ljtrtb_103
Value: OPUa94d6c6404254703a2ff0dbf686f17ea
.ads.yieldmo.com/ Name: ptrpub
Value: 20AE8506-B39B-4ED3-911A-D0EB0876E76D
.infolinks.com/ Name: OXUSERCOOKIE
Value: 8b2a18ec-bd03-00bc-17f1-093e97448891
.infolinks.com/ Name: ZMNUSERCOOKIE
Value: 4FFATPiVGUSPZX_ofiwo
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: JJ10ABZHC7ELi6jTQSyF4tgi
.infolinks.com/ Name: QCUSERCOOKIE
Value: enVRt351ALRhdwu3fnce5yh6BudhIATheXXWnEly
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQCDate
Value: 1723541050791
.pxl.iqm.com/ Name: infolink
Value: MTcyNDc1MDY1MDgxMA==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: cb6dfd1a-129d-4071-9acd-1dec0d9a7c7d
.infolinks.com/ Name: TPLSERCOOKIE
Value: 4441859691190386988537
.infolinks.com/ Name: EQVSERCOOKIE
Value: 4736481619593786388
.infolinks.com/ Name: SHTUSERCOOKIE
Value: 2b0f3c79-b8ac-4f8a-b294-e845f3fad1cc
.infolinks.com/ Name: URUSERCOOKIE
Value: OPTOUT
.infolinks.com/ Name: R1USERCOOKIE
Value: OPTOUT
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-aAKvT6xE2uIJ2kZV2CYd2Tauy6DTKkuD~A
.go.sonobi.com/ Name: __uis
Value: cb9aafa1-bfe6-44b6-af4a-589a78bec437
.mgid.com/ Name: lmg_usr
Value: acfaa657-8df7-41ad-bb88-0da35f0f8469
.tynt.com/ Name: uid
Value: p7fwLGa7JjonE9nodF8u2Q==
.post-gazette.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-kRD8RGmzrENPb2bYDtgAaxURqGbFCmVUMDeIEf1c_yTGoJIQxdbI8Fo7WDD2J2lHD5kZBPLSrjaJXPdmEajdXT60jVCwpxeQu9b8FslyQ8AcJ2pyrtvl0COi2polGi1XlN7mSw-NTeUdPGSssm13qSDqDJw%3D%3D%22%5D%5D
.adkernel.com/ Name: DSP2F_3
Value: 336050
.adkernel.com/ Name: ADKUID
Value: A2648661829895477547
.intentiq.com/ Name: intentIQ
Value: QGd1TkV8Ha
.post-gazette.com/ Name: _ga_VZTY4SK8JP
Value: GS1.1.1723541049.1.1.1723541050.0.0.0
.media.net/ Name: data-inf
Value: setstatuscode~~41
.33across.com/ Name: check
Value: true
.technoratimedia.com/ Name: tads_uidp_50
Value: 9dd175c3-c980-0f03-3cfe-20ac5b0313e2
.technoratimedia.com/ Name: tads_uidp_80
Value: y-ALifbvpE2uFj_MU4jhaIM_aIGBEenoEo~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZrsmOsAoJHcAADWSAeqtrgAA&1565
www.post-gazette.com/ Name: _pganon
Value: 574c5ed79d44cc185954588f34debb8a
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-EZMHVn5E2uH2NWjrS6qjduYkCen.u_Id~A
.technoratimedia.com/ Name: tads_uidp_88
Value: 4441859691190386988537
.infolinks.com/ Name: IXUSERCOOKIE
Value: ZrsmOsAoJHcAADWSAeqtrgAA&1565
.infolinks.com/ Name: IQMUS
Value: cb6dfd1a-129d-4071-9acd-1dec0d9a7c7d
.intentiq.com/ Name: ASDT
Value: 0
.infolinks.com/ Name: SONOBIUSERCOOKIE
Value: cb9aafa1-bfe6-44b6-af4a-589a78bec437
.infolinks.com/ Name: MNETUSERCOOKIE
Value: 3665426501524201000V10
.smaato.net/ Name: SCMinf
Value: 22379858bd
.infolinks.com/ Name: MGIDUSERCOOKIE
Value: acfaa657-8df7-41ad-bb88-0da35f0f8469
.media.net/ Name: data-sy
Value: 0ACA07A79B244833993E8B9798357D18~~3
.media.net/ Name: visitor-id
Value: 3665426501524238000V10
.media.net/ Name: data-o
Value: 689153e2-05d7-0dd0-3571-40a2dd0cbfd8~~3
.post-gazette.com/ Name: _li_dcdm_c
Value: .post-gazette.com
.adform.net/ Name: C
Value: 1
.post-gazette.com/ Name: _lc2_fpi
Value: 9f2ec9c7e58b--01j55gtnmxqxp97sd5gw1v9zg9
.post-gazette.com/ Name: _lc2_fpi_meta
Value: {%22w%22:1723541051037}
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAIrHE7NdkwAABeoiAE-dg
.technoratimedia.com/ Name: tads_uidp_7
Value: 0aba3499-80aa-4624-8590-829cbd44f8a1
.infolinks.com/ Name: FRWHUSERCOOKIE
Value: d4248492cdd3e149bbb55c72ee2245f9
.bing.com/ Name: MUID
Value: 301D82768D3163A128A496AC8C8F6227
.c.bing.com/ Name: MR
Value: 0
.connatix.com/ Name: cnx_userId
Value: 8d5932bf5ef04c429d7c59f9eed2bec0
.infolinks.com/ Name: SAMUSERCOOKIE
Value: 22379858bd
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-0a92dfbc-28f1-3ebc-ae7b-517f9daddf20
.technoratimedia.com/ Name: tads_uidp_62
Value: 3665426501524223000V10
.adform.net/ Name: uid
Value: 8433293207319255994
.aralego.com/ Name: sspid
Value: b4524674-8eff-38e0-ac32-40d4cc348ac3
.adkernel.com/ Name: SSPR_40
Value: aHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vMTUybXVzP3VpZD1BMjY0ODY2MTgyOTg5NTQ3NzU0Nw==
.serverbid.com/ Name: CONSUMABLEID
Value: 06631eb71f3a494ea31eb71f3a294e3a
.technoratimedia.com/ Name: tads_uidp_49
Value: AQAHneQ7xle2PAJ8BrT3AQEBAQEBAQCQSgxXngEBAJBKDFee
.infolinks.com/ Name: TAUSERCOOKIE
Value: d22e5234-c6ec-4bdd-ae01-1e4d51f157c3
.analytics.yahoo.com/ Name: IDSYNC
Value: "18za~2k3l:19cy~2k3l:18xp~2k3l:18yi~2k3l:190u~2k3l"
.infolinks.com/ Name: CONSUSERCOOKIE
Value: 06631eb71f3a494ea31eb71f3a294e3a
.infolinks.com/ Name: 33AUSERCOOKIE
Value: 212740458100480
.w55c.net/ Name: wfivefivec
Value: BrotW24q1SDNLd5
.emxdgt.com/ Name: uid
Value: 51051723541051170535a4
.sportradarserving.com/ Name: zuuid
Value: f2a8678c-33bc-4155-bc25-425ebf8ef2bd
.sportradarserving.com/ Name: c
Value: 1723541051
.sportradarserving.com/ Name: zuuid_lu
Value: 1723541051
.technoratimedia.com/ Name: tads_uidp_61
Value: 212740879486214
.33across.com/ Name: 33x_ps
Value: u%3D212740879486214%3As1%3D1723541050988%3Ats%3D1723541050988
.liadm.com/ Name: lidid
Value: abf38956-c342-4bd4-92ea-d883a3b7b916
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1723541051
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjIwtLAwsLA0MjE3MTA0NzE1MRXiM9T1LDXPK8gPjjQMMc4GAIYFCqslAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjIwtLAwsLA0MjE3MTA0NzE1MRXiM9T1LDXPK8gPjjQMMc4GAIYFCqslAAAA
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 2018808924740174528
.krushmedia.com/ Name: krm_r
Value: 615
.smartadserver.com/ Name: pid
Value: 7301306483831862407
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.csync.loopme.me/ Name: viewer_token
Value: d3689056-7f6f-4a87-935a-7ea8ece333e1
.post-gazette.com/ Name: spotim_visitId
Value: {%22visitId%22:%223593de28-31ce-40c3-ad44-2c27d3579c59%22%2C%22creationDate%22:%22Mon%20Aug%2012%202024%2023:24:09%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)%22%2C%22duration%22:2}
.infolinks.com/ Name: LOPMUSERCOOKIE
Value: d3689056-7f6f-4a87-935a-7ea8ece333e1
.w55c.net/ Name: matchopenx
Value: 5
.krushmedia.com/ Name: krm_usr
Value: 51b378ff-49b5-5652-8915-d4cc73e299f3
openrtb-us-east-1.axonix.com/ Name: ax_cx
Value: 006c5e5e-76c3-46ec-b1ef-9208a933419c
.infolinks.com/ Name: QORAUSERCOOKIE
Value: A2648661829895477547
.infolinks.com/ Name: EMDOUSERCOOKIE
Value: 006c5e5e-76c3-46ec-b1ef-9208a933419c
.technoratimedia.com/ Name: tads_uidp_48
Value: 24446be5-00e2-4471-a830-afd9ec3550da
.technoratimedia.com/ Name: tads_uidp_73
Value: AAIrHE7NdkwAABeoiAE-dg
.doubleclick.net/ Name: APC
Value: AfxxVi6GY_fWOeJsFbLxkiPlNaOSmmh0u9Lx_GNfEZ2CC4r9qc3BTA
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: pd
Value: v2|1723541049.2|wvmmiKbwuYvPwtvMvJeSgahEgKkWwrg2f8wiwIgy.g6fYn8mKvuvR
.doubleclick.net/ Name: ar_debug
Value: 1
.technoratimedia.com/ Name: tads_uidp_44
Value: LZS7U90F-D-5HSJ
.aniview.com/ Name: aniC
Value: 1723541052589-172025166255-000153-000-008120
.lijit.com/ Name: _ljtrtb_80
Value: LZS7U90F-D-5HSJ
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 61035508fd85575d1ee0f4a43f3e433f
.lijit.com/ Name: _ljtrtb_27
Value: 9d726017-cca8-4359-9a78-959ca9a44b9a
.quantserve.com/ Name: sp
Value: CggIknESAxCVDQoJCIX_AhIDEJUN
.post-gazette.com/ Name: lotame_domain_check
Value: post-gazette.com
.post-gazette.com/ Name: _cc_id
Value: 61035508fd85575d1ee0f4a43f3e433f
.post-gazette.com/ Name: panoramaId_expiry
Value: 1723627452712
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.admixer.net/ Name: am-uid
Value: 02cc4e56da5f41f9a862f20165bbd2f5
.spotim.market/ Name: vmuid
Value: 8c8d1f210e1de076
.primis.tech/ Name: csuuid
Value: 66bb263cd4d6e
.ad.gt/ Name: au_3p_check
Value: 1
.360yield.com/ Name: tuuid
Value: fcc3eeba-da8e-415b-869b-d853219dfe31
.360yield.com/ Name: tuuid_lu
Value: 1723541052
.aniview.com/ Name: 1_C_18
Value: JJ10ABZHC7ELi6jTQSyF4tgi
sync.aniview.com/ Name: 1_C_18
Value: JJ10ABZHC7ELi6jTQSyF4tgi
.aniview.com/ Name: 1_C_41
Value: 4441859691190386988537
sync.aniview.com/ Name: 1_C_41
Value: 4441859691190386988537
.aniview.com/ Name: 1_C_42
Value: ZrsmOsAoJHcAADWSAeqtrgAA&1565
sync.aniview.com/ Name: 1_C_42
Value: ZrsmOsAoJHcAADWSAeqtrgAA&1565
.aniview.com/ Name: 1_C_72
Value: 75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553
sync.aniview.com/ Name: 1_C_72
Value: 75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553
.post-gazette.com/ Name: _gat_pianoTracker
Value: 1
.eqads.com/ Name: EQUser
Value: UID=8677cb82-2702-4805-822a-91278db8f2cc
.company-target.com/ Name: tuuid
Value: 904a5881-9adb-482f-b3a7-56de0897dd15
.company-target.com/ Name: tuuid_lu
Value: 1723541052|ix:0
.360yield.com/ Name: um
Value: !313,ATea.FC9-hSYbo3dXj6fGwFI0FzQUbooaRvqqZHFY9dXxU5CEIipeW2NCXtaWM7LF.BCi6qri8J0BFp4,1731317052
.360yield.com/ Name: umeh
Value: !313,0,1785749052,-1
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553&KRTB&23418-75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553
.quantserve.com/ Name: d
Value: EOMBIwHHLPijCJiTCuu4EJ9A7enxAA
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-3b73fd54-5fed-4fd7-8d02-edfe7aa310c3&KRTB&23011-3b73fd54-5fed-4fd7-8d02-edfe7aa310c3&KRTB&23355-3b73fd54-5fed-4fd7-8d02-edfe7aa310c3
.post-gazette.com/ Name: _pubcid
Value: 9b3a0db6-a24e-4ce1-8f29-265e6257ee95
.post-gazette.com/ Name: _pubcid_cst
Value: zix7LPQsHA%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:BrotW24q1SDNLd5&KRTB&23421-uid:BrotW24q1SDNLd5
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8433293207319255994&KRTB&23231-8433293207319255994&KRTB&23263-8433293207319255994&KRTB&23481-8433293207319255994
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-zHkEbz5_WpRiKy-t28ZjNCaEdko&KRTB&23334-zHkEbz5_WpRiKy-t28ZjNCaEdko&KRTB&23417-zHkEbz5_WpRiKy-t28ZjNCaEdko&KRTB&23426-zHkEbz5_WpRiKy-t28ZjNCaEdko
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-jSXExIkllceWJ57EiSeLlN8qk5SWcJGSjiXfo06D&KRTB&22979-jSXExIkllceWJ57EiSeLlN8qk5SWcJGSjiXfo06D&KRTB&23462-jSXExIkllceWJ57EiSeLlN8qk5SWcJGSjiXfo06D
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVTEp5YnpCIzE1MzI0XzAmVUxKeWJRZA
.intentiq.com/ Name: IQPData
Value: 1121752347#1723541053076#0#1723541050934
.lijit.com/ Name: _ljtrtb_26
Value: 2274b348-066a-4986-b3e7-e410058596e5
.lijit.com/ Name: _ljtrtb_16
Value: 75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-2018808924740174545
.aniview.com/ Name: 1_C_1
Value: 20AE8506-B39B-4ED3-911A-D0EB0876E76D
sync.aniview.com/ Name: 1_C_1
Value: 20AE8506-B39B-4ED3-911A-D0EB0876E76D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8933845372045468879&KRTB&23150-8933845372045468879&KRTB&23527-8933845372045468879
.post-gazette.com/ Name: _au_1d
Value: AU1D-0100-001723541053-TX1F1HDK-6LR6
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUa94d6c6404254703a2ff0dbf686f17ea&KRTB&23485-OPUa94d6c6404254703a2ff0dbf686f17ea&KRTB&23524-OPUa94d6c6404254703a2ff0dbf686f17ea&KRTB&23575-OPUa94d6c6404254703a2ff0dbf686f17ea
.go.sonobi.com/ Name: HAPLB8G
Value: s8541|ZrsmQ
.go.sonobi.com/ Name: _usd_post-gazette.com
Value: aa303bba-8451-4e58-8903-cfd30b226b7b
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 51006252
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 51006252
.go.sonobi.com/ Name: __uin_lr
Value: 1
.go.sonobi.com/ Name: __uir_lr
Value: 51006252
.go.sonobi.com/ Name: __uin_cx
Value: 1
.go.sonobi.com/ Name: __uir_cx
Value: 51006252
.prebid.a-mo.net/ Name: __amc
Value: 1_1723541053_1723541053
.a-mo.net/ Name: amuid2
Value: 607a9dbd-b379-4996-81c1-30d36ad33e0c
.a-mo.net/ Name: pamuid2
Value: 607a9dbd-b379-4996-81c1-30d36ad33e0c
.prebid.a-mo.net/ Name: psd_amuid2
Value: 607a9dbd-b379-4996-81c1-30d36ad33e0c
.prebid.a-mo.net/ Name: sd_amuid2
Value: 607a9dbd-b379-4996-81c1-30d36ad33e0c
.kargo.com/ Name: ktcid
Value: 1046e655-26a8-0c92-59e6-6fcc1a2e773f
.deepintent.com/ Name: CDIUSER
Value: di_db5e8f819ace43d4ad296
.mgid.com/ Name: lmg_r
Value: 13|25
.mathtag.com/ Name: uuid
Value: 6a8a66bb-263d-4e00-a2b4-8c6d67dd8cf9
.thrtle.com/ Name: mc
Value: eyJpZCI6IjZhNTFhN2UwLTdlNWUtNDhhNC1iNmJiLTllMWY1MTk5YjJmYSIsImwiOjE3MjM1NDEwNTMzMDMsInQiOjF9
.post-gazette.com/ Name: _ga_52VEWRBBMT
Value: GS1.2.1723541053.1.0.1723541053.0.0.0
.adgrx.com/ Name: ADGRX_UID
Value: cde69e1c-5955-11ef-b71e-e7c24eaee6be
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33646_11A2FC3A8_ACB80CA&KRTB&23092-R33646_11A2FC3A8_ACB80CA
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:6a8a66bb-263d-4e00-a2b4-8c6d67dd8cf9
.server.cpmstar.com/ Name: USER_ID
Value: t%f8k%92%b3%10%c7%cdO%10%b9%8cA%5dA
.creativecdn.com/ Name: g
Value: L6W08pKQNBe0ADF12vJu_1723541053349
.creativecdn.com/ Name: ts
Value: 1723541053
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQAGT4b39reEtgJsGIepAQEBAQEBAQCQSgxefQEBAJBKDF59&KRTB&22715-AQAGT4b39reEtgJsGIepAQEBAQEBAQCQSgxefQEBAJBKDF59&KRTB&23519-AQAGT4b39reEtgJsGIepAQEBAQEBAQCQSgxefQEBAJBKDF59
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-e6733285-bdb3-4d1f-b4bf-955ad7185cb7&KRTB&23340-e6733285-bdb3-4d1f-b4bf-955ad7185cb7&KRTB&23498-e6733285-bdb3-4d1f-b4bf-955ad7185cb7
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.iqzone.com/ Name: iq_u_key
Value: 8541481b-0416-4f70-a156-0e9c0b90c5d8
.iqzone.com/ Name: iq_r_key
Value: 299
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.post-gazette.com/ Name: _ga
Value: GA1.2.1582922576.1723541049
.owneriq.net/ Name: si
Value: Q7768274532064264813P
.owneriq.net/ Name: pmc
Value: 1
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_cdfb1090-5955-11ef-a127-121a3bdf91f3
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-cde69e1c-5955-11ef-b71e-e7c24eaee6be&KRTB&23275-cde69e1c-5955-11ef-b71e-e7c24eaee6be
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-2274b348-066a-4986-b3e7-e410058596e5
.infolinks.com/ Name: KADUSERCOOKIE
Value: 20AE8506-B39B-4ED3-911A-D0EB0876E76D~1723548829571
.spotim.market/ Name: g32
Value: 5740716073175427095
.spotim.market/ Name: g13
Value: JJ10ABZHC7ELi6jTQSyF4tgi
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 7833a091-132b-42e8-8b13-44c7f323b073
beacon.lynx.cognitivlabs.com/ Name: ss
Value: Bwy9rAWnxfeoOwYSLuN22JeOBPW%2BYdxnAJsl81PUg2ApUPl1OwB%2BXqbTmAcqpu%2FcpoY%2BWPkuWJP1K78yHklRhw%3D%3D
.spotim.market/ Name: g358
Value: acfaa657-8df7-41ad-bb88-0da35f0f8469
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-sjJYL5ZyrTs5ycHAYqlsKzbqHJ20wcWgtc28PWOzdrY&KRTB&23047-sjJYL5ZyrTs5ycHAYqlsKzbqHJ20wcWgtc28PWOzdrY&KRTB&23234-sjJYL5ZyrTs5ycHAYqlsKzbqHJ20wcWgtc28PWOzdrY&KRTB&23361-sjJYL5ZyrTs5ycHAYqlsKzbqHJ20wcWgtc28PWOzdrY
.spotim.market/ Name: g142
Value: 3665426501524238000V10
.ad.gt/ Name: au_id
Value: AU1D-0100-001723541053-TX1F1HDK-6LR6
.servenobid.com/ Name: pid_321
Value: OPTOUT
.servenobid.com/ Name: pid_333
Value: ZrsmOsAoJHcAADWSAeqtrgAABh0AAAIB
.servenobid.com/ Name: pid_351
Value: 2b0f3c79-b8ac-4f8a-b294-e845f3fad1cc
.servenobid.com/ Name: pid_332
Value: cb9aafa1-bfe6-44b6-af4a-589a78bec437
.servenobid.com/ Name: pid_310
Value: JJ10ABZHC7ELi6jTQSyF4tgi
.servenobid.com/ Name: pid_317
Value: 7301306483831862407
.servenobid.com/ Name: pid_353
Value: 3665426501524238000V10
.adkernel.com/ Name: SSPZ
Value: 221544
.adkernel.com/ Name: DSP2F_40
Value: 649145
.adkernel.com/ Name: DSP2F_77
Value: 688143
.trafmag.com/ Name: vid
Value: 5801232243584044
.yellowblue.io/ Name: wrvUserID
Value: eaMjcrL-kp_s
.sync.inmobi.com/ Name: TEST-COOKIE
Value: YES
.spotim.market/ Name: g58
Value: 212740879486214
.cdn.dxkulture.com/ Name: __cf_bm
Value: 4buEr8aJ.ter.ZnIvVp5hdKfAF02mjfuIk..AdRJWbw-1723541053-1.0.1.1-QAd3R8BfbbCyOk3kaRI.qFOb.IKy_OYQgCoedEw19W1a9CueQ8xzHWC1lc1OWGeKzoOe8wsMFd_lgAgBpkf2ew
.mfadsrvr.com/ Name: tuuid
Value: 66ecd7eb-43dc-4752-8d89-2c76b33c709c
.mfadsrvr.com/ Name: c
Value: 1723541053
.mfadsrvr.com/ Name: tuuid_lu
Value: 1723541053
.servenobid.com/ Name: pid_304
Value: 212740879486214
.gumgum.com/ Name: vst
Value: u_999cd69a-554f-47ce-92ad-a944415cfd39
.servenobid.com/ Name: pid_324
Value: 2018808924740174545
.adtelligent.com/ Name: vmuid
Value: 9478b0569c9575b6
.adtelligent.com/ Name: a541630
Value: OPTOUT
.servenobid.com/ Name: pid_352
Value: eaMjcrL-kp_s
.sync.inmobi.com/ Name: iid
Value: ID5-1-cbf19e9d-378a-4a6b-a97c-3c4e0b99d010
.smaato.net/ Name: SCMrise
Value: 22379858bd
.servenobid.com/ Name: pid_309
Value: u_999cd69a-554f-47ce-92ad-a944415cfd39
.smartadserver.com/ Name: csync
Value: 127:AAIrHE7NdkwAABeoiAE-dg|147:2b0f3c79-b8ac-4f8a-b294-e845f3fad1cc
.media.net/ Name: data-ris
Value: {{APID}}~~25
.spotim.market/ Name: g50
Value: 8433293207319255994
.smaato.net/ Name: SCMinmobi
Value: 22379858bd
.tribalfusion.com/ Name: ANON_ID
Value: aSnvvvN3IdaSIdwFTgVRGtyJSMbZcrQebylZaIZaW28UtQVQhKNYaisHI3mjbd1wH9cKvkZcqVjA5YNVZdmWb8hIiBZcEZb306AvZaHaB0IWyJ0pbMjZbXv6Q
.owneriq.net/ Name: p2
Value: oxc
.owneriq.net/ Name: oxc
Value: 1
.mxptint.net/ Name: mxpim
Value: R33646_11A2FC3A8_ACB80CA.1.000000000000000066BB263D000000000000000066BB263E
.dotomi.com/ Name: DotomiTest
Value: 395fcfc4c1491209
.adsby.bidtheatre.com/ Name: __kuid
Value: 23025fb4-d689-47f3-908e-7a4cab62e31e.492755053
.mgid.com/ Name: muidn
Value: o7dd4h6Zjlo2
.mgid.com/ Name: __cf_bm
Value: ydKKiQHWTCrw8aq.IXl2HVzLHyTukakKxCWnm3uOyGg-1723541053-1.0.1.1-L77DQm2veJ588.hRTwOlN_7NU6p_kEdUiv8x7RlKTJ12UtTFPYyLX8.x3YAMe9CgtchAY6M1aBNmJz5wtfpM9Q
.dxkulture.com/ Name: mtuid
Value: 80c7a45f-e5d2-4a52-a8ef-c4b6a5147873
.id5-sync.com/ Name: id5
Value: 4af69397-7cf1-7cf5-818a-e67c99b3cc38#1723541051525#4
.blismedia.com/ Name: b
Value: 66BB263D5BBACE6F98E5957FBLIS
.pubmatic.com/ Name: SyncRTB4
Value: 1724112000%3A2_15_38_223%7C1724716800%3A8_176_21_220_54_81_254_5_56_71_165_13_264_267_240_178_55_231_46_99_7_104_249_22_250_166_266_234_48_3_233_96%7C1726099200%3A224%7C1728691200%3A69%7C1724371200%3A63%7C1724803200%3A35
cm.mgid.com/ Name: mg_sync
Value: {}
.mookie1.com/ Name: id
Value: 10603443850573356705
.mookie1.com/ Name: mdata
Value: 1|10603443850573356705|1723541054085
.mookie1.com/ Name: ov
Value: cbe83da0bf9f0d8ecb9b575977e697f1
.admanmedia.com/ Name: admtr
Value: d45b7196-db2b-499c-96af-b63563bac771
a4p.adpartner.pro/ Name: apuid
Value: 8f6d3737-bb50-4233-9df1-ec6cd7d2b3c2
.ortb.net/ Name: lluid
Value: 1d621a57-869f-9e9e-1e64-f1ef6c01cee4
.ortb.net/ Name: llum
Value: eyJzaHIiOnsiMSI6MTcyMzU0MTA1NDEyN319
.pubmatic.com/ Name: PugT
Value: 1723541054
.e-volution.ai/ Name: v_red
Value: 378
.ads.stickyadstv.com/ Name: UID
Value: 5cab532785e117d2d953dbfd2cf7a8aa
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpbm1vYmkiOnsidWlkIjoiSUQ1LTEtY2JmMTllOWQtMzc4YS00YTZiLWE5N2MtM2M0ZTBiOTlkMDEwIiwiZXhwaXJlcyI6IjIwMjQtMDgtMjdUMDk6MjQ6MTQuMjE2NjUwNDQzWiJ9LCJydWJpY29uIjp7InVpZCI6IkxaUzdVOTBGLUQtNUhTSiIsImV4cGlyZXMiOiIyMDI0LTA4LTI3VDA5OjI0OjE0LjIxNjU4MDUwMloifX19
.demdex.net/ Name: demdex
Value: 53199201776405219810568712511139930560
io.narrative.io/ Name: io.narrative.guid.v2
Value: ce763400-5955-11ef-82f8-00000a0ffa4e
.dpm.demdex.net/ Name: dpm
Value: 53199201776405219810568712511139930560
.spotim.market/ Name: a307558
Value: 8f6d3737-bb50-4233-9df1-ec6cd7d2b3c2
.pubmatic.com/ Name: DPSync4
Value: 1724716800%3A258_262_235_228_219_236_261_259_245_256_201_260_263_226%7C1724112000%3A252_265_253%7C1723593600%3A255_248%7C1724544000%3A257
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1723562654376
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5433-2!5433-3!5433
s2s.yieldlove-ad-serving.net/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpbm1vYmkiOnsidWlkIjoiSUQ1LTEtY2JmMTllOWQtMzc4YS00YTZiLWE5N2MtM2M0ZTBiOTlkMDEwIiwiZXhwaXJlcyI6IjIwMjQtMDgtMjdUMDk6MjQ6MTQuMzE3MTQyMTI5WiJ9fX0=
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-SE60Mx8wC92AuHDiPia7Zg&KRTB&23557-SE60Mx8wC92AuHDiPia7Zg&KRTB&23586-SE60Mx8wC92AuHDiPia7Zg
.servenobid.com/ Name: pid_323
Value: LZS7U90F-D-5HSJ
.e-volution.ai/ Name: v_usr
Value: 440ddcbd-a627-4fcd-b87b-87a042a520a5
.lijit.com/ Name: _ljtrtb_58
Value: 20AE8506-B39B-4ED3-911A-D0EB0876E76D
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: lvceqcmjg1m1rll0kqyd152v
.socdm.com/ Name: SOC
Value: ZrsmPsCo8HoAACVvNHMAAAAA
.rubiconproject.com/ Name: audit_p
Value: 1|tcR/wBEzWcKaTDMS5xNLLaS5Bv7H1ouoxdnNVF8ci15VWvMfzQiW6dSurpqMyFGc/F95L21H5i7xY+5U2TnBBbMb8+MtGZAxzG6FmltYou0+VThB4EOM3tzpQ7vzkXQ/
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcKaTDMS5xNLLaS5Bv7H1ouoxdnNVF8ci15VWvMfzQiW6dSurpqMyFGc/F95L21H5i7xY+5U2TnBBbMb8+MtGZAxzG6FmltYou0+VThB4EOM3tzpQ7vzkXQ/
.fwmrm.net/ Name: _uid
Value: umeb851_7403706402735367483
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: s015dcotztgf1cmlbm0lbrab
.ib.mookie1.com/ Name: ibkukiuno
Value: s=43095075-ad5f-44d5-8cdd-b8bf7a6b6442&h=&v=0&l=-8584780658307262724&op=&hl=0&vlu=0&tcs=1&dcc=-8584780658307262724
.ib.mookie1.com/ Name: ibkukinet
Value: 646215242=-8584780658307262724
.onaudience.com/ Name: done_redirects104
Value: 1
.semasio.net/ Name: SEUNCY
Value: 53CAF097A1795689
.onaudience.com/ Name: done_redirects109
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umeb851_7403706402735367483
.ads.stickyadstv.com/ Name: MRM_UID
Value: umeb851_7403706402735367483
.audrte.com/ Name: arcki2
Value: 7e4Khk0NhjPRaSa3Br5NdvWwA!20220908!1723541055019!ip#38.132.118.74
.audrte.com/ Name: arcki2_pubmatic
Value: 20AE8506-B39B-4ED3-911A-D0EB0876E76D!20220908!1723541055019
.onaudience.com/ Name: done_redirects282
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 9d726017-cca8-4359-9a78-959ca9a44b9a
.lijit.com/ Name: _ljtrtb_92
Value: 5740716073175427095
.onaudience.com/ Name: cookie
Value: 2b92c9b8d28bc46f
.audrte.com/ Name: arcki2_ddp2
Value: 7e4Khk0NhjPRaSa3Br5NdvWwA!20220908!1723541055298
.audrte.com/ Name: arcki2_adform
Value: 8433293207319255994!20220908!1723541055362
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAIrHE7NdkwAABeoiAE-dg
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEBS7kBfxuKUG8p6x1WdeGbA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 13
.criteo.com/ Name: uid
Value: ba61934f-3602-4d22-b069-025109161efe
.servenobid.com/ Name: pid_369
Value: 80c7a45f-e5d2-4a52-a8ef-c4b6a5147873
.rlcdn.com/ Name: pxrc
Value: CLnM7LUGEgUI6AcQABIFCOhHEAASBgi66gEQBhIGCLjrARAEEgYI88IrEAQ=
.lijit.com/ Name: _ljtrtb_85
Value: AAIrHE7NdkwAABeoiAE-dg
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-FgRsl8BE2oMxn3mejpzuaW9EjrwDMb798q9RN_uo~A
.pubmatic.com/ Name: SPugT
Value: 1723541056
.rlcdn.com/ Name: rlas3
Value: dTXNyZb/SdG2ewCEhKDA8zYKmgTIUQAwH0HTyEFQeWs=
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 5740716073175427095
.lijit.com/ Name: ljtrtb
Value: eJwtkF1LHjEQhf%2FLXjswyXymd8m7WdRKtYqg3mXf3ZW2SMVCay39781Kyc1kzjPnDPNniMOHIRSnA1Hwg1fOGUv14GUqeijj5HUaTgbxzkXM1QUVCqUCXEeCFEKGEWtBN62mY2cDUocvr25b4kWPyshR2JBa3DZc5k1dt2Br62zU3Tcaz8QOqNqAkyvMtBqsHBDFJekqu%2B%2FOmrSZ2tZAYmBgnQWaLg4tcrT%2B1iAKqvMclRKICO0p1ifTYlExGByPzYFJEqRmDknSsaXGPKf2vv0ew0bKHjR0lcyV3Lvm2KWLhxu7TTjBCHJ6c97baT%2BiGKMFRaNg0nfBJO%2FJpLKn%2Fy%2B6h%2FRfzmcvp9U%2BLd9%2B5VzW719yheWxq7yfTie%2B%2B335ul7%2F%2BPl2V%2BnMptf7p4vn68%2FnX98O%2BHHVwOkKn5%2BGv%2F8A3LBqCw%3D%3D
.id5-sync.com/ Name: 3pi
Value: 2#1723541052650#1904262004#5740716073175427095|264#1723541052038#679932208#9d726017-cca8-4359-9a78-959ca9a44b9a|203#1723541055887#1495205855#ba61934f-3602-4d22-b069-025109161efe|108#1723541054536#-1781232844|429#1723541053931#638895571#20AE8506-B39B-4ED3-911A-D0EB0876E76D|434#1723541052384#287648973|441#1723541054743#230502092#u_999cd69a-554f-47ce-92ad-a944415cfd39|1241#1723541056099#1131249393|1242#1723541056312#1131249393|155#1723541055119#196294492#AAIrHE7NdkwAABeoiAE-dg|124#1723541053150#-1728557346|796#1723541054328#-2064871528|1245#1723541053451#1131249393|1246#1723541055331#1131249393
.w55c.net/ Name: matchfreewheel
Value: 5
.spotim.market/ Name: g76
Value: 20AE8506-B39B-4ED3-911A-D0EB0876E76D
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: BrotW24q1SDNLd5
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcyMzU0MTA1Mjk2OCwiMjQiOjE3MjM1NDEwNTM1MjUsIjQ4IjoxNzIzNTQxMDUyNjI3LCI1OSI6MTcyMzU0MTA1NjUyNiwiMTciOjE3MjM1NDEwNDk5NjcsIjM5IjoxNzIzNTQxMDUyNjI3LCI3IjoxNzIzNTQxMDUyNjI3LCI3NCI6MTcyMzU0MTA1MjcwM30
.ads.stickyadstv.com/ Name: uid-bp-25522
Value: 75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553
.ads.yieldmo.com/ Name: re_sync
Value: pp%3D1197743%7Crc%3D1197743%7Cunl%3D1197743%7Cb%3D1197743%7Cc%3D1197743%7Ct%3D1197743%7Ctapad%3D1197743%7Cpub%3D1197743%7Cdv360%3D1197743%7Can%3D1197743
.servenobid.com/ Name: pid_316
Value: 20AE8506-B39B-4ED3-911A-D0EB0876E76D
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIvLLyhvfgnT0QBRIXCghwdWJtYXRpYxILCNiCvor34J09EAUSFQoGY2FzYWxlEgsI9rPmjvfgnT0QBRIUCgV0YXBhZBILCO7FkpD34J09EAUSFgoHcnViaWNvbhILCLyolp334J09EAUSFgoHYmx1ZWthaRILCIyiybv34J09EAUYASABKAIyCwjU7a7zjeGdPRAFOAFaB3lpZWxkbW9gAg..
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22e3358483bc%22%2C%22f%22%3A1%2C%22ts%22%3A1723541056703%7D%2C%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1723541051077%7D%2C%7B%22p%22%3A%22f46c881bee%22%2C%22f%22%3A1%2C%22ts%22%3A1723541056703%7D%2C%7B%22p%22%3A%22632381c622%22%2C%22f%22%3A1%2C%22ts%22%3A1723541056703%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1723541053284%7D%2C%7B%22p%22%3A%226f27415d53%22%2C%22f%22%3A1%2C%22ts%22%3A1723541053284%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1723541053284%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1723541053503%7D%2C%7B%22p%22%3A%22a3ec099f1a%22%2C%22f%22%3A1%2C%22ts%22%3A1723541056703%7D%2C%7B%22p%22%3A%22f5b8438f72%22%2C%22f%22%3A1%2C%22ts%22%3A1723541053503%7D%2C%7B%22p%22%3A%22baebe6454b%22%2C%22f%22%3A1%2C%22ts%22%3A1723541053503%7D%2C%7B%22p%22%3A%224ef5c9a86a%22%2C%22f%22%3A1%2C%22ts%22%3A1723541051077%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1723541053284%7D%2C%7B%22p%22%3A%220f90caf3cf%22%2C%22f%22%3A1%2C%22ts%22%3A1723541053503%7D%2C%7B%22p%22%3A%22162dbd77b3%22%2C%22f%22%3A1%2C%22ts%22%3A1723541053284%7D%2C%7B%22p%22%3A%226db3fb8a85%22%2C%22f%22%3A1%2C%22ts%22%3A1723541056703%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1723541051077%7D%2C%7B%22p%22%3A%2295c591d034%22%2C%22f%22%3A1%2C%22ts%22%3A1723541053503%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1723541051077%7D%2C%7B%22p%22%3A%22cf4d6e49b5%22%2C%22f%22%3A1%2C%22ts%22%3A1723541051077%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1723541053503%7D%2C%7B%22p%22%3A%225cb91279ed%22%2C%22f%22%3A1%2C%22ts%22%3A1723541056703%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1723541051077%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1723541053284%7D%5D
.ads.yieldmo.com/ Name: ptrc
Value: CAESEDh25pPScpoVUtqLKXOSLpE
.ads.yieldmo.com/ Name: ptrt
Value: 9d726017-cca8-4359-9a78-959ca9a44b9a
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1t1g|4is.0.CAESEHBJtEFFQJC0RtPbiMhEVfY|80p.0.1|7TZ.0.1|7LJ.0.cb9aafa1-bfe6-44b6-af4a-589a78bec437|2N.0.AQAHneQ7xle2NgIbyR1HAQEBAQEBAQCQSgxVdAEBAJBKDFV0|7bq.0.1|7dN.0.AAIrHE7NdkwAABeoiAE-dg|8i8.0.1
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1t1g|4is.0.CAESEHBJtEFFQJC0RtPbiMhEVfY|80p.0.1|7TZ.0.1|7LJ.0.cb9aafa1-bfe6-44b6-af4a-589a78bec437|2N.0.AQAHneQ7xle2NgIbyR1HAQEBAQEBAQCQSgxVdAEBAJBKDFV0|7bq.0.1|7dN.0.AAIrHE7NdkwAABeoiAE-dg|8i8.0.1
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240813%22%2C%22149%22%3A%2220240813%22%2C%22142%22%3A%2220240813%22%7D
.go.sonobi.com/ Name: __uir_eb
Value: 219070201462410032
.go.sonobi.com/ Name: __uin_eb
Value: CAESEHKTYt4p5Tdj-_aWjzdFaAQ||1
.go.sonobi.com/ Name: __uir_bs
Value: 219070201462410032
.go.sonobi.com/ Name: __uin_bs
Value: 75ab3afa-5214-46b5-a6d8-a2427272e156-66bb2639-5553
.go.sonobi.com/ Name: __uir_pp
Value: 219070201462410032
.go.sonobi.com/ Name: __uin_pp
Value: XrIgtp7oqH9V
.go.sonobi.com/ Name: __uir_if
Value: 219070201462410032
.go.sonobi.com/ Name: __uin_if
Value: 6a8a66bb-263d-4e00-a2b4-8c6d67dd8cf9
.go.sonobi.com/ Name: __uir_st
Value: 219070201462410032
.go.sonobi.com/ Name: __uin_st
Value: zHkEbz5_WpRiKy-t28ZjNCaEdko
.adtelligent.com/ Name: g76
Value: 20AE8506-B39B-4ED3-911A-D0EB0876E76D
.pxl.iqm.com/ Name: ttacross
Value: MTcyNDc1MDY1Njg4Mw==
.adtelligent.com/ Name: g50
Value: 8433293207319255994
.adtelligent.com/ Name: g142
Value: 3665426501524238000V10
.go.sonobi.com/ Name: __uir_zt
Value: 219070201462410032
.go.sonobi.com/ Name: __uin_zt
Value: 2018808924740174545
.admanmedia.com/ Name: ac_r
Value: CS208|CS181
.adtelligent.com/ Name: g58
Value: 212740879486214
.ads.stickyadstv.com/ Name: uid-bp-25746
Value: 3b73fd54-5fed-4fd7-8d02-edfe7aa310c3
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd984cSWCb2HtjKBXstsjZFAa15UVHu0vMGULyy6vbq0n-O0mgvk0DbJJLVRz8IsrMC4Q2
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmRsamJoYGpsYGy0C4lvaGlqsIoFiW9kavBKDME3s7S0PCWOpN_MyAIAmYEXDlAAAAA
.ads.yieldmo.com/ Name: ptrb
Value: c68d9ab6-6388-4d43-b5a7-239671ad7d84
.a-mx.com/ Name: amdt_t
Value: p::1723541057065
.a-mx.com/ Name: amuid2
Value: 607a9dbd-b379-4996-81c1-30d36ad33e0c
.rtb.mx/ Name: amdt_t
Value: p::1723541057427
.rtb.mx/ Name: amuid2
Value: 607a9dbd-b379-4996-81c1-30d36ad33e0c

3 Console Messages

Source Level URL
Text
network error URL: https://cdn.krxd.net/controltag/r7o3vzlr6.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
network error URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsonobi
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

17d6e16423fe4184bd12-27077f269a6e794fab2c2ee00760c8a9.ssl.cf2.rackcdn.com
814824ac51e64b4abcaa-cffb1f8b6941251295ee20eefbd7d321.ssl.cf2.rackcdn.com
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com
a.ad.gt
a4p.adpartner.pro
a9a1263f9caafb223a0e-ed6332b96e149fbe46aac9e4618971f3.ssl.cf2.rackcdn.com
aax.amazon-adsystem.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ads.avct.cloud
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
analytics.google.com
ap.lijit.com
apex.go.sonobi.com
api-2-0.spot.im
api-esp.piano.io
api.btloader.com
api.intentiq.com
api2.post-gazette.com
aswpsdkus.com
b5b2446c1fd38d2daed2ae03f2fa7775.safeframe.googlesyndication.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
btloader.com
buy.tinypass.com
c.aaxads.com
c.amazon-adsystem.com
c2.piano.io
capi.connatix.com
cbdf5d4f9ce42ab1d77be4c58877683e.safeframe.googlesyndication.com
cdn-ima.33across.com
cdn.civicscience.com
cdn.cxense.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.krxd.net
cdn.tinypass.com
cdn2.decide.dev
ce.lijit.com
cm-x.mgid.com
cm.adform.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
d-code.liadm.com
d.post-gazette.com
d.turn.com
d2zqfs55y95cft.cloudfront.net
data.adsrvr.org
datawrapper.dwcdn.net
de.tynt.com
decide.dev
direct-events-collector.spot.im
dis.eu.criteo.com
dt.adsafeprotected.com
eb2.3lift.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
ghb.adtelligent.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
hb.openwebmp.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.cxense.com
id.hadron.ad.gt
id.tinypass.com
id5-sync.com
ids.ad.gt
idx.liadm.com
image2.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
jelly.mdhv.io
launcher.spot.im
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
onetag-sys.com
open-api.spot.im
ox-rtb-us-west1.openx.net
p.ad.gt
p.rfihub.com
pa.openx.net
pagead2.googlesyndication.com
ping.chartbeat.net
pittpostgazette-d.openx.net
pix.spot.im
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
platform.twitter.com
player.adtelligent.com
player.aniview.com
player.spotim.market
postrelease.com
prebid-eu.creativecdn.com
prebid.a-mo.net
proc.ad.cpe.dotomi.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
public.servenobid.com
publisher-assets.spot.im
resources.infolinks.com
router.infolinks.com
rp.liadm.com
rp4.liadm.com
rt3004.infolinks.com
rtb.gumgum.com
rumcdn.geoedge.be
s.amazon-adsystem.com
s.ntv.io
s0.2mdn.net
s2ssc.aniview.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sghb.spotim.market
sli.post-gazette.com
ssc-cms.33across.com
ssum.casalemedia.com
static-cdn.spot.im
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
sync.1rx.io
sync.adtelligent.com
sync.aniview.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.rtk.io
sync.spotim.market
sync.srv.stackadapt.com
t.trafmag.com
tags.crwdcntrl.net
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
us-u.openx.net
vid.vidoomy.com
www.civicscience.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
www.post-gazette.com
www.queryly.com
x.bidswitch.net
ads.avct.cloud
cdn.krxd.net
jelly.mdhv.io
pagead2.googlesyndication.com
s.amazon-adsystem.com
sync.rtk.io
vid.vidoomy.com
www.google.com
100.24.111.98
104.16.143.111
104.18.176.126
104.18.223.248
104.18.7.198
104.36.113.112
104.94.116.129
104.94.117.85
108.138.106.56
108.138.115.149
108.138.128.34
108.138.64.85
13.35.93.5
130.211.23.194
137.74.6.209
142.251.16.105
142.251.16.106
142.251.167.155
142.251.167.156
142.251.174.138
145.40.89.32
146.75.40.157
147.28.146.89
147.75.195.77
162.19.138.117
162.19.138.118
172.217.222.157
172.240.45.70
172.240.45.75
172.240.45.78
172.240.45.81
172.253.122.155
172.64.151.101
172.64.152.89
172.66.42.247
172.67.155.215
173.194.207.148
173.194.207.97
173.194.66.132
173.194.66.139
178.250.7.11
18.160.20.121
18.235.181.156
185.184.8.90
193.200.65.5
198.148.27.131
198.8.71.131
2001:4860:4802:34::181
207.65.37.179
208.103.124.64
208.103.124.87
208.103.124.88
209.85.144.156
209.85.232.154
209.85.232.157
216.200.232.249
216.219.92.22
23.212.248.20
23.212.249.74
23.215.0.43
23.227.146.18
23.227.151.194
23.227.151.242
23.50.124.22
23.62.164.208
2600:1408:c400:780::268b
2600:1408:ec00:1f::1735:23c8
2600:1f18:1aca:4282:e19:1ba3:b531:d604
2600:1f18:730:b150:12d9:2b5:9ece:c551
2600:9000:2073:7200:f:c7b3:ce40:93a1
2600:9000:2073:d000:8:48e:53c0:93a1
2600:9000:2073:d600:f:c7b3:ce40:93a1
2600:9000:23cb:2a00:1c:2afd:fb00:93a1
2600:9000:247b:ea00:3:7df3:55c0:93a1
2600:9000:24f1:e200:18:1fcd:354:4b41
2600:9000:2511:4e00:4:b37b:9440:93a1
2600:9000:2511:9e00:7:aedc:4e00:93a1
2600:9000:26fa:a600:1b:6b7d:2300:93a1
2602:803:c002:200::32
2606:2800:21f:c274:341c:8ae0:45ce:f2b1
2606:4700:10::6816:19f5
2606:4700:10::6816:3456
2606:4700:10::6816:36e8
2606:4700:10::6816:445
2606:4700:10::6816:4ad8
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:20::681a:246
2606:4700:20::ac43:4731
2606:4700::6812:a07e
2606:ae80:1471:16::820
2607:f350:3:2569:0:10:0:200c
2607:f350:3:2569:0:10:0:a
2607:f8b0:4004:c06::84
2607:f8b0:4004:c07::65
2607:f8b0:4004:c07::84
2607:f8b0:4004:c07::94
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1d::5e
2607:f8b0:400d:c02::9d
2607:f8b0:400d:c09::9c
2607:f8b0:400d:c1d::8a
2620:112:f008:200::101
3.162.125.71
3.218.120.1
3.218.85.192
3.223.73.16
3.224.111.103
3.224.185.54
3.226.55.46
3.232.184.20
3.233.130.32
3.84.48.98
34.111.113.62
34.149.139.129
34.160.158.95
34.230.157.150
34.36.214.49
34.36.216.150
34.96.70.202
34.98.64.218
35.211.178.172
35.244.159.8
35.244.193.51
35.71.131.137
37.157.6.232
44.193.57.62
44.209.159.194
45.133.44.4
51.222.39.185
52.223.22.214
52.36.224.135
52.37.26.15
52.4.115.89
52.46.128.147
52.54.28.112
52.7.252.0
54.152.171.142
54.158.148.215
54.173.65.180
54.242.231.86
63.251.28.231
67.202.105.24
67.202.105.33
68.67.161.182
69.173.146.5
69.173.151.100
69.194.240.11
69.194.240.13
72.44.56.160
74.119.117.6
8.2.110.161
8.28.7.83
99.84.108.32
016a5a4e2dde17caee322f77f1d3af2a69c95d884d06b1239dad5ef2d6c511a0
02c8aca24a587a488a3ecb8362f64042b3279812ec4eed71b7f8aec00a816c37
03ad63b67e39543c0590665f1d067a5c210814126327134b2716b04ab997cbc9
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06dd1393b4c347bcb6ed5207cec21426172bc354e3a72ca86f5335c4da197431
075730452047fcc98c8833819ad04ef6f38a3b495cdcc79c31d37d6b85ec1b8d
08e714abec87b168895a69e8c3f6345c5dd072c28caeefbde3b6bf992ae2b873
0950a1f69cc36f07199cbd0a7e9b8540451465f93c4f52a5103252e762d62996
09c6551b6e29be719fcc57c245a014b9e0449da9982823ea77dd5dd3266ffd81
0a51b3d6f786f8c89035d2d9ee6859bbd7e82e061b2edabedcfd8193b33ed970
0b49b3bab11860bfb50b483bfd8c4d7725d63de8b3ed5084c6c24d0f11f075a5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e92f6edcb4a01166bcd35a9ca9fedf65ac34a2c400a61e63ae6aedf8cd5a4ba
0fe54e4560d2a024a59fdaefd81d8037df63b48df306b5849e1cdd9ec9a153c7
108aeec86aa00a09dfaca605f722e937d64c9e51d82a64509cc3b9b9dbbf7a84
11286005be0144048b40410234094e5ca25a55a987d088eba6d0e5426a0d52ea
11a05cebe83d23d214e7bf6d4c253f41dd6103d2fe27fc590d6b3cacfc68cbbb
12d1007d1592034801478677813f28a6135aaae5a1dc913d99137d59e486124c
13aaac2e4d4fe5b8b373eb281ff060391254168b225e59e008740ec62e28e060
13f9d9858a73bad5783ae3194c61824257df4e74aa0a444fcf8138e37d48efc0
161e2553e1a3ad74f546872f5ae1cad8ce9fd768afeac9053e881e6a7726b6da
16978e6c0760af749bd7c9f133db7619e65c889d70d3d17bec43113a1482fe9f
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
19256d0c7f647ac7dfd1e4cd57e90fa207bc3b53b2240584735fe5ea008ef130
1a3e65c49c0259dfb4c5224fb96cad7393ff5e0914a56f163c540e27272f39bb
1a86733efabd7a2d7c2ee6695efbcdb26dc6d9010c60b716f629e5a8df70e0fa
1a9c4d889ff3d8d22b2666621ec03e7e198baec397d7e82766b91d4fffca291d
1ce6e5150e4f2d8421181b85a0f04d8cb44522e028bd852ced5396552c483551
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d4bd9612b977faa9680ee1934b96a4088870e15d289ed65487c9f521c14b7e2
1db69144fc87015e0613966d8cd5e7cf0698215cab367841bbcba68794c46c33
1fb6ae105245e7e057457293c5a1ddebcdb4106fac2845504ca12f14f075f017
202a795ca602743858b55222bf35e1a3ec1c453b394cfaa890c53229fbdb488f
225f4a0f4679a418e927c0272ddb0bf2ebe1b6a34ad8d8f7591b00649cb403a9
236dc365fe03d4bd1e43d7961594a56ac474806ec07472418ee0c81ec63bfdec
23cc5517f6d75f2966154c3289b36b4f274000f14865a13210ca149e57831d67
23fbe6641d2a507b4f0e74823f22f2d8d9ccf2d8650d7012874152c9883102de
24557d1dcf4ead9574be412a3b2e3838b84183e1a7cedec99a89113da88a2c8a
257f5684305e27f8f79fef182441ab367706fa2114f0db16857663c085c96ef2
268ab5c475d1d25ec854f444b4e03ef8940354b20781d36fdc971451ab15f79d
2bebdff9a8d14a584340d840172e79de24abef6002d3ee18f155d108d9b62039
2c59e2923a5d2bbe5db8ebbe7a0be9719c48e33ec89592c87436ecf1b4c311df
2cf720c31abb3fd8fbf07f96811241d6d73b4276fbaa76d329a8e8b8f62b3b79
2d137d91849c2ca2c02ab31cbc51007577cec260320af9bdac880e5a93619139
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e87b7a564229397c7dacff189c89ef7278417d4e5ca18b955b15858cd0ca851
2f35e8130ccdd6689e915a8c566a22294db74bc3ab25db1f64b517c98ce32034
3142a9f1a95629caba54e4c4e7f0e83a0da9977f3bf58fafa2c1d9368d8a2dec
31861d2a608fcb9daea58ae727d82b687cd876df26ab2cc76012fd78465add98
321048899d0a34319fab807ba4a125e36121f992725af98d2892cb85c9b63e96
34e2d9f8df5271137f3cd95ace8ff8e0afd3fbadb43a2f98858f840fcf8249ee
34f7c9de569e46fb684203fedde51051e61eca8765a61deccf1d521572a6b41a
387c32aa463693988f1bef965a815ad469526de7e8191631afbe77fb6049d5a3
39404f14d7cdfe5585c860ecd69a8dfc8d857cd03feda8e8a0582b6e6a403baf
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3ad3d91f5676b35007c460226e958e389064e2bc5de5e5f3f221226c424d0a59
3da29b22e01610a8d52a9018fd9d5db6f182d50d98538e7513f20e0f15bc21d2
3fa942a8fc4eddc7159a5244d8cda3843b59b36d18e7c2359653e94f5f27d4b6
3fe5cf3ef4b0faed679fdd770fc0969dee050f2725b19389b38f2f0b728ec2c1
40a80416d016cbfad0b932ab1f03f41ca8ad1cd2b054412a754faf6de1cc309c
427151291b3678ce285c30fe74de6d733f45bdd9395044fd753ae9e057b66f62
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43a588bcdebf5f7c11e13af01fd7b9ddf5b6c480254fe8fb31dbdfaeae6afebd
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
469b20e8c4563baef08f32e079c54fc4ec031b9340bc6908b07c13ed416990dd
482775b239d3fe128357683b05f72f0d1a31de9cb7dcb48e5c320f946433d124
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
491ce1be0179447a6141cd980525acc25efe2124cd42105bd8b2b3d85b720432
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4b45bdbf750c305208e17ba6044c938c0d147a9c41b5a1082fffa748ff11a5d3
4b69a3f605576e2a0cdb6abd74d3efdf893c4b6124ace390559d62437b9553d7
4c60755d4228e3e0816d4243f5bbb2ffef2a9023beb6e9db13ecf4c4401bd445
4d20e34d7517ba277214444e8f314c7b75141eb1979493453252daa941808ab7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd8d089c70d641815be47399cba8cd300e848be040b0f5f05c988d8242256e4
522f46a0502ae9d16e50e596c08957570a6f4f7539f71c707c7c50f64168f130
52bdfce2ed01329796c0cf1be117c8942eb578abbb221bc0f4b5f796f152b0fc
53ee4326c2618ae7f618b7f5221eba6ad6b4ed1480e83566bdfd4446ac297062
548af1cd3ef641f32f6ed13c6a09a9ae78e446dc3140d0ac1ccc4ba40bb058cb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558c89a27cb258d9de98f7715aa9c3bdaa78d345a5fe3793b7a6aa75fbbe5fa7
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5ba8d3197e67210261cd0e171d4cca5f7738a30265e3eddbe6779db2cc8e27d5
5c8831205839dc185f397704ef97c8622de4d36900f1389fc6bc9311a50aa067
5cb5bb12f14018bbe44f2718091ebf346bd74dad71fd986ec8ed23443172b8cd
5fe8c68f318aa1e9cb2cfe4be20519c3f7bf75564b9ba3e9822e0d93fe4b7491
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0
6076e858a3b3c9f4f7c98d54e01a2ea34047605d1783d043fd2719e106a3bfb3
6116ed1dab3ec90e30b3f650dee455a7b4813e3b357766d6e1857a9326cd699f
612300c91b7fcfc7e5738ab96a2d841d6d3580714bcb610701ff02ec51e8213c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6332cc8c2644133128d9a6a7efe4941d2306b2d0287079146e731212859b2a8d
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
646f66b5563801fcabcbb902770beff9af51e2b6cf742c429c1e496f55c8b5b1
6583747849b0713b2ac545a79548287d1e1ba0d13ae91467a097c9ce70a65313
664ea793b11d14b85e39c167d3404271735a2bae369aa89881c3dbb62510f9b9
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
6785f39cb0399f6e84c3869dd1f8ef43ca0d16e3a3df2ed81b9043315bc60f9c
67b73e30fc4ae2cdb5ee2e87bd9928b747ed8c066f0d56cc38ae1612a61915a7
6906fd2e391672861423e774fda56680b843ee5b340538b7d4aea30a9b59d592
692a71adc08aff8979931b1d55d37df3de5278cf50193de9c293acca77a1295b
6a55b8b8d9c3beb34b656a96423568fdcdc31de5df17f787a144e63f68f207a6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3aad2ec7306549d14688d9ce1b8ec296a648d85749b7dc6703062d37de517e
6edc07cac2192c4e4e179e8466ab805e728444ad00ee4f72e51425020da1d78f
6ee91d845ec40ad7dc93b7463cac7bb9f4aaa8c3753d66ab95a985da985a0ef2
6f5d317d097e89e8d040ac05932e166ca0b24606c27b2b23adbf225d50ad4379
7017f3c81840b62cb3f98d628194f325300ab7d7506d70afb57104c8dca7f341
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72f25780038f8580b5dcb37ab14c6abce7cc1194700caf81039e21eae05768ae
736c49e35b78620c056fc87abba205e5d48303aaef09f2509c04af57ac28f341
76df23d390e160bb7e14e859339c5ff7ae7ea804a56b7bb4f558e9e65793549a
77372a5ab6c3a6655fcd320a0666e3772f3db6fa1b42cd08345cfc34467d4ab2
77912b3fa92f01b800a783a3f943f7a27e516cee63f353e271d89322054d7426
7894e33e29b2797a86247aaa0870128969e5e7b23dfcaa561611fb83fd399a8f
793cf312ca8b2b5fb9b55bcb3d4e6739371370b46ca47849023895768cec1c12
79e4d691918241a2a556cd06ab7f3af4f8f17fcba8c8c9d11bc54f3a23237282
7a0502b2b1b3dd16ac2eb007be8417bbd5b3b08034316cb5039faa7cff833749
7adedc362a799da2168fec3a6b8ee1d705edbcbebb4d2fbf456af1f575a2ecae
7b569290431226feb6f786c85a1a2b6a8a5b6ffe26495220294dad09d455f65e
7b86147e5e6d7613ed33c1d5bd8ccc02ca40ac901ece648a140f4930ce530008
7bd082e6496749c296216e6752deb48d7a8449ea27bb32024d7ba06b3b948d87
7caa9c706169a8418230f53f329ec3b9c1624567d4f21542282d4c42a262c834
7fc93a50358a0b0dcd4eb255f276cb9970df4af8971aa6b9af67fede18d07747
80b882252dcc30607c6edf4d75067c4dda5b20424c003e9f1cb083b64edb8183
81180adbd3a691c2e946317340e4c3ea803b8db3fa4d3cc83b6b6a647594ee0e
8136d988e1983b07ef2ea49046cbe860073af83aa5eec5446b47dadb170523b9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8422d6185eb88db7e74dbe210cf91d91a8444d8bc583e43682b029efef0aaf17
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
88b8364f33f77089947448e95490a5f9c1409964d1a002a47ebe4ecbba734dcb
89dcc80752b4e5c22316741cc29e3e9fa0c18b187b3aa363a49559f57aeb5199
8a2109359bdda66214d6b40e25551f7a72d197bb481bd9bef936bf79ecdf445e
8cd0e026511c2be4a8cf9543c2df5d4f122046519c78486ad80039bb365f4c2b
8cd4abbbc7149232464311cd835ae0d6f08e321b7cc61d32c75f7d77ff251cf0
8cfc18f3e2203b139b0165736f9a67f3e228a36f4ed080ac1a6c4281aecd9e63
8df7fe823f75f25f7680d4cf3f49e564f65d0b0d98c2ca720355263092de463f
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f60c8e46ff2161132091c8bdaf0628c161918a67a1d65854c21bc6bdff7eb91
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9079ab2d91100534dbc34f33b6b9397b6b681092bcf0c10549609c585173a062
91e48f0c09d671448a48ce9b92d43969cf07a300309889a25d9c318b8b62c3fe
92e1d06632bb2f3b6dfc8ed6ab4ccbab51b5cfeae08794adcc34ff4cdd691268
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
9411ab12b8dd65ce03ea7e1c62557fc2d1eaa1d5d1493609a14a2e29b8342918
959a00f0d45d924c883fb0bab357e49c5cb75e7124b8d803221f863968aa58e9
960603c192f089e4e52a45730d8c4f289853babd8596a1e6fcfbb0000230c401
99583f2f321c998a91bdd0b10bbb619e97da60bad4488f0b4f456820374c109d
99a25061a7ca7b1ea72d55fb4c2eb58fb75d0f709a76d49d72546b86a919acf5
9a4590b824fb6f8d43f7d21d87206676ab548a6d57d65d25410ef42fef8d0a0d
9db9a5a8d328c70b53272d4dff11e298182278108dda394dabac4c79410ec279
9fba020af4befd1f36fc4f9689fd3cd2c2d1528a922ba2f08710e50a6b9817c7
9fdd104bf48196109048818da157448268e709eb8d499608e40a1d6ac0025606
a02b13fd528c3b40e82039b4c49a2c88a2002eca625612952c76a1c6da2c2119
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a126a6e4c86fa17de7f7b9b86f9760c26b5e8e3454d08160a20e9de4d81a8667
a1484bd319628b37710d7135f4fe63282425fd5fbe4da232d59267b42ad00040
a37559016c240c9e9c4571721e79f7a1cf1e170ce67ebceaecc83bf116b94dcc
a4fea3475c7a12df510b6e7fb0f8e5b055f372e1b49241fe926ec5e5fae42db4
a560a3a047d39482377ac1d583ac801806225a42206d1ca5aa82b4c22fe17c85
a6b248954ce016dce0c12d57ae896b35b3b87f8a55b641f493a9df88d688897d
a70a8c0904b390821976e6b966df07347ea122b0ad0d225034adbdd6b1d71087
a7a6e8274ded0719c0f174b8a33ced06d6c9911bbfdf25d1d890168113043167
a8839b848ae8270ec46fc19c989bfef10434f88e857b6781eee3146af1d61f31
a959e598322ff41e089ae64bfdfe960ff78f6aaae391f3354e28f88049cf6085
a99a86ac0b994ef84d740858f6479597d014568f9b98a5b56ba4f8f19604f227
ab651b30a03d6ef88757b92dd46c5c3ae6c446679258eba411b61163443e3db7
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f
ad01782506fffd577b7542b606f44ee9866086f57079eec7622f72467c8c0004
ad948294b356809e1db7bba50d826cd09e38b6c42c3d0a2786a6afeb1ff611c2
af01f0e9cf45adfaf3b81ca7d6daff4e1ffd73ad896b2e21a80d8c0df38cecbc
afcba7f68454a29a0dc6f862ad91044483209a855d5b6ce3eb0190711f51c0e6
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019fedb4f22e4764013e5d6e278755e36a59c9cb7d9af69fe8dec07d769e21e
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b0e9b85d46ad82d760ba767e14b02f8851dfc08173cfb209e6e4a020eec57192
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26
b29027f5e7c5b3374f5530f61e19c89e5915142c4f13223e5f48ddfb1ef76cba
b3c8b33febad0971ac8282970d0df393268f1b0714ab93522707785ef0898b2d
b4672bd8124098a18dbf7b10ff44083ff2f315655a34eb72804a06309c71503f
b4a3a7a64c1d8e0c8800fd9dc205edde084919c99d160685f15df1dfe5450396
b50dddee9ac1839818efe837d84a3210009d6ff043d73ee8cf209edb561a7de2
b524e1414246173464abd8e4802efa91f812bee3b12c34a81ad47f045bcbe1c3
b61e313a0c41d677cb99215e4bb42c9ff724835905a20f75fcbe4ca7f3d97546
b867a211cb979a42dceca553a4bb5353a5e65dd251070e5a15f4f96341d370aa
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71
b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a
b9962eb04391878287c41e863bebd5a15750990c1858413d0582b1a2db624342
ba7ad69beebac1b0f77dd58d076f29fc71aae2d411c0f1aa1011c157642c5812
bb432bc0b5a36383729e54eaaa6cffdef9392688d76b90ed0ea529758e2165f6
bd96de5d1465f9392d8851b4bea65c8057f118698eb117047791d72458d39527
bdd0c58acdaad32ef808553bf980dd1360357c5a2b60a124d47de73b93dece99
be93a82eb368176535ac8c154ddee884802ae81596890fe256cb6a8f49016018
bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2
c0bf6a6e90acac036b43c140df493b5bf2895abe384fe0d74785d2a98997d31a
c1483ad1f88a63620e340e12810771ffaa2060d938c962f5ad4323316ecd7907
c15f81b62af24ccddfad160aee4f35a12024032b8f37a65bd127856f872a50b6
c2c71252eba468ebf859a352e265c06b48cf367c149d876ba4321dccd90969f2
c45fe357168e35c68fca2539f376bd20dc26070e36f2110997a146a93b0028d5
c4a718c125681d1e040a6a7760e26fa960c29ec7ae6a0f7fe367cba26c7ad05d
c662676f9e2f04b510c7d3c54e7e5f0cd9862cc2af36f6c0c1a95379d3ab3a67
c76563c8f20b1649481eeebd0fb59cf154766479d79e15c91dfd105422517740
c8dea9bb1169a9455240a9e7aa6f1f7dd922c7160010eb6f2269acbf4acd5ab8
c933b27d7336ddfbf60583d2f6aeb5e2d4ac5aa9d006aa07b3f9157de998f1de
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caac03d44b74313696f130db25bc137b0a80437119bf0deeec3bd1ad70aad699
cb91d44b4b1deecc952c953de556437e2283fb4a17261ef352cc19ea65f7984b
cbaf38b3746ee2d719cfdb8c9150cd816f8393737251c4bdf8aca4d7e4d45d89
cbcbfe52701a633ff5979a3d07684b866387baf5bbad6aaf86a9ca76e34af959
cc3a41863d92b22799ff23c52e2173e80b13ebc75b9144151ea105cd52b59de5
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d008035e82e3e146b0ac1ad94736d3121d83f326c5a202e6c43bce29ad409e1c
d15c85b22aab703df87858d06f060cf50c9b392ba596babfb88f4e7a9a9d9b39
d1a66e9592e4a4ce8933cedb62ef88280467d7d536f54dc70c6eec14a82ceab2
d29b67a2f26338d0e7efb010a072ec112d29ccfb3e35629ad6cf2c3a639a62e3
d3760200b322482004066d5c2b17f39d790c65cecb5d6b66e38f93a546c47010
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d3e573254f95ff9a37e8b3b91cbee1b95df6171ee1935869d240b9a2b498e5da
d5b1dfbc214ce0ba38703301e3221ee425faf0bed1af426a73a5f093ae1cc1a4
d79e0b8570144cc4526ab88855da2b83e3f83ac8cfed27bf52850b13b1693b16
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da8eed96ea6d0ef6f556da636c8e7dda0d5bceb008498ab90501ae978cabd4a5
dd16d1f33373ad008d0e5897e7185fd176fc36bc2505b28e853c2c1d5900f84b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1ef56745c8a9e21f6b815dec4a97440fc975920d4e7a021ba518f1a9a229974
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3caeec1e3574c6f91c859e52e6b58ded9a21be7db3b71d6738bde23f78beb06
e66b0cf46fd5b859ffe1dca65988cf01c4c2dbc0c7d955c80efea9e2c221828c
e6f461d20263eac7b31c63c73c77950c77bf2a4779ec6f4d6d2431f962a5957a
e7aaa67c0b5e9510e792baae44891ed6df49e38e04449ad08394056789749e60
eadd761b13081aad81ebed56792b18bd1d2b3dd4b79e6fd5d429aaef459897b8
eafd73bf2e1ff78c1a441307c1ea2f1180b5b078bdeb924a5096e1a66fe87255
eb5d732d514782f04a9cbb932542ff83323615e68bb65bace07b05bc76235666
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ec516dc31a72ec6f2d2e01d6a4e5e38d0aa7e6d4e687deaec53e772089a022cf
ec89efd59abbcb1ce9e5178ba249cbc35311bb3a6025ff79037806b8dc8d2fb4
ed53adfa3535c45f020ac21a64dbe1de4746c6fef3cbeab00a4f640f1210567a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05cc8e809336d474eb7167c7c96d6130d376a816607deaf469132d1a4957be8
f072ddb49035ba29c284c98f6a8068124c62170a1d6388fddc698c61cc9a9468
f10d5bdd8d60943848d514b3aa6e7d4d663e669069c8ed946ff4ed262a288a07
f15e81de6a31889ca1d6ccbceaecdf85a14227da03d878e2a2cc91744c53507d
f1a7b71120f52c4c07478cd717b6ecb3ac9c6a38851b84d60b35fc17809be78d
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f280a2e38f285caa8e8e3144daf9e7d8fcc39e5347b6c0b948f8e18773d07571
f32047679c9382ba48e45da832496f9f6cdae54063126b324e84d7aeef0f4cc2
f3d0bb69c14db164b055a09295a44b9b6aeee425003488593ee4e6ae6a5bcf07
f3f12ea3eb5ece4d897feacf70526f8e2dc2894dbea47fb4237e8efe3346ede9
f4073940d3a4bf5b44f2065ad230c41c6f6343bcf04015ab21b5a4ebb64b5938
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
f6b37d9a26cc17821e1d1742371612d3fb56aabfb70167c915dfa5040aa290ca
f80bd049512b884446db797cc3c8193aa1eb91a1f1aaf59829a5c0a8a12eb1a1
f815005c7deb615a25062c41e4de5e83bb22a011f242b6e1085eca32e6c06013
face0dc9f4964097808737b8d198033f6866b8df76c77ceb72438df941670993
fb5fde43d3e46e757bdd4b3b9479f883f0c653600ac3008e58d61c88c01c459a
fb6ce995d494927aef45d6f65f161b2b01f85090507b94c86cfa053873506ffa
fbd6e412b3ec4d174b0a0bc9e7f7762b9c545d6c60b76bbcec7e2f0043a75e28
fcc42ec1f14807eb53a8beaab07f93e1119c4da181da0384213c21b4a1e2236a
fcd871eea694753df07594d0932fe2d8a12fbca75bea30f5b8bf1b4d46a363c7
fcd876a8f2be07904a3dea9595eac8c552272aa2dcac324e73a27976183017f9
febfd9ff912228d0e7d46a08eec423918d568bf479cf7eca22ff9208b88c7766
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995