urlscan.io logo urlscan.io
SecurityTrails logo

www.usatoday.com Open in urlscan Pro
151.101.66.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/ZUv10TUi4A
Effective URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Submission: On September 19 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 99 IPs in 7 countries across 74 domains to perform 277 HTTP transactions. The main IP is 151.101.66.62, located in United States and belongs to FASTLY, US. The main domain is www.usatoday.com. The Cisco Umbrella rank of the primary domain is 13968.
TLS certificate: Issued by R3 on August 7th 2022. Valid for: 3 months.
This is the only time www.usatoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.244.42.133 13414 (TWITTER)
25 151.101.66.62 54113 (FASTLY)
4 143.204.150.76 16509 (AMAZON-02)
5 2600:9000:20e... 16509 (AMAZON-02)
8 2607:f8b0:400... 15169 (GOOGLE)
2 151.101.65.194 54113 (FASTLY)
1 2606:2800:220... 15133 (EDGECAST)
24 151.101.1.44 54113 (FASTLY)
2 151.101.2.62 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
22 3.230.217.116 14618 (AMAZON-AES)
1 23.205.77.192 16625 (AKAMAI-AS)
1 8.28.7.99 62713 (AS-PUBMATIC)
3 6 68.67.160.132 29990 (ASN-APPNEX)
1 4 34.98.64.218 15169 (GOOGLE)
1 3.212.75.214 14618 (AMAZON-AES)
1 69.166.1.15 27630 (AS-XFERNET)
1 54.235.171.148 14618 (AMAZON-AES)
1 2602:803:c002... 26667 (RUBICONPR...)
2 34.227.236.203 14618 (AMAZON-AES)
2 74.119.119.129 19750 (AS-CRITEO)
1 2 8.2.111.122 46636 (NATCOWEB)
1 192.35.249.142 11742 (SPOTX-IAD)
1 35.211.165.199 15169 (GOOGLE)
2 104.18.18.126 13335 (CLOUDFLAR...)
1 199.232.194.217 54113 (FASTLY)
1 18.67.69.177 16509 (AMAZON-02)
6 52.1.29.33 14618 (AMAZON-AES)
3 12 18.165.83.79 16509 (AMAZON-02)
1 13.224.214.111 16509 (AMAZON-02)
2 151.101.193.44 54113 (FASTLY)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.224.201.38 16509 (AMAZON-02)
4 151.101.194.133 54113 (FASTLY)
1 13.35.96.135 16509 (AMAZON-02)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 142.250.65.162 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 54.152.100.45 14618 (AMAZON-AES)
1 35.186.249.72 15169 (GOOGLE)
2 2600:9000:20e... 16509 (AMAZON-02)
3 50.16.87.208 14618 (AMAZON-AES)
1 108.138.113.246 16509 (AMAZON-02)
1 143.204.138.162 16509 (AMAZON-02)
1 146.75.36.157 54113 (FASTLY)
1 99.84.37.59 16509 (AMAZON-02)
2 35.227.211.136 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 72.21.195.65 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 54.144.144.142 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 52.46.130.91 16509 (AMAZON-02)
1 104.244.42.3 13414 (TWITTER)
6 2a03:2880:f13... 32934 (FACEBOOK)
4 35.190.43.134 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.130.133 54113 (FASTLY)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 52.7.56.125 14618 (AMAZON-AES)
1 50.16.108.1 14618 (AMAZON-AES)
1 184.51.148.226 20940 (AKAMAI-ASN1)
2 12 141.226.224.48 200478 (TABOOLA-AS)
1 34.149.193.192 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2620:100:a001::c 19750 (AS-CRITEO)
1 34.95.127.121 396982 (GOOGLE-CL...)
2 52.44.4.81 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
5 6 15.197.193.217 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2a00:1588:d80... 36040 (YOUTUBE)
14 2600:1f13:800... 16509 (AMAZON-02)
9 209.54.180.72 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 2 142.251.35.162 15169 (GOOGLE)
2 104.36.115.109 62713 (AS-PUBMATIC)
1 2 63.251.114.182 32475 (SINGLEHOP...)
2 3 198.148.27.140 19189 (PULSEPOINT)
1 199.187.193.193 47043 (SMARTADSE...)
1 44.209.207.157 14618 (AMAZON-AES)
1 1 74.119.119.150 19750 (AS-CRITEO)
9 9 162.19.138.116 16276 (OVH)
2 2 216.200.232.249 30419 (MEDIAMATH...)
1 1 104.36.115.113 62713 (AS-PUBMATIC)
2 6 69.166.1.10 27630 (AS-XFERNET)
2 3 107.178.246.49 15169 (GOOGLE)
2 2 50.57.31.206 19994 (RACKSPACE)
6 7 35.211.178.172 19527 (GOOGLE-2)
2 2 3.135.132.32 16509 (AMAZON-02)
2 2 35.207.24.140 15169 (GOOGLE)
1 35.71.139.29 16509 (AMAZON-02)
1 185.255.84.152 200271 (IGUANE-)
1 31.220.27.155 39572 (ADVANCEDH...)
2 2 3.82.84.88 14618 (AMAZON-AES)
1 82.145.213.8 39832 (NO-OPERA)
1 2a04:4e42:400... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 151.101.1.108 54113 (FASTLY)
1 23.200.168.248 16625 (AKAMAI-AS)
1 104.127.172.242 16625 (AKAMAI-AS)
1 1 199.38.167.130 54312 (ROCKETFUEL)
4 4 8.2.111.121 46636 (NATCOWEB)
2 3 35.211.168.6 19527 (GOOGLE-2)
1 1 44.193.114.255 14618 (AMAZON-AES)
2 2 35.211.141.197 15169 (GOOGLE)
277 99
2    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
25    151.101.66.62 (United States)

ASN54113 (FASTLY, US)
www.usatoday.com
user.usatoday.com
www.gannett-cdn.com
cm.usatoday.com
4    143.204.150.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-150-76.ewr52.r.cloudfront.net
c.amazon-adsystem.com
5    2600:9000:20ed:8800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    2607:f8b0:4006:80a::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    151.101.65.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
24    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprnjmp.taboola.com
match.taboola.com
2    151.101.2.62 (United States)

ASN54113 (FASTLY, US)
hlsmedia.gannett-cdn.com
1    2607:f8b0:4006:820::2006 (Rockville, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2607:f8b0:4006:809::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
22    3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
1    23.205.77.192 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-77-192.deploy.static.akamaitechnologies.com
a.teads.tv
1    8.28.7.99 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    68.67.160.132 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
gannett-d.openx.net
u.openx.net
1    3.212.75.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-75-214.compute-1.amazonaws.com
tlx.3lift.com
1    69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    54.235.171.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-171-148.compute-1.amazonaws.com
prebid-server.rubiconproject.com
1    2602:803:c002:200::52 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    34.227.236.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-236-203.compute-1.amazonaws.com
ads.yieldmo.com
2    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
2    8.2.111.122 (United States)

ASN46636 (NATCOWEB, US)
colossusssp.com
1    192.35.249.142 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
search.spotxchange.com
1    35.211.165.199 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 199.165.211.35.bc.googleusercontent.com
grid.bidswitch.net
2    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    199.232.194.217 (United States)

ASN54113 (FASTLY, US)
static.scroll.com
1    18.67.69.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-69-177.iad89.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
6    52.1.29.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-29-33.compute-1.amazonaws.com
pixel.adsafeprotected.com
12    18.165.83.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-79.iad55.r.cloudfront.net
sb.scorecardresearch.com
1    13.224.214.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-111.phl50.r.cloudfront.net
ats.rlcdn.com
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
7    2607:f8b0:4006:820::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:824::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.224.201.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-201-38.phl50.r.cloudfront.net
cdn.parsely.com
4    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
1    13.35.96.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-96-135.jfk50.r.cloudfront.net
z-na.associates-amazon.com
4    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
www.googleadservices.com
1    2607:f8b0:4006:80d::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    54.152.100.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-100-45.compute-1.amazonaws.com
resources.xg4ken.com
1    35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com
d.impactradius-event.com
2    2600:9000:20ed:f200:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
3    50.16.87.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-87-208.compute-1.amazonaws.com
10870841.collect.igodigital.com
nova.collect.igodigital.com
1    108.138.113.246 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-113-246.jfk50.r.cloudfront.net
sc-static.net
1    143.204.138.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net
js.adsrvr.org
1    146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    99.84.37.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-59.ewr52.r.cloudfront.net
geo.privacymanager.io
2    35.227.211.136 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 136.211.227.35.bc.googleusercontent.com
gannett.sjv.io
1    2607:f8b0:4006:824::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
retail.googleapis.com
2    72.21.195.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
assoc-na.associates-amazon.com
1    2607:f8b0:4006:81e::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
1    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
6    2a03:2880:f13a:83:face:b00c:0:25de (Minneapolis, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
4    2607:f8b0:4006:824::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:81e::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
consumer.krxd.net
1    2600:1f18:730:b110:e592:4eb7:d27a:33ba (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    52.7.56.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-56-125.compute-1.amazonaws.com
rp4.liadm.com
1    50.16.108.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-108-1.compute-1.amazonaws.com
i.liadm.com
1    184.51.148.226 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-51-148-226.deploy.static.akamaitechnologies.com
sli.usatoday.com
12    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
us-trc-events.taboola.com
us-match.taboola.com
us-vid-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
1    34.149.193.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.193.149.34.bc.googleusercontent.com
traxex.gannettdigital.com
1    2607:f8b0:4006:807::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2607:f8b0:4006:823::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
67f6879c27bd76a25660c21597c19b82.safeframe.googlesyndication.com
1    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    34.95.127.121 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com
www.ojrq.net
2    52.44.4.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-4-81.compute-1.amazonaws.com
beacon.krxd.net
3    2607:f8b0:4006:809::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
4    2607:f8b0:4006:809::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2607:f8b0:4006:81f::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
redirector.gvt1.com
1    2a00:1588:d802::c (Ukraine)

ASN36040 (YOUTUBE, US)
r1---sn-quxapm-3c2l.gvt1.com
14    2600:1f13:800:7781:14d1:10cc:3c25:3c47 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
9    209.54.180.72 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
aax.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
2    2607:f8b0:4006:817::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
cm.g.doubleclick.net
2    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    63.251.114.182 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
3    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    199.187.193.193 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    44.209.207.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-207-157.compute-1.amazonaws.com
e1.emxdgt.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
9    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
2    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
7    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    3.135.132.32 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-132-32.us-east-2.compute.amazonaws.com
sync-dmp.mobtrakk.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    185.255.84.152 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    3.82.84.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-84-88.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    23.200.168.248 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-168-248.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    8.2.111.121 (United States)

ASN46636 (NATCOWEB, US)
sync.colossusssp.com
3    35.211.168.6 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 6.168.211.35.bc.googleusercontent.com
sofia.trustx.org
1    44.193.114.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-114-255.compute-1.amazonaws.com
nep.advangelists.com
2    35.211.141.197 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 197.141.211.35.bc.googleusercontent.com
m.fg8dgt.com
Apex Domain
Subdomains		 Transfer
38 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 996
trc.taboola.com — Cisco Umbrella Rank: 697
vidstat.taboola.com — Cisco Umbrella Rank: 2577
us-trc-events.taboola.com — Cisco Umbrella Rank: 5910
images.taboola.com — Cisco Umbrella Rank: 1779
imprnjmp.taboola.com — Cisco Umbrella Rank: 7167
us-match.taboola.com — Cisco Umbrella Rank: 7165
us-vid-events.taboola.com — Cisco Umbrella Rank: 6770
sync.taboola.com — Cisco Umbrella Rank: 1037
sync-t1.taboola.com — Cisco Umbrella Rank: 1309
match.taboola.com — Cisco Umbrella Rank: 2758
pips.taboola.com — Cisco Umbrella Rank: 1549
cds.taboola.com — Cisco Umbrella Rank: 1446
312 KB
25 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 575
pixel.adsafeprotected.com — Cisco Umbrella Rank: 616
dt.adsafeprotected.com — Cisco Umbrella Rank: 527
203 KB
23 usatoday.com
www.usatoday.com — Cisco Umbrella Rank: 13968
user.usatoday.com — Cisco Umbrella Rank: 20263
cm.usatoday.com — Cisco Umbrella Rank: 30532
sli.usatoday.com — Cisco Umbrella Rank: 24123
328 KB
22 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 858
9 KB
16 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 6415
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
aax.amazon-adsystem.com — Cisco Umbrella Rank: 938
aax-us-east.amazon-adsystem.com — Cisco Umbrella Rank: 890
70 KB
12 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
9 KB
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
204 KB
9 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 463
14 KB
9 googlesyndication.com
67f6879c27bd76a25660c21597c19b82.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
115 KB
8 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 934
x.bidswitch.net — Cisco Umbrella Rank: 301
3 KB
7 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1428
insight.adsrvr.org — Cisco Umbrella Rank: 624
match.adsrvr.org — Cisco Umbrella Rank: 342
5 KB
7 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1613
consumer.krxd.net — Cisco Umbrella Rank: 2122
beacon.krxd.net — Cisco Umbrella Rank: 513
96 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
7 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1504
sync.go.sonobi.com — Cisco Umbrella Rank: 1018
7 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
acdn.adnxs.com — Cisco Umbrella Rank: 611
5 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
1 KB
6 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1619
sync.colossusssp.com — Cisco Umbrella Rank: 2085
3 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 75
1 KB
5 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3340
rp.liadm.com — Cisco Umbrella Rank: 1667
rp4.liadm.com — Cisco Umbrella Rank: 7652
i.liadm.com — Cisco Umbrella Rank: 604
16 KB
5 gannett-cdn.com
hlsmedia.gannett-cdn.com — Cisco Umbrella Rank: 16546
www.gannett-cdn.com — Cisco Umbrella Rank: 7550
46 KB
4 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 943
1 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
216 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
gum.criteo.com — Cisco Umbrella Rank: 406
dis.criteo.com — Cisco Umbrella Rank: 688
1 KB
4 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 936
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
eus.rubiconproject.com — Cisco Umbrella Rank: 564
5 KB
4 openx.net
gannett-d.openx.net — Cisco Umbrella Rank: 12884
u.openx.net — Cisco Umbrella Rank: 650
978 B
4 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433
simage2.pubmatic.com — Cisco Umbrella Rank: 690
image6.pubmatic.com — Cisco Umbrella Rank: 648
579 B
3 trustx.org
sofia.trustx.org — Cisco Umbrella Rank: 4077
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 436
145 B
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 524
2 KB
3 igodigital.com
10870841.collect.igodigital.com — Cisco Umbrella Rank: 15527
nova.collect.igodigital.com — Cisco Umbrella Rank: 4821
3 KB
3 gstatic.com
www.gstatic.com
csi.gstatic.com
2 KB
3 associates-amazon.com
z-na.associates-amazon.com — Cisco Umbrella Rank: 7038
assoc-na.associates-amazon.com — Cisco Umbrella Rank: 3574
4 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 424
retail.googleapis.com — Cisco Umbrella Rank: 10979
127 KB
2 fg8dgt.com
m.fg8dgt.com — Cisco Umbrella Rank: 3982
769 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 694
836 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 911
816 B
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 15083
690 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1084
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
1013 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 877
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
88 KB
2 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 1829
r1---sn-quxapm-3c2l.gvt1.com
2 MB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 8529
655 B
2 sjv.io
gannett.sjv.io — Cisco Umbrella Rank: 14588
676 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2822
p1.parsely.com — Cisco Umbrella Rank: 2187
26 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3573
32 KB
2 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
881 B
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 658
263 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com — Cisco Umbrella Rank: 407
1007 B
2 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 714
analytics.twitter.com — Cisco Umbrella Rank: 538
29 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1310
93 KB
2 t.co
t.co — Cisco Umbrella Rank: 489
830 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2434
218 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
733 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2930
463 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 4096
46 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1057
342 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1308
311 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 649
697 B
1 ojrq.net
www.ojrq.net — Cisco Umbrella Rank: 5573
447 B
1 gannettdigital.com
traxex.gannettdigital.com — Cisco Umbrella Rank: 11378
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1400
595 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 613
15 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 917
8 KB
1 impactradius-event.com
d.impactradius-event.com — Cisco Umbrella Rank: 2854
16 KB
1 xg4ken.com
resources.xg4ken.com — Cisco Umbrella Rank: 4721
4 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
16 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
67 KB
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1358
110 KB
1 scroll.com
static.scroll.com — Cisco Umbrella Rank: 5555
605 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 485
810 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1270
363 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
17 KB
277 74
Domain Requested by
22 c2shb.pubgw.yahoo.com www.usatoday.com
19 www.usatoday.com t.co
www.usatoday.com
14 dt.adsafeprotected.com
12 sb.scorecardresearch.com 3 redirects www.usatoday.com
cdn.taboola.com
10 cdn.taboola.com www.usatoday.com
cdn.taboola.com
9 id5-sync.com 9 redirects
8 aax.amazon-adsystem.com
8 trc.taboola.com cdn.taboola.com
8 securepubads.g.doubleclick.net www.usatoday.com
securepubads.g.doubleclick.net
t.co
www.googletagservices.com
7 x.bidswitch.net 6 redirects
7 www.google-analytics.com www.usatoday.com
www.google-analytics.com
www.googletagmanager.com
6 sync.go.sonobi.com 2 redirects
6 www.facebook.com www.usatoday.com
6 pixel.adsafeprotected.com static.adsafeprotected.com
www.usatoday.com
6 ib.adnxs.com 3 redirects www.usatoday.com
5 match.adsrvr.org 5 redirects
5 static.adsafeprotected.com www.usatoday.com
pixel.adsafeprotected.com
4 sync.colossusssp.com 4 redirects
4 sync.taboola.com 2 redirects
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
t.co
4 www.google.com www.usatoday.com
tpc.googlesyndication.com
t.co
4 tr.snapchat.com sc-static.net
www.usatoday.com
4 connect.facebook.net www.usatoday.com
connect.facebook.net
4 cdn.krxd.net www.usatoday.com
cdn.krxd.net
4 c.amazon-adsystem.com www.usatoday.com
c.amazon-adsystem.com
3 sofia.trustx.org 2 redirects
3 pixel.tapad.com 2 redirects
3 sync-t1.taboola.com
3 bh.contextweb.com 2 redirects
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
3 images.taboola.com www.usatoday.com
3 us-trc-events.taboola.com www.usatoday.com
3 www.gannett-cdn.com www.usatoday.com
pixel.adsafeprotected.com
2 m.fg8dgt.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 u.openx.net 1 redirects
2 rtb.mfadsrvr.com 2 redirects
2 sync-dmp.mobtrakk.com 2 redirects
2 uipglob.semasio.net 2 redirects
2 sync.mathtag.com 2 redirects
2 ce.lijit.com 1 redirects
2 simage2.pubmatic.com
2 cm.g.doubleclick.net 1 redirects
2 www.googletagservices.com t.co
2 csi.gstatic.com imasdk.googleapis.com
2 beacon.krxd.net cdn.krxd.net
2 67f6879c27bd76a25660c21597c19b82.safeframe.googlesyndication.com securepubads.g.doubleclick.net
www.usatoday.com
2 www.google.ca www.usatoday.com
2 nova.collect.igodigital.com www.usatoday.com
2 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 assoc-na.associates-amazon.com z-na.associates-amazon.com
2 gannett.sjv.io d.impactradius-event.com
2 b-code.liadm.com www.usatoday.com
b-code.liadm.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 htlb.casalemedia.com www.usatoday.com
2 colossusssp.com 1 redirects www.usatoday.com
2 bidder.criteo.com www.usatoday.com
2 ads.yieldmo.com www.usatoday.com
2 gannett-d.openx.net www.usatoday.com
2 cm.usatoday.com www.usatoday.com
2 imasdk.googleapis.com www.usatoday.com
imasdk.googleapis.com
2 hlsmedia.gannett-cdn.com www.usatoday.com
2 confiant-integrations.global.ssl.fastly.net www.usatoday.com
confiant-integrations.global.ssl.fastly.net
2 t.co www.usatoday.com
1 nep.advangelists.com 1 redirects
1 p.rfihub.com 1 redirects
1 eus.rubiconproject.com www.usatoday.com
1 js-sec.indexww.com www.usatoday.com
1 acdn.adnxs.com www.usatoday.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 t.adx.opera.com
1 s.uuidksinc.net
1 visitor.omnitagjs.com
1 eb2.3lift.com
1 match.taboola.com
1 image6.pubmatic.com 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com
1 rtb-csync.smartadserver.com
1 pixel.rubiconproject.com 1 redirects
1 aax-us-east.amazon-adsystem.com c.amazon-adsystem.com
1 r1---sn-quxapm-3c2l.gvt1.com
1 redirector.gvt1.com 1 redirects
1 insight.adsrvr.org js.adsrvr.org
1 www.ojrq.net
1 gum.criteo.com www.usatoday.com
1 adservice.google.com imasdk.googleapis.com
1 traxex.gannettdigital.com www.usatoday.com
1 us-vid-events.taboola.com www.usatoday.com
1 us-match.taboola.com vidstat.taboola.com
1 imprnjmp.taboola.com vidstat.taboola.com
1 vidstat.taboola.com cdn.taboola.com
1 sli.usatoday.com www.usatoday.com
1 i.liadm.com b-code.liadm.com
1 rp4.liadm.com www.usatoday.com
1 rp.liadm.com 1 redirects
1 consumer.krxd.net cdn.krxd.net
1 analytics.twitter.com www.usatoday.com
1 stats.g.doubleclick.net www.google-analytics.com
1 p1.parsely.com www.usatoday.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 retail.googleapis.com www.usatoday.com
1 geo.privacymanager.io ats.rlcdn.com
1 static.ads-twitter.com www.usatoday.com
1 js.adsrvr.org www.usatoday.com
1 sc-static.net www.usatoday.com
1 10870841.collect.igodigital.com www.usatoday.com
1 d.impactradius-event.com www.usatoday.com
1 resources.xg4ken.com www.usatoday.com
1 www.gstatic.com www.usatoday.com
1 www.googleadservices.com www.usatoday.com
1 z-na.associates-amazon.com www.usatoday.com
1 cdn.parsely.com www.usatoday.com
1 www.googletagmanager.com www.usatoday.com
1 ats.rlcdn.com t.co
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 static.scroll.com www.usatoday.com
1 grid.bidswitch.net www.usatoday.com
1 search.spotxchange.com www.usatoday.com
1 fastlane.rubiconproject.com www.usatoday.com
1 prebid-server.rubiconproject.com www.usatoday.com
1 apex.go.sonobi.com www.usatoday.com
1 tlx.3lift.com www.usatoday.com
1 hbopenbid.pubmatic.com www.usatoday.com
1 a.teads.tv www.usatoday.com
1 s0.2mdn.net www.usatoday.com
1 platform.twitter.com www.usatoday.com
1 user.usatoday.com www.usatoday.com
277 129
Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
usatoday.com
R3		 2022-08-07 -
2022-11-05		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.yieldmo.com
Amazon		 2022-09-12 -
2023-10-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2021-11-07 -
2022-11-07		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-21		 a year crt.sh
*.scroll.com
R3		 2022-08-25 -
2022-11-23		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-30 -
2022-12-29		 a year crt.sh
assoc-na.associates-amazon.com
Amazon		 2022-06-18 -
2023-06-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-29 -
2022-09-27		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.xg4ken.com
Go Daddy Secure Certificate Authority - G2		 2021-09-17 -
2022-10-19		 a year crt.sh
*.impactradius-event.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-10 -
2023-01-06		 a year crt.sh
*.liadm.com
Amazon		 2022-01-31 -
2023-03-01		 a year crt.sh
*.collect.igodigital.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.sjv.io
Sectigo RSA Domain Validation Secure Server CA		 2022-03-23 -
2023-04-21		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.snap.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-08-16		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-07		 a year crt.sh
sli.usatoday.com
R3		 2022-08-11 -
2022-11-09		 3 months crt.sh
*.gannettdigital.com
R3		 2022-08-15 -
2022-11-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.ojrq.net
Sectigo RSA Domain Validation Secure Server CA		 2022-01-10 -
2023-01-07		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
aax-us-east.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
uuidksinc.net
R3		 2022-07-18 -
2022-10-16		 3 months crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh

This page contains 28 frames:

Primary Page: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Frame ID: 40EBA75482391F59AC99D90AA8919BBB
Requests: 209 HTTP requests in this frame

Frame: https://cm.usatoday.com/nanobar/091322_USAT40th
Frame ID: F744EAE41BCF394AB6744E90B8A7712B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.531.0_en.html
Frame ID: 9932D4B71EC489C080FEC85CCEFD0428
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 98765914E2D27EE972DD18B0139FC584
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_rbd_n-emx_ppt_n-vmg_an-db5_3lift&dcc=t
Frame ID: 510FFA4E68772917E5E86BDA89727BB6
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=83ed99d9-8377-45aa-ba76-e017d4d8e602&u_scsid=a4632f63-5ee1-4e57-aa49-eadd62045d1f&u_sclid=524ce26b-eeca-496d-bd8b-0cd0dc78ae29
Frame ID: DA1009EF4D8021B040F9AA616AE7DC50
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01aa?s=&cim=&ps=true&ls=true&duid=bf719b866c77--01gdbbxdtf5496t7v6zvc4vbb8&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Frame ID: 0EE4FF2F5A982B8C139490E9707BA3A1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5F18426C4E7D60ECA048C6F8CDA928FD
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 819A992DBC7EC447F23DD3B8C02AD9BA
Requests: 1 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7by0CFgMjkyOHb_1OkwQjkyOHb_1OkwUAAAAGBvQHJLhwuAyj4WStMk0cbtFiZFtLHB7DWrhb2UyrycZl8myMQIILh8swGk7WKtPE4RYtRra1xOExrIW7lc20mmxcJs_GCi_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs9BLZCxXCaDpGVyeZ4-uxu40HQ6fK57ve73u6s-D9Pf5HDeNX63X3P6W55_0ctj9EsGk8lesNwrhnvVxWV5ixymh1tieTk8RrfQ4fG6TG7B0ek5Ou0-v2IwWix3s8VgMNnLAQAAAODh____HwIAAAAgAgAAAEACAAAAgCKg4t9C4AIAAAAA4____18DwGRDIDrkQGi_3XR5Ocz-AAAAAAABAAAAIAEgQKgpAejgnjn5_________48ZoM-8kfn___-_UegBePABeBACAAC4GCoaXd6KoRvPJCI4LGIEAAAAUImTqXs0qRMqi6r___9-K4ArAICAQStfW_ws3UGJtzAAAIADMTXNuphfd63DsQV6WPx-s8Ou8btd9v________9v9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcCHXgKbT4XPd60V3jd8vugBY3UCMNrMDAAAAuPv____HU9Osi_l11zrUAzGbxzIZ2YwL13DkWiyHK4_LMXE5R6vRbDVxLnbbS_R_2wrtGn_vixGW2e87KCinp8fsMoiKrrfF7nCaPQe1QMZymQySlsnlefrsBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0v4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggDI49tMLO51pLVbLgWzQaLtXC4nK0lxs1itDFOVsuVbS16fUwPy2SyHEy2KBjQtBfJ0yKdiDyLlcXichhHrplrsNytHKbJcGOZmDye3cYz3E3EEs3JIp3ILvuazWOZjGzGhWs4ci2Ww5XH5Zi4nKPVaLaaOBe7fWHksQ1mNtdaspoN16LZYLEWDpeztcS4WYw2xslqubKtRa-P6WGZTJaDyb4xm21mg91sONk3ZrPNbLCbDSf7Do_v6Dq4zsrLMxtdXL0ng8V3kBpsP5PutxBGjOei5CQcZ9cGY8O6PkjOBo_BYNhpa9_g4fX3Obvl78Z7MCpiieAinag-D9Pf5HCeXG6_RSxRmi7SiV5z-luef9HLY_RLBpPJXrDcK4Z71cVleYscpodbYnk5PEa30OHxukxuwdHpOTrtPr9iMFosd7PFYDDZS8QSwekinYhextNF_UeHGC3nqtlcsdrMFcPZKgEAAAAAAAAALGHKvAkAAADAaSCz0WS0WudBLFez5WK1XAAAAkjdH_Wxv-z_g71dpauNyKFkarDixo8Z6vMw_U0O58nl9lsZAEDgg3nzZ4JYq9WyBgAAEMAGAAAI4NbNWyA6FP____8fBwAAICNHDwAAQL8PxKTeAzd6rcBPgKPNZA!&cmcv=&pix=undefined&cb=1663607683850&uv=3226&tms=1663607683850&abt=inc_all_video_vA!ntvc_vB!scec11_vB!spa2_vA!t45!ufm_vE&ru=https://t.co/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=8aae0482-e4ba-41d6-bac0-87ef452ced3c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 83B5E48F7FB63C0E548214E96F47B762
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7by0CFgMjkyOHb_1OkwQjkyOHb_1OkwUAAAAGBvQHJLhwuAyj4WStMk0cbtFiZFtLHB7DWrhb2UyrycZl8myMQIILh8swGk7WKtPE4RYtRra1xOExrIW7lc20mmxcJs_GCi_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs9BLZCxXCaDpGVyeZ4-uxu40HQ6fK57ve73u6s-D9Pf5HDeNX63X3P6W55_0ctj9EsGk8lesNwrhnvVxWV5ixymh1tieTk8RrfQ4fG6TG7B0ek5Ou0-v2IwWix3s8VgMNnLAQAAAODh____HwIAAAAgAgAAAEACAAAAgCKg4t9C4AIAAAAA4____18DwGRDIDrkQGi_3XR5Ocz-AAAAAAABAAAAIAEgQKgpAejgnjn5_________48ZoM-8kfn___-_UegBePABeBACAAC4GCoaXd6KoRvPJCI4LGIEAAAAUImTqXs0qRMqi6r___9-K4ArAICAQStfW_ws3UGJtzAAAIADMTXNuphfd63DsQV6WPx-s8Ou8btd9v________9v9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcCHXgKbT4XPd60V3jd8vugBY3UCMNrMDAAAAuPv____HU9Osi_l11zrUAzGbxzIZ2YwL13DkWiyHK4_LMXE5R6vRbDVxLnbbS_R_2wrtGn_vixGW2e87KCinp8fsMoiKrrfF7nCaPQe1QMZymQySlsnlefrsBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0v4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggDI49tMLO51pLVbLgWzQaLtXC4nK0lxs1itDFOVsuVbS16fUwPy2SyHEy2KBjQtBfJ0yKdiDyLlcXichhHrplrsNytHKbJcGOZmDye3cYz3E3EEs3JIp3ILvuazWOZjGzGhWs4ci2Ww5XH5Zi4nKPVaLaaOBe7fWHksQ1mNtdaspoN16LZYLEWDpeztcS4WYw2xslqubKtRa-P6WGZTJaDyb4xm21mg91sONk3ZrPNbLCbDSf7Do_v6Dq4zsrLMxtdXL0ng8V3kBpsP5PutxBGjOei5CQcZ9cGY8O6PkjOBo_BYNhpa9_g4fX3Obvl78Z7MCpiieAinag-D9Pf5HCeXG6_RSxRmi7SiV5z-luef9HLY_RLBpPJXrDcK4Z71cVleYscpodbYnk5PEa30OHxukxuwdHpOTrtPr9iMFosd7PFYDDZS8QSwekinYhextNF_UeHGC3nqtlcsdrMFcPZKgEAAAAAAAAALGHKvAkAAADAaSCz0WS0WudBLFez5WK1XAAAAkjdH_Wxv-z_g71dpauNyKFkarDixo8Z6vMw_U0O58nl9lsZAEDgg3nzZ4JYq9WyBgAAEMAGAAAI4NbNWyA6FP____8fBwAAICNHDwAAQL8PxKTeAzd6rcBPgKPNZA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 916D4384BA35BADCFCE801D47121CAFC
Requests: 1 HTTP requests in this frame

Frame: https://67f6879c27bd76a25660c21597c19b82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D8A67CC38F538DAE3DF25FF39B853571
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.usatoday.com
Frame ID: FBB41F09F809F0E00A18E0009690F3A7
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=4bpffy2&ref=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&upid=zpgwcot&upv=1.1.0
Frame ID: A0399055C241FE7AE842A9C03DDF65CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 58B08B75766A942F7678AEE5B0B5E392
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3AFA249EC854580575D7DDB85B45DDF7
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 4DDEC7C2487B0ADAA72BA862148CC89A
Requests: 1 HTTP requests in this frame

Frame: https://67f6879c27bd76a25660c21597c19b82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EE4A7F84431509983C33E4DE5F8FBDE3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv59gn1uOMyPYJUMi6HUui-bFAYtpMXVCG9gAd8YtZjIvtP1RyX6ASzmEnerQ9f64XT-c3LZatYMFm8aDd_iKJheuEgWFpexxjbReC41KOgNXMO6hwBVNakSs_AGVAET9shMmz_2B9vbKv3zVEnz8a7AGLYFNkpqn7S3o-XoK0cS6NFPWLbON6EE1kfEOorLzH0cb9_U2oDO_HybLC_GhvbbpB06wQkk-5EeYEDnfBOUDoJw4qeZW-SfUWrTfppOmKsRjd2MeLsBJmFKjn_y5h6vgvRd2rzGKZwUptGAgkIXDU_2YZC1NDE5eFPalGO_xyMDTQG&sai=AMfl-YTrM8cJssdetQnbSuAV3GupKYf2h1qRddiY_1Uxg4mEFy30_AwHFrhHFfZe-wBFxgdAz7tqQZGAbmdDB6oSOGI7pfFXDBDhKh7nkxdAb3dqwzu7495grHnkdBYe2QA&sig=Cg0ArKJSzOpC4RC1X4gOEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6AA3081D965040F615EFE165E16AFCA4
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujG80-Pldjs7xm7-4WnOOMgg3WGNZlWvCciUhf2wjiWkGFRl3FX704jhs5m67oVqinLMs1C-e0tTWIK0HYD4oUJxY_6W8T3dhZpK890ysxeMqTWevGARJQ4WCL2g-z7AklcWKbFJovPfSUVYEV1PwjlBEnE6PAX1VJpMuvFh_qhC9Qt5atnHtkoQ9j-e8vYHV1NQjrHxGVGFaEH45ov-4VjZegKxv8jxGKw4vY9AJqx6Jx3u_BX1j1GqHiXlABp4Wwep0ghMeRSzEqUxTZd_HMgvBks1YWt6pC1KTB39kbd8vch6WBsNT8Q_u2UmUV_5LXO3UD15vmqd4HNGHlRmyMDcijYotV4XX3&sai=AMfl-YQRbwfmZUhCIqfYi3krH30JB3EX2jzXJOvbhZZkul9Ka1ssH_JUBJNmKdrefonw8TXTsbtnDUoV1GJ-BuJzMBceanBNafUaVzutHQ4lbAY8_3oJToP1LS18fc20u10&sig=Cg0ArKJSzHE-3Rzyn4mmEAE&uach_m=[UACH]&adurl=
Frame ID: 937887566FD14BD232BE7BF678765A3D
Requests: 7 HTTP requests in this frame

Frame: https://cm.usatoday.com/overlay/091322_USAT40th_entrance
Frame ID: 133F410F0EF52261BE8B838016534BAC
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=922805&campId=300x600&pubId=76839168&chanId=35441208&placementId=4442091020&pubCreative=138212695896&pubOrder=2154910521&cb=184719300&adsafe_par&impId=8d1e89fe-383e-11ed-af6f-0ecee0cb6f2f&custom2=external&custom3=story
Frame ID: BB72F6B8C72099C60648204FB186624C
Requests: 2 HTTP requests in this frame

Frame: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JOVT7n3L5CXjJPq7Wku1kY8AAAGDVr63SQEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICAcMcV6&rnd=840120812081663607685265&pp=hg02dc&p=1s4lr0g&crid=519816_ssl&ep=%7B%22ce%22%3A%221%22%7D
Frame ID: C7ECEE92E3AD51955013E0DF523424B2
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891274L-O-FVDG
Frame ID: 516ED0A2C254B0AD949F64EFF9BC16A4
Requests: 21 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: C62C2C4077AD074744245EB15C7188A2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 12B289FF5D45210089796311E9620934
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B8FB4AB7278B1246E5C6BBF929C8C780
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: A9E06204559A831A5B80606E23B86057
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Uber data breach: Employee apparently tricked into sharing credentialsPlayPauseSound OnSound OffClosedCaptionOpen ShareEnter Full ScreenExit Full Screen

Page URL History Show full URLs

  1. https://t.co/ZUv10TUi4A Page URL
  2. https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • d\.impactradius-event\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

277
Requests

91 %
HTTPS

26 %
IPv6

74
Domains

129
Subdomains

99
IPs

7
Countries

4725 kB
Transfer

10495 kB
Size

185
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/ZUv10TUi4A Page URL
  2. https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663607682477&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=0&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1663607682482&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=4&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=https%3A%2F%2Ft.co%2F HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663607682477&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=0&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1663607682482&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=4&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=https%3A%2F%2Ft.co%2F
Request Chain 82
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663607682477&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=3&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=3&ns_st_dpt=3&ns_st_ipt=3&ns_st_et=3&ns_st_det=3&ns_st_upc=3&ns_st_dupc=3&ns_st_iupc=3&ns_st_upa=3&ns_st_dupa=3&ns_st_iupa=3&ns_st_lpc=3&ns_st_dlpc=3&ns_st_lpa=3&ns_st_dlpa=3&ns_st_pa=3&ns_ts=1663607682485&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=https%3A%2F%2Ft.co%2F HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663607682477&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=3&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=3&ns_st_dpt=3&ns_st_ipt=3&ns_st_et=3&ns_st_det=3&ns_st_upc=3&ns_st_dupc=3&ns_st_iupc=3&ns_st_upa=3&ns_st_dupa=3&ns_st_iupa=3&ns_st_lpc=3&ns_st_dlpc=3&ns_st_lpa=3&ns_st_dlpa=3&ns_st_pa=3&ns_ts=1663607682485&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=https%3A%2F%2Ft.co%2F
Request Chain 95
  • https://sb.scorecardresearch.com/cs/6035223/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 131
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_rbd_n-emx_ppt_n-vmg_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_rbd_n-emx_ppt_n-vmg_an-db5_3lift&dcc=t
Request Chain 145
  • https://rp.liadm.com/j?dtstmp=1663607683008&aid=a-01aa&se=e30&duid=bf719b866c77--01gdbbxdtf5496t7v6zvc4vbb8&tna=v2.4.2&pu=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ext_gup_anonid=8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73&us_privacy=1---&wpn=lc-bundle&refr=https%3A%2F%2Ft.co%2F&c=PHRpdGxlPlViZXIgZGF0YSBicmVhY2g6IEVtcGxveWVlIGFwcGFyZW50bHkgdHJpY2tlZCBpbnRvIHNoYXJpbmcgY3JlZGVudGlhbHM8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGRhdGEgYnJlYWNoIGF0IFViZXIgcHV0cyB0aGUgc3BvdGxpZ2h0IG9uIGFuIGVmZmVjdGl2ZSBicmVhay1pbiByb3V0aW5lOiB0cmlja2luZyBhbiBlbXBsb3llZSBpbnRvIHNoYXJpbmcgdGhlaXIgY3JlZGVudGlhbHMuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNhdG9kYXkuY29tL3N0b3J5L3RlY2gvMjAyMi8wOS8xOC91YmVyLWRhdGEtYnJlYWNoLWhhY2tlZC1waGlzaGluZy8xMDQxOTc2MTAwMi8iPjxoMSBjbGFzcz0iZ250X2FyX2hsIiBlbGVtZW50dGltaW5nPSJhci1oZWFkbGluZSI-VWJlciBzYXlzIHNlcnZpY2VzIGFyZSBvcGVyYXRpb25hbCBmb2xsb3dpbmcgZGF0YSBicmVhY2g8L2gxPjx0aXRsZSBpZD0icGxheV90ZWFscGxheWVyX3N2ZyI-UGxheTwvdGl0bGU-PHRpdGxlIGlkPSJwYXVzZV90ZWFscGxheWVyX3N2ZyI-UGF1c2U8L3RpdGxlPjx0aXRsZSBpZD0ibXV0ZV90ZWFscGxheWVyX3N2ZyI-U291bmQgT248L3RpdGxlPjx0aXRsZSBpZD0idW5tdXRlX3RlYWxwbGF5ZXJfc3ZnIj5Tb3VuZCBPZmY8L3RpdGxlPjx0aXRsZSBpZD0iY2xvc2VkQ2FwdGlvbl90ZWFscGxheWVyX3N2ZyI-Q2xvc2VkQ2FwdGlvbjwvdGl0bGU-PHRpdGxlIGlkPSJzaGFyZV90ZWFscGxheWVyX3N2ZyI-T3BlbiBTaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJmdWxsc2NyZWVuX3RlYWxwbGF5ZXJfc3ZnIj5FbnRlciBGdWxsIFNjcmVlbjwvdGl0bGU-PHRpdGxlIGlkPSJleGl0RnVsbHNjcmVlbl90ZWFscGxheWVyX3N2ZyI-RXhpdCBGdWxsIFNjcmVlbjwvdGl0bGU- HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1663607683008&aid=a-01aa&se=e30&duid=bf719b866c77--01gdbbxdtf5496t7v6zvc4vbb8&tna=v2.4.2&pu=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ext_gup_anonid=8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73&us_privacy=1---&wpn=lc-bundle&refr=https%3A%2F%2Ft.co%2F&c=PHRpdGxlPlViZXIgZGF0YSBicmVhY2g6IEVtcGxveWVlIGFwcGFyZW50bHkgdHJpY2tlZCBpbnRvIHNoYXJpbmcgY3JlZGVudGlhbHM8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGRhdGEgYnJlYWNoIGF0IFViZXIgcHV0cyB0aGUgc3BvdGxpZ2h0IG9uIGFuIGVmZmVjdGl2ZSBicmVhay1pbiByb3V0aW5lOiB0cmlja2luZyBhbiBlbXBsb3llZSBpbnRvIHNoYXJpbmcgdGhlaXIgY3JlZGVudGlhbHMuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNhdG9kYXkuY29tL3N0b3J5L3RlY2gvMjAyMi8wOS8xOC91YmVyLWRhdGEtYnJlYWNoLWhhY2tlZC1waGlzaGluZy8xMDQxOTc2MTAwMi8iPjxoMSBjbGFzcz0iZ250X2FyX2hsIiBlbGVtZW50dGltaW5nPSJhci1oZWFkbGluZSI-VWJlciBzYXlzIHNlcnZpY2VzIGFyZSBvcGVyYXRpb25hbCBmb2xsb3dpbmcgZGF0YSBicmVhY2g8L2gxPjx0aXRsZSBpZD0icGxheV90ZWFscGxheWVyX3N2ZyI-UGxheTwvdGl0bGU-PHRpdGxlIGlkPSJwYXVzZV90ZWFscGxheWVyX3N2ZyI-UGF1c2U8L3RpdGxlPjx0aXRsZSBpZD0ibXV0ZV90ZWFscGxheWVyX3N2ZyI-U291bmQgT248L3RpdGxlPjx0aXRsZSBpZD0idW5tdXRlX3RlYWxwbGF5ZXJfc3ZnIj5Tb3VuZCBPZmY8L3RpdGxlPjx0aXRsZSBpZD0iY2xvc2VkQ2FwdGlvbl90ZWFscGxheWVyX3N2ZyI-Q2xvc2VkQ2FwdGlvbjwvdGl0bGU-PHRpdGxlIGlkPSJzaGFyZV90ZWFscGxheWVyX3N2ZyI-T3BlbiBTaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJmdWxsc2NyZWVuX3RlYWxwbGF5ZXJfc3ZnIj5FbnRlciBGdWxsIFNjcmVlbjwvdGl0bGU-PHRpdGxlIGlkPSJleGl0RnVsbHNjcmVlbl90ZWFscGxheWVyX3N2ZyI-RXhpdCBGdWxsIFNjcmVlbjwvdGl0bGU-&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjE1&n3pc=true
Request Chain 188
  • https://redirector.gvt1.com/videoplayback/id/c85a85186257962e/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1663629284/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/490F69B6CCAA1DC75BFF2AE664CC5716F3FE8AF8.514903D1FB3E81264812045D41DA3A5B5EA8DBB9/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-quxapm-3c2l.gvt1.com/videoplayback/id/c85a85186257962e/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1663629284/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/0254051BBF52B23CFBE5462E56B854476CECA1D1.252DBEB7BFB26665F257639098F43A21AABBE6F5/key/cms1/cms_redirect/yes/mh/Be/mip/2607:5300:60:7867::15/mm/28/mn/sn-quxapm-3c2l/ms/nvh/mt/1663607259/mv/u/mvi/1/pl/32/file/file.mp4
Request Chain 223
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891274L-O-FVDG
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIy_ImZ29TXFo-TRZ9kgidY&google_cver=1
Request Chain 226
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902
Request Chain 227
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9f3abfbb-69b7-48a9-9a3f-979dc96f1a25
Request Chain 228
  • https://ce.lijit.com/merge?pid=42&3pid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 232
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=51e7f96a-26b9-4eec-b7be-9c878bdcd9d8
Request Chain 233
  • https://id5-sync.com/s/464/9.gif?puid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F464%2F2%2F6%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/2/6/2.gif?puid=3652634210590589388&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOgiGvfEYZj0N-vMIxZL3_q7439OM9ekqVfq7V8g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/5/3.gif?puid=f2d76328-a383-4c00-8626-2af3546de117&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=9f3abfbb-69b7-48a9-9a3f-979dc96f1a25&ttl=%%TTL%% HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F3%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/429/3/5.gif?puid=2CEDD11A-7AAA-4725-B4BE-19216827D34E&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/464/434/2/6.gif?puid=4a95cd8e-2285-41e0-ba7a-cd7037ff5897&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/1/7.gif?puid=4721a8b0-9d82-4313-ad7e-90db194e7fe7&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F0%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F0%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/0/8.gif?puid=E9061D50A785F35D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOgiGvfEYZj0N-vMIxZL3_q7439OM9ekqVfq7V8g
Request Chain 234
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=taboola&bsw=2fc1ffe9-f839-4cfc-877f-9f8c295f1968 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=taboola&bsw=2fc1ffe9-f839-4cfc-877f-9f8c295f1968&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=MTI0M2NiMmY0NjM5YmRh&gdpr=0&gdpr_consent=&us_privacy=&ssp=taboola&bsw_param=2fc1ffe9-f839-4cfc-877f-9f8c295f1968 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2fc1ffe9-f839-4cfc-877f-9f8c295f1968
Request Chain 235
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1cc87faf-cdbd-43a7-a158-081f5ef04f5b HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1cc87faf-cdbd-43a7-a158-081f5ef04f5b&tbid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&query=taboola_hm%3D1cc87faf-cdbd-43a7-a158-081f5ef04f5b&isDirect=0
Request Chain 240
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=WNOpMrZBRChLAc_rtzvVMJU4mbo
Request Chain 241
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2fc1ffe9-f839-4cfc-877f-9f8c295f1968&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 243
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=f97cf699-9575-0c19-3690-36c4f0f99da4
Request Chain 262
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=4a95cd8e-2285-41e0-ba7a-cd7037ff5897&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=r9iIQHpUwJEj
Request Chain 263
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=f2d76328-a383-4c00-8626-2af3546de117
Request Chain 264
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=themediagrid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=WNOpMrZBRChLAc_rtzvVMJU4mbo&user_group=1&ssp=themediagrid
Request Chain 265
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=997336234403908317
Request Chain 266
  • https://colossusssp.com/?c=o&m=cookie HTTP 302
  • https://sync.colossusssp.com/hms.gif HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=9um7azn&ttd_tpi=1 HTTP 302
  • https://sync.colossusssp.com/td.gif?puid=9f3abfbb-69b7-48a9-9a3f-979dc96f1a25&ttl=1666199687 HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=562060&ev=1&us_privacy=[us_privacy]&rurl=https%3A%2F%2Fsync.colossusssp.com/pp.gif?puid=cf74e5be-4fbf-4459-8380-1a2b0150b2f3 HTTP 302
  • https://sync.colossusssp.com/pp.gif?puid=cf74e5be-4fbf-4459-8380-1a2b0150b2f3&ev=1&us_privacy=[us_privacy]&pid=562060 HTTP 302
  • https://ib.adnxs.com/getuid?https://sync.colossusssp.com/ap.gif?puid=$UID HTTP 302
  • https://sync.colossusssp.com/ap.gif?puid=3652634210590589388 HTTP 302
  • https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]=&us_privacy=[CCPA]&redirectUri=cf74e5be-4fbf-4459-8380-1a2b0150b2f3
Request Chain 267
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=092ac5c683&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=9f3abfbb-69b7-48a9-9a3f-979dc96f1a25&pubid=092ac5c683 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=4a95cd8e-2285-41e0-ba7a-cd7037ff5897 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4721a8b0-9d82-4313-ad7e-90db194e7fe7%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9f3abfbb-69b7-48a9-9a3f-979dc96f1a25&ttd_puid=4721a8b0-9d82-4313-ad7e-90db194e7fe7%2C
Request Chain 268
  • https://sofia.trustx.org/push_sync?us_privacy=1--- HTTP 302
  • https://sofia.trustx.org/ul_cb/push_sync?us_privacy=1--- HTTP 302
  • https://nep.advangelists.com/xp/user-sync?acctid=418&redirect=https%3A%2F%2Fsofia.trustx.org%2Fsync%3Ftp_id%3D21%26tp_uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sofia.trustx.org/sync?tp_id=21&tp_uid=av-f3b027bc-8920-4a42-8b65-7262457844bd
Request Chain 269
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=sonobi&ssp_uuid=2fc1ffe9-f839-4cfc-877f-9f8c295f1968 HTTP 302
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sonobi&ssp_uuid=2fc1ffe9-f839-4cfc-877f-9f8c295f1968 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=sonobi&user_id=ff847792-f3d0-4fdc-8650-2451717fc86d HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=2fc1ffe9-f839-4cfc-877f-9f8c295f1968

277 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ZUv10TUi4A
t.co/ 		438 B
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/ZUv10TUi4A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
248
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 17:14:41 GMT
expires
Mon, 19 Sep 2022 17:19:41 GMT
server
tsa_b
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
0ae3e06136402682c20ba6744081aa936f28c8252f063ee0eea0a3dbb4f26d97
x-response-time
19
x-xss-protection
0
Primary Request /
www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/ 		157 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Requested by
Host: t.co
URL: https://t.co/ZUv10TUi4A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ece6bb68f58dc2e38e1995e2d34566679c5126ea21d40dba61308655c7e4e7e3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
88702
cache-control
no-store
content-encoding
br
content-length
49955
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
content-security-policy-report-only
script-src https: blob: 'unsafe-inline' 'unsafe-eval' 'self';base-uri 'self';report-uri https://reporting-api.gannettinnovation.com;report-to default
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 19 Sep 2022 17:14:42 GMT
etag
W/"2c4cf-bwE+/E/g4FI9m6Uc2B5lJiKiwvg"
feature-policy
camera 'none';display-capture 'none';geolocation 'none';microphone 'none';payment 'none';usb 'none';xr-spatial-tracking 'none'
link
<https://www.usatoday.com/tangstatic/svg/weather/6-q1a2z336db9d4f.svg>;rel=preload;as=image;nopush
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
origin-agent-cluster
?1
permissions-policy
camera=(),display-capture=(),geolocation=(),microphone=(),payment=(),usb=(),xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
strict-transport-security
max-age=63072000
vary
Accept-Encoding,User-Agent
x-cache
HIT, HIT
x-content-type-options
nosniff
x-frame-options
deny
x-timer
S1663607682.061179,VS0,VE2
x-xss-protection
1; mode=block
6-q1a2z336db9d4f.svg
www.usatoday.com/tangstatic/svg/weather/ 		782 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usatoday.com/tangstatic/svg/weather/6-q1a2z336db9d4f.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6e8a6be1ddac59b849eb4bb2650b704fb768f1a99ff0292673432479ba48d99a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
last-modified
Tue, 09 Aug 2022 13:19:04 GMT
age
3553908
date
Mon, 19 Sep 2022 17:14:42 GMT
vary
Accept-Encoding
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/svg+xml
cache-control
public, immutable, max-age=315360000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache
HIT, HIT
strict-transport-security
max-age=63072000
accept-ranges
bytes
x-timer
S1663607682.097109,VS0,VE1
content-length
411
/
user.usatoday.com/USAT-GUP/user/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://user.usatoday.com/USAT-GUP/user/
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b89b190864a00a703d811ad74ed1d90d9f853d7fa1adfc96b1969d4734f747bd
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://login.usatoday.com/
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://login.usatoday.com/

Request headers

Referer
https://www.usatoday.com/
Origin
https://www.usatoday.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://login.usatoday.com/
via
1.1 varnish
x-content-type-options
nosniff
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache
MISS
x-cache-hits
0
content-length
1053
x-served-by
cache-yul12832-YUL
referrer-policy
same-origin
server
nginx
x-frame-options
ALLOW-FROM https://login.usatoday.com/
date
Mon, 19 Sep 2022 17:14:42 GMT
vary
Origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials
true
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:14:42 GMT
pbjsandwich-q1a2z3d1e3c40a.min.js
www.usatoday.com/tangstatic/js/ 		327 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bee20447aa0e1293049d65c522a290c718d0d93ba582f9aabb391ad2e1187ac0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
272619
x-cache
HIT, HIT
strict-transport-security
max-age=63072000
content-length
89520
last-modified
Fri, 16 Sep 2022 13:30:35 GMT
x-timer
S1663607682.105859,VS0,VE1
date
Mon, 19 Sep 2022 17:14:42 GMT
vary
Accept-Encoding
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/javascript
cache-control
public, immutable, max-age=315360000
accept-ranges
bytes
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Sep 2022 16:40:14 GMT
via
1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront), 1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:32 GMT
server
AmazonS3
age
2069
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
IAD89-C3, EWR52-C2
content-encoding
gzip
x-amz-cf-id
Am8Kr-a_3VGlQ6EGykotmEAchJC8EtNbAiRA1YNoxsPrJOeoICOXVw==
iasPET.1.js
static.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/iasPET.1.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:8800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
UWTIHcIBCTlOhfqinKDA9NwqhFA8.Ocb
content-encoding
gzip
etag
W/"51636de3ce868a2172f9e6996c2934e0"
age
452076
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Jun 2021 13:42:44 GMT
server
AmazonS3
date
Wed, 14 Sep 2022 11:40:07 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 4e2a7874b5959279490dd3b94b18a312.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
ZfhVVC92inlmn1M1jpBeCbZIptfTRjgjMC4GF7MIfvJoaIu33Op3qA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a479b211f35206e9f4d8eb83aa63aaa7c76f00f86c30d589631b32c3fc42042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27884
x-xss-protection
0
server
sffe
etag
"1338 / 928 of 1000 / last-modified: 1663585712"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 19 Sep 2022 17:14:42 GMT
config.js
confiant-integrations.global.ssl.fastly.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/ 		111 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/config.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ceba4d461c9ed764d77585e64ab6d5776577854523e21a1422a0c4701e7a3b69

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:14:42 GMT
Content-Encoding
gzip
Age
505
X-Cache
HIT
Connection
keep-alive
Content-Length
27824
x-amz-id-2
wQ3k3aYlSInX08Wv5Ufgl6Lf67nHtcxkO5ZOppxW4/TBoM3q3prLJTnTP1FPSUD2cRzVsv7Y/lQ=
X-Served-By
cache-yul12827-YUL
Last-Modified
Mon, 19 Sep 2022 16:40:31 GMT
Server
AmazonS3
X-Timer
S1663607682.146993,VS0,VE0
ETag
"5dca34c01bb6d10d760ac2357e1cf67d"
x-amz-request-id
TJDC0R7JY0WHF77V
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
16
main-q1a2z3ec888503.min.js
www.usatoday.com/tangstatic/js/ 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/tangstatic/js/main-q1a2z3ec888503.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba390a736698135d0c3c8dc84b37c04887ad263fbc5ade658888ca74b9cb59e5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
247957
x-cache
HIT, HIT
strict-transport-security
max-age=63072000
content-length
29576
last-modified
Fri, 16 Sep 2022 20:21:12 GMT
x-timer
S1663607682.106772,VS0,VE1
date
Mon, 19 Sep 2022 17:14:42 GMT
vary
Accept-Encoding
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/javascript
cache-control
public, immutable, max-age=315360000
accept-ranges
bytes
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1DD2) /
Resource Hash
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:14:42 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
73
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
29220
x-tw-cdn
VZ
Last-Modified
Wed, 31 Aug 2022 20:41:50 GMT
Server
ECS (nyb/1DD2)
Etag
"f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
loader.js
cdn.taboola.com/libtrc/usatodaydemo/ 		1 MB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e0b8168c8f161da80b731b5602cb3752c3505182c171dfe5336850075880e2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
tJUhQsRqtkdienesJxpAs_4xyUYT2Xai
content-encoding
gzip
age
1586
via
1.1 varnish
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
16
content-length
69017
x-amz-id-2
PdgvxCPjOa18FUZZ3W5Hw7bTWe7TpoPkykr4tnZhBr6vQx1F6ANeUfwJ496hI577WlLdvWnZym4=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 19 Sep 2022 16:30:52 UTC
server
nginx
x-timer
S1663607682.149260,VS0,VE0
etag
"eba1708eb492cde5c3517d6b586d94e2aebb3cc6"
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
T1G5FQ9246GN4YB3
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
date
Mon, 19 Sep 2022 17:14:42 GMT
abp
18
x-cache-hits
2
controls-a6bac614.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/controls-a6bac614.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60fe545b3bf07b8dd89fe466a0cf2bc3bcc60508ef6c6d2e3544b490c8cdd2ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=wLQRnQ==, md5=YMf2QhBfHKLSoii8MD1ZWA==
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
13236979
x-amz-meta-goog-reserved-file-mtime
1634665282
x-guploader-uploadid
ADPycdt6LFMUB3U1KceMrR2kEtUmZA7WKxlkH4yqJdRoNGSE_jPDqH2bccFmgvxdeHa2_YLVleBQYAEGuolIqDVv4a0
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
4568
last-modified
Tue, 19 Oct 2021 17:42:23 GMT
x-timer
S1663607682.107153,VS0,VE1
etag
"60c7f642105f1ca2d2a228bc303d5958"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
share-4cfe2242.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/share-4cfe2242.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66d804a1bf1e9a9d5b2f423a246a65f57a6236f07fd0ef7f4d23c8b995eab7f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=cxDZMA==, md5=jtLFhZ5z65gIBTe3OYWalg==
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
16197328
x-amz-meta-goog-reserved-file-mtime
1618514148
x-guploader-uploadid
ADPycdsiPA0I2CEK0bwqbRq7xltZLKjlR2aNJ7cIba1RfgKtc4wGAMdB6a8MZ8HAnbvHWZPWDqVESJiVMLvd23kDR5Q
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
2648
last-modified
Thu, 15 Apr 2021 19:16:48 GMT
x-timer
S1663607682.107148,VS0,VE1
etag
"8ed2c5859e73eb98080537b739859a96"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
tealplayer-4a52fd5f.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/tealplayer-4a52fd5f.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1612b60f989de0a97671f56dd902f2c588750f09e2918c22f2f39791ff560d6d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=BtBU1g==, md5=pnC9YBnvMLUzyuD+/La+5A==
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
br
vary
Accept-Encoding
content-type
text/javascript
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
4076056
x-amz-meta-goog-reserved-file-mtime
1658319893
x-guploader-uploadid
ADPycdtEIAqD_VbO_KiYIn4hmq23aAjKlOsIsJyljfgrCiyxPx5QhTCrq5HK9EOf_4MKNFLi0lpFnFmpJfjMHErvvk7WBw
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
6178
last-modified
Wed, 20 Jul 2022 12:25:45 GMT
x-timer
S1663607682.107123,VS0,VE1
etag
"a670bd6019ef30b533cae0fefcb6bee4"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-generation
1658319945017120
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
x-goog-stored-content-length
6178
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
teal-comscore-f1701de9.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/teal-comscore-f1701de9.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
205921d4b8c37e9533528462950ba51ce45191e5ca94e7af31fb341e1592503c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=xg6Wig==, md5=ITqSdMH5Zz7qPS1D2oJ9Nw==
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
13936559
x-amz-meta-goog-reserved-file-mtime
1564771659
x-guploader-uploadid
ADPycdsa0pbSNYrSrR2ExnK56KWFeYSlOcPV7bRvP86Itd0ccgmD9U7yrIwOhuhTXO4wiz6NHsgpCaDuYdlmmL2tNb4
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
646
last-modified
Fri, 02 Aug 2019 18:49:08 GMT
x-timer
S1663607682.107131,VS0,VE1
etag
"213a9274c1f9673eea3d2d43da827d37"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
teal-gcianalytics-102aa282.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/teal-gcianalytics-102aa282.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
139ed1e4e05d314894b9ac6d42f352b8c81de7785bda5d0a0a554410d56513cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=2w5QRw==, md5=3/TptPk8DKL8umczGH1n3w==
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
br
vary
Accept-Encoding
content-type
text/javascript
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
3499059
x-amz-meta-goog-reserved-file-mtime
1654016067
x-guploader-uploadid
ADPycdtvmUpOjc9wSmFvj5jYtgX1hGKE7LdNQBsEjWOG9uHUZYjEQWWCLbB-exaYeSeF4fLPZb6Dxe4DjKfAzz_dNDH2f0BJtjM-
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
1152
last-modified
Tue, 31 May 2022 16:55:12 GMT
x-timer
S1663607682.108751,VS0,VE0
etag
"dff4e9b4f93c0ca2fcba6733187d67df"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-generation
1654016112893496
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
x-goog-stored-content-length
1152
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
teal-hls-aa645eb8.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/teal-hls-aa645eb8.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40a3b348ffce5e680fa64715fd255db4f2aca4c828ab4c9ba1b92862c3a2d891
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=Fqu/dw==, md5=m4pGkNugXKBeamykpvKNDA==
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
br
vary
Accept-Encoding
content-type
text/javascript
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
3564737
x-amz-meta-goog-reserved-file-mtime
1610471101
x-guploader-uploadid
ADPycdv_s9ohpjBRHsE8v4fjK3XLXeNfbTp4Y3t6OVpwW31QLSfmROUtw-Ho2JWN0-Rv3oIqxFt8k6mGQ_WAVgayowkVQO7OMCwf
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
628
last-modified
Tue, 12 Jan 2021 17:06:00 GMT
x-timer
S1663607682.108121,VS0,VE1
etag
"9b8a4690dba05ca05e6a6ca4a6f28d0c"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-generation
1610471160680516
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
x-goog-stored-content-length
628
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
teal-parsely-9e946b2b.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/teal-parsely-9e946b2b.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97e6939bd37c94f8532ab3151190b0ba154c1932437b3ad86cde2e5e9c6439ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=1gxR9w==, md5=vjf6NJHtMFWJ9vsQXsCEBQ==
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
13861621
x-amz-meta-goog-reserved-file-mtime
1621967392
x-guploader-uploadid
ADPycdvpEuF9CZWoDkb02LN9C44VX1yIdiUDSH1IOizuM6Ve2B-SxaoURsV2fAUwlW2pjnDPKpypyEv1W8tJeZTVles
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
628
last-modified
Tue, 25 May 2021 18:31:00 GMT
x-timer
S1663607682.108064,VS0,VE0
etag
"be37fa3491ed305589f6fb105ec08405"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
encore-04455b51.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/encore-04455b51.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fca848faee8095a7b1dcc41981d0cd0ebd285e3f06c5ed4e7b1c9d4b17f2d157
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=BmSnxA==, md5=fJQ/RMct/wm4cDRV7Djf3g==
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
20860078
x-amz-meta-goog-reserved-file-mtime
1624892222
x-guploader-uploadid
ADPycdufGiEDC5oeVfwfBWkUAyZQlZn_BvxeioCoJbcY9isMMQjZdRDoOsrXk_Jw7ighisotECaf3Z1uAGaoF-EKRmoWrd8_Pg
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
1340
last-modified
Mon, 28 Jun 2021 14:58:08 GMT
x-timer
S1663607682.107436,VS0,VE1
etag
"7c943f44c72dff09b8703455ec38dfde"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
teal-ima-94d3c4f7.min.js
www.usatoday.com/gannett-web/apps/teal/dist/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/teal-ima-94d3c4f7.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5b4318b593211376d1911f208751f1c90ce53c0121c46202de0a79bebce959e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=5RaMGQ==, md5=HOZ5WqlB3NVMoFnCa8hHLQ==
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
br
vary
Accept-Encoding
content-type
text/javascript
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
4075899
x-amz-meta-goog-reserved-file-mtime
1658319892
x-guploader-uploadid
ADPycdvWM5Cry1_X6V99n2iMuLKdllPKI424hlJtjCCl1yJ6_1boRI3P9uBFsCL5K4LjxKMijM0T1dWeABIMH3_mWy76Yg
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
3242
last-modified
Wed, 20 Jul 2022 12:25:43 GMT
x-timer
S1663607682.115573,VS0,VE1
etag
"1ce6795aa941dcd54ca059c26bc8472d"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-generation
1658319943513098
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
x-goog-stored-content-length
3242
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
1080p_30fps,720p_30fps,480p_30fps,master.m3u8
hlsmedia.gannett-cdn.com/authoring/video-renditions/acdaa0e2-46de-4532-a457-f882f64f05ab/7aa7f1b0-988e-4d71-a586-8062369bd120/ 		733 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hlsmedia.gannett-cdn.com/authoring/video-renditions/acdaa0e2-46de-4532-a457-f882f64f05ab/7aa7f1b0-988e-4d71-a586-8062369bd120/1080p_30fps,720p_30fps,480p_30fps,master.m3u8?subtitles=8764973002
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
9256207262db320310e9e194b9174e6e26c21b6e474fc1b22ebcce71526c08a0

Request headers

Referer
https://www.usatoday.com/
Origin
https://www.usatoday.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 varnish, 1.1 varnish
server
otfp
age
79323
etag
"xZQKZUN70KmJYvC8IUN4YuIV-2aGUwF_KoeM4tU2kMnaOXv2ScpGDozKC1_oJQZIQX5B_2CezA-kOcYc7yyfxQ50VzwBNNNxeQ17uP-dnGcCrAS2DcNfUwft7GIzeTikXyDiC38zwh8"
x-served-by
cache-iad-kcgs7200079-IAD, cache-yul12828-YUL
x-cache
HIT, HIT
content-type
application/x-mpegurl
access-control-allow-origin
*
fastly-stats
otfp=1
accept-ranges
bytes
x-timer
S1663607682.149315,VS0,VE1
content-length
733
x-cache-hits
2, 1
hls.0.14.9.min.js
www.usatoday.com/gannett-web/apps/teal/dist/vendor/hls/ 		234 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/vendor/hls/hls.0.14.9.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6ab3d025d76e18b3c5b3eaf86c8c64151f1ce4348244650c9a229d45316a9b3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=04gOQQ==, md5=j9vq4UIMZ0WSKC7Zx+/S4g==
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
21014702
x-amz-meta-goog-reserved-file-mtime
1618514148
x-guploader-uploadid
ADPycds14xAggtVU6cs-gbvl5NIklVpa2xuxCFTPdPCn2YdPhqjgNbC-n58qkihTVVQz3kSszQpPgII1CFXw9x62PkQmoSRMDQ
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
60647
last-modified
Thu, 15 Apr 2021 19:16:55 GMT
x-timer
S1663607682.115560,VS0,VE1
etag
"8fdbeae1420c674592282ed9c7efd2e2"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
streamsense-5.1.1.160316.min.js
www.usatoday.com/gannett-web/apps/teal/dist/vendor/comscore/ 		88 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/vendor/comscore/streamsense-5.1.1.160316.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5e0f3e088896d15c5b2d1a0396fe84159eeee608a535c6f4e62992c927e8434f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=0ca1vg==, md5=oMYFmalRKmTWyqkSbPV95A==
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
br
vary
X-AltUrl,Accept-Encoding
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
12652181
x-amz-meta-goog-reserved-file-mtime
1564523890
x-guploader-uploadid
ADPycds9rdF2lZZbdPcyBaYE6JoqFxR98skum5u8JS4xj9MRs_3_x1GcmAaclyzLnSqJUPDIMp6lSnuklpMWsMCA_TmIr4uNmg
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
14269
last-modified
Tue, 30 Jul 2019 21:59:07 GMT
x-timer
S1663607682.115544,VS0,VE1
etag
"a0c60599a9512a64d6caa9126cf57de4"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
ias-3.5.1.min.js
www.usatoday.com/gannett-web/apps/teal/dist/vendor/ias/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gannett-web/apps/teal/dist/vendor/ias/ias-3.5.1.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ec7fb38dc02cbe463429e410e7dc633ce5ab60c62c0315a39402594fbea4bf39
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=OSp2gg==, md5=LaiRY8nqOrc6SB1Dm0Q/Kg==
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
br
vary
Accept-Encoding
content-type
text/javascript
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
4677952
x-amz-meta-goog-reserved-file-mtime
1564518562
x-guploader-uploadid
ADPycduW5R0gHrInQUs4g5iHNBvn_Mqui9ymv5IGvULzFpQZuJwWeADTDDY6fpkjjcBeJsa0pXFDIolldv-VhTuwrIDaDWOnCtgi
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
5228
last-modified
Tue, 30 Jul 2019 20:30:37 GMT
x-timer
S1663607682.115545,VS0,VE1
etag
"2da89163c9ea3ab73a481d439b443f2a"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-generation
1564518637785355
access-control-allow-origin
*
cache-control
public, immutable, max-age=315360000
x-goog-stored-content-length
5228
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 17:14:42 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27e83793f50bb31fc8e9fd687a90b7472f979f925993f597db551450c423487a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128538
x-xss-protection
0
expires
Mon, 19 Sep 2022 17:14:42 GMT
8aae3612-a36c-48d4-b654-ae0ed8cb1bac-VPC_RIDESHARE_PRICES.jpg
www.gannett-cdn.com/presto/2021/11/26/USAT/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2021/11/26/USAT/8aae3612-a36c-48d4-b654-ae0ed8cb1bac-VPC_RIDESHARE_PRICES.jpg?width=660&height=371&fit=crop&format=pjpg&auto=webp
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
16fe769b2edcb8b600e58c0907b8275182c09fc886c265681b94d50a56adb5ad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=zhYOfg==, md5=tP8Kn1iB9Fu2nAW8BbrSOA==
date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 varnish, 1.1 varnish
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
3433509
x-guploader-uploadid
ADPycdtippw-Vcpb0SS68jydDh14Rj1oNJaLIcbNZbZGVT-599OBwHVDtJgQr45DIqOizJOLRtHqZgNYVhMaXt6idT4olA
x-cache
HIT, HIT
fastly-io-info
ifsz=403808 idim=1080x1080 ifmt=jpeg ofsz=22194 odim=660x371 ofmt=webp
x-goog-storage-class
NEARLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
22194
x-served-by
cache-iad-kjyo7100023-IAD, cache-yul12832-YUL
vcl_data
4teo2sTrkRpe2BJzz4IyqE.277_19-e95cb5ef2212fd9d1b5de488fdb8074b
server
UploadServer
x-timer
S1663607682.150095,VS0,VE1
etag
"P4pbpV8lehpskBUoHzhpRBpdx4KZ4TWdwyspY/RMbb0"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
x-goog-generation
1637940054220348
expires
Wed, 10 Aug 2022 23:29:32 GMT
cache-control
max-age=2592000
x-goog-stored-content-length
403808
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 1
global-q1a2z3u1EuDuIBXGXnOmbqtWCTVvNO2Xs.min.json
www.usatoday.com/ 		13 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/global-q1a2z3u1EuDuIBXGXnOmbqtWCTVvNO2Xs.min.json
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ebb6c50cb9844218a00fa4978bbf426284ce5be59dc100d817decce4a443aa31
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Origin
https://www.usatoday.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
256136
content-security-policy-report-only
script-src https: blob: 'unsafe-inline' 'unsafe-eval' 'self';base-uri 'self';report-uri https://reporting-api.gannettinnovation.com;report-to default
x-cache
HIT, HIT
date
Mon, 19 Sep 2022 17:14:42 GMT
cross-origin-resource-policy
same-origin
vary
Accept-Encoding
content-length
2715
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-timer
S1663607682.115505,VS0,VE1
x-frame-options
deny
etag
W/"u1EuDuIBXGXnOmbqtWCTVvNO2Xs"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
cache-control
public,immutable,max-age=315360000
feature-policy
camera 'none';display-capture 'none';geolocation 'none';microphone 'none';payment 'none';usb 'none';xr-spatial-tracking 'none'
permissions-policy
camera=(),display-capture=(),geolocation=(),microphone=(),payment=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9efb51af16021c2c2818c91225e5e954c3a11b7affd7e2935b9ef7d9053e4e22

Request headers

Referer
Origin
https://www.usatoday.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
091322_USAT40th
cm.usatoday.com/nanobar/ Frame F744 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.usatoday.com/nanobar/091322_USAT40th
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors https://usatoday.com https://*.usatoday.com https://*.gannettdigital.com https://*.usatodaynetworkservice.com https://*.usatodaynetwork.com 'self';default-src 'none';script-src 'unsafe-inline';style-src 'unsafe-inline';worker-src 'none';style-src-elem 'unsafe-inline';connect-src https://reporting-api.gannettinnovation.com https://api.parsely.com;font-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';img-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com https://images.parsely.com data: 'self';prefetch-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';form-action https://*.usatoday.com 'self' 'unsafe-hashes';sandbox allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms;report-sample;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
339135
cache-control
public, max-age=3600, stale-while-revalidate=7200
content-encoding
gzip
content-length
17296
content-security-policy
upgrade-insecure-requests;frame-ancestors https://usatoday.com https://*.usatoday.com https://*.gannettdigital.com https://*.usatodaynetworkservice.com https://*.usatodaynetwork.com 'self';default-src 'none';script-src 'unsafe-inline';style-src 'unsafe-inline';worker-src 'none';style-src-elem 'unsafe-inline';connect-src https://reporting-api.gannettinnovation.com https://api.parsely.com;font-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';img-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com https://images.parsely.com data: 'self';prefetch-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';form-action https://*.usatoday.com 'self' 'unsafe-hashes';sandbox allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms;report-sample;report-uri https://reporting-api.gannettinnovation.com;report-to default
content-type
text/html
cross-origin-resource-policy
same-site
date
Mon, 19 Sep 2022 17:14:42 GMT
etag
"f675d8bffcddf0c455aad689e5f35226"
expires
Thu, 15 Sep 2022 19:02:27 GMT
feature-policy
autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
last-modified
Thu, 15 Sep 2022 18:28:49 GMT
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
origin-agent-cluster
?1
permissions-policy
autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
strict-transport-security
max-age=63072000;includeSubDomains;preload
timing-allow-origin
*
vary
X-AbVariant,Accept-Encoding
x-cache
HIT, HIT
x-content-type-options
nosniff
x-goog-generation
1663266529645394
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
29741
x-robots-tag
noindex
x-timer
S1663607682.255436,VS0,VE0
x-xss-protection
1;mode=block
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.usatoday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.usatoday.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
bid-request
a.teads.tv/hb/ 		16 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.77.192 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-77-192.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 19 Sep 2022 17:14:42 GMT
translator
hbopenbid.pubmatic.com/ 		0
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.99 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.usatoday.com
date
Mon, 19 Sep 2022 17:14:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
712 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:42 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
94804f1e-9f5c-4245-a647-3ff8a22b9d2c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.usatoday.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
gannett-d.openx.net/w/1.0/ 		190 B
392 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gannett-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=41a60374-5e12-471d-b76f-2af196e79b8a%2C41a60374-5e12-471d-b76f-2af196e79b8a%2C52b827eb-5847-4105-8d6f-eb5bb30a4988%2Cd1c104a2-951a-4929-a860-a6071b6de6ec%2Cd2a4e0bf-4ee6-458a-98dd-0551aad41eb4%2Cd7cb3226-d5aa-4cd8-8f7a-a183882d3040%2Cd7cb3226-d5aa-4cd8-8f7a-a183882d3040%2C59c7e5e4-c6d2-43b1-80a7-99894cc404a7%2C59c7e5e4-c6d2-43b1-80a7-99894cc404a7%2C08e3af5b-5593-48d9-9390-a03ce61bf1e3%2C08e3af5b-5593-48d9-9390-a03ce61bf1e3%2C5c2b0cd0-2e5a-4ec1-9915-42f10f0f904f%2C5c2b0cd0-2e5a-4ec1-9915-42f10f0f904f%2C0cf5274f-1f4e-4aa9-bdaf-4f12558eea3a%2C0cf5274f-1f4e-4aa9-bdaf-4f12558eea3a%2Cd09af16c-32a1-48ea-ab73-051311ae40a8&nocache=1663607682297&us_privacy=1---&aus=970x250%2C728x90%7C970x250%2C728x90%7C640x360%2C300x250%2C3x3%7C640x360%2C300x250%2C3x3%7C640x360%2C300x250%2C3x3%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C728x90&divids=ad-slot-7103-usatoday-high_impact-tech-1%2Cad-slot-7103-usatoday-high_impact-tech-1%2Cad-slot-7103-usatoday-native-article_link-tech-2%2Cad-slot-7103-usatoday-native-article_link-tech-3%2Cad-slot-7103-usatoday-native-article_link-tech-4%2Cad-slot-7103-usatoday-poster-tech-5%2Cad-slot-7103-usatoday-poster-tech-5%2Cad-slot-7103-usatoday-poster_scroll-tech-6%2Cad-slot-7103-usatoday-poster_scroll-tech-6%2Cad-slot-7103-usatoday-poster_scroll-tech-7%2Cad-slot-7103-usatoday-poster_scroll-tech-7%2Cad-slot-7103-usatoday-poster_scroll-tech-8%2Cad-slot-7103-usatoday-poster_scroll-tech-8%2Cad-slot-7103-usatoday-poster_scroll-tech-9%2Cad-slot-7103-usatoday-poster_scroll-tech-9%2Cad-slot-7103-usatoday-leaderboard_btf-tech-10&aucs=%252F7103%252Fusatoday%252Fhigh_impact%252Ftech%25231%2C%252F7103%252Fusatoday%252Fhigh_impact%252Ftech%25231%2C%252F7103%252Fusatoday%252Fnative-article_link%252Ftech%25232%2C%252F7103%252Fusatoday%252Fnative-article_link%252Ftech%25233%2C%252F7103%252Fusatoday%252Fnative-article_link%252Ftech%25234%2C%252F7103%252Fusatoday%252Fposter%252Ftech%25235%2C%252F7103%252Fusatoday%252Fposter%252Ftech%25235%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25236%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25236%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25237%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25237%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25238%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25238%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25239%2C%252F7103%252Fusatoday%252Fposter_scroll%252Ftech%25239%2C%252F7103%252Fusatoday%252Fleaderboard_btf%252Ftech%252310&auid=538809158%2C540401029%2C538809142%2C538809142%2C538809142%2C538809142%2C538809143%2C538809142%2C538809143%2C538809142%2C538809143%2C538809142%2C538809143%2C538809142%2C538809143%2C540401029
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
98d66f4c1ff156a284b56712f7b5ec43354455fcd74876ff14f8866a08ee15aa

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.usatoday.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
gannett-d.openx.net/v/1.0/ 		106 B
508 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gannett-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=97584a76-8095-45f8-bd04-4e6420abf370&nocache=1663607682298&us_privacy=1---&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A660%2C%22h%22%3A372%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22maxduration%22%3A120%2C%22minduration%22%3A0%2C%22mimes%22%3A%5B%22application%2Fjavascript%22%2C%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%2C%22application%2Fx-mpegURL%22%2C%22application%2Fdash%2Bxml%22%2C%22video%2Fx-ms-wmv%22%2C%22video%2Fms-asf%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%7D%7D%5D%7D&auid=539725881&vwd=660&vht=372&aucs=%252F7103%252Fusatoday%252Fteal-hero%252Ftech%2523videoSlot1
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.usatoday.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f9313f065cd0bad46c49c3dd21e37a3f85849523a50add419a4215c93a3dcfb8

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
826eb6fd89cc9a145bf795ebd2492ce310c0c6ee452883b2797e91e2983f69dc

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a85fa5244e84ece9c3d45e3786ca80ef5c3946a7770b83e87468c2bd68c957d1

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
220619d699ccee01b954d2fa6d8177c30b111baf8ee815c889bd4ff06b27f6bb

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
db13f1da48f02ff19f07c1031a73680330885d93ad15ee5b95fd4b500e7090d7

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
467 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
74e9e614a8d5225d1321c13d97810c603ab72a89173b76e1152f34349fbfb5f7

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		6 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
502af79ead083bcf7fae91be9a59238a6fc99a45626a6645ef30cb1a779e904c

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
5673
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9a38337a742ad80010c78eb2953df0a4c06b1d617548e69fa86e92e216f915e2

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
91739907e524daae5f172f4ce3567e7102c0312c12bd230a18b512d10e7d6b2a

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6044b69e50a69e4a8a00da98b9f5fab8166b5c691e2696cf5a79b978fb085e7e

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
dc76b265befcb5c01a86ce1456c5007e55b0c7a0ffb630085df35d427a300ab2

Request headers

Referer
https://www.usatoday.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
content-length
66
auction
tlx.3lift.com/header/ 		19 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.2.0&referrer=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&tmax=1600&us_privacy=1---
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.75.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-75-214.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
x-auction-status
12, 12, 12, 12, 12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
trinity.json
apex.go.sonobi.com/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F7103%2Fusatoday%2Fhigh_impact%2Ftech%7C659c9ac7f9f49f8%22%3A%22970x250%2C728x90%7Cgpid%3D%2F7103%2Fusatoday%2Fhigh_impact%2Ftech%231%22%2C%226612dcbf8181497%22%3A%225b547b098fa5cddb73dd%7C%7Cgpid%3D%2F7103%2Fusatoday%2Fteal-hero%2Ftech%23videoSlot1%22%2C%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%7C679dc1d4270fd6f%22%3A%22640x360%2C300x250%2C3x3%7Cgpid%3D%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%232%22%2C%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%7C68c6e89a93eb6d3%22%3A%22640x360%2C300x250%2C3x3%7Cgpid%3D%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%233%22%2C%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%7C69b52a69dc06159%22%3A%22640x360%2C300x250%2C3x3%7Cgpid%3D%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%234%22%2C%22%2F7103%2Fusatoday%2Fposter%2Ftech%7C70ff02db1980233%22%3A%22300x250%2C300x600%7Cgpid%3D%2F7103%2Fusatoday%2Fposter%2Ftech%235%22%2C%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%7C7166cd2c59cb776%22%3A%22300x250%2C300x600%2C300x1050%7Cgpid%3D%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%236%22%2C%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%7C72513b9b91e8405%22%3A%22300x250%2C300x600%2C300x1050%7Cgpid%3D%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%237%22%2C%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%7C73b6084d03fdc24%22%3A%22300x250%2C300x600%2C300x1050%7Cgpid%3D%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%238%22%2C%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%7C74e90b641c71827%22%3A%22300x250%2C300x600%2C300x1050%7Cgpid%3D%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%239%22%2C%22%2F7103%2Fusatoday%2Fleaderboard_btf%2Ftech%7C75ca22e32a43cb1%22%3A%22728x90%7Cgpid%3D%2F7103%2Fusatoday%2Fleaderboard_btf%2Ftech%2310%22%7D&ref=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&s=d15e2f80-735b-4fed-883a-ea1de6a1424d&pv=7e2f532e-c768-47d4-95d8-b9f570b7d419&vp=desktop&lib_name=prebid&lib_v=6.2.0&us=5&fpd=%7B%22site%22%3A%7B%22name%22%3A%22USA%20TODAY%22%2C%22domain%22%3A%22usatoday.com%22%2C%22cat%22%3A%5B%22IAB19%22%5D%2C%22sectioncat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22keywords%22%3A%22uber%2Chacking%2Chacker%2Cride-hailing%2Cdata-breach%2Coverall-negative%2Ccybersecurity%2Ccomputer-crime%2Cdefense-and-cybersecurity%2Ccomputer-security%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22brandsafety%22%3A%5B%22disasters%22%2C%22custom-verizon%22%5D%2C%22section%22%3A%5B%22tech%22%5D%2C%22subsection%22%3A%5B%22%22%5D%7D%7D%7D%7D&ius=0&us_privacy=1---&coppa=0
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d9388fce1bf912dc0112652f55af062d03acb2c93886725982e18d9c6e34d983
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:44 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.usatoday.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
671
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
712 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:42 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
52de1f30-57d3-41c2-8b99-01dc43b0e70f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.usatoday.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
712 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:42 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e6befd4c-c6a4-4d94-8625-f9352e1552c4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.usatoday.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		606 B
579 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.171.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-171-148.compute-1.amazonaws.com
Software
/
Resource Hash
046eebfce83fef685e783dcb3eea2c43b4ef13781c6ec84154b3215f4588a374

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.98.0
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11324&site_id=29970&zone_id=120294&size_id=2%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B2&alt_size_ids=57%3B198%3B198%3B198%3B10%3B10%2C54%3B10%2C54%3B10%2C54%3B10%2C54%3B&p_pos=atf%3Batf%3Batf%3Batf%3Batf%3Batf%3Batf%3Batf%3Batf%3B&us_privacy=1---&rf=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&kw=uber%2Chacking%2Chacker%2Cride-hailing%2Cdata-breach%2Coverall-negative%2Ccybersecurity%2Ccomputer-crime%2Cdefense-and-cybersecurity%2Ccomputer-security&tg_i.name=USA%20TODAY&tg_i.domain=usatoday.com%2Cusatoday.com&tg_i.cat=IAB19&tg_i.page=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&tg_i.brandsafety=disasters%2Ccustom-verizon%2Cdisasters%2Ccustom-verizon&tg_i.section=tech&tg_i.topic=Uber%2CHacking%2CHacker%2Cride-hailing%2CData%20Breach%2COverall%20Negative%2CCybersecurity%2Ccomputer%20crime%2CDefense%20and%20Cybersecurity%2CComputer%20Security&tg_i.dfp_ad_unit_code=7103%2Fusatoday%2Fhigh_impact%2Ftech%231%3B7103%2Fusatoday%2Fnative-article_link%2Ftech%232%3B7103%2Fusatoday%2Fnative-article_link%2Ftech%233%3B7103%2Fusatoday%2Fnative-article_link%2Ftech%234%3B7103%2Fusatoday%2Fposter%2Ftech%235%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%236%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%237%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%238%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%239%3B7103%2Fusatoday%2Fleaderboard_btf%2Ftech%2310&tg_i.pbadslot=7103%2Fusatoday%2Fhigh_impact%2Ftech%231%3B7103%2Fusatoday%2Fnative-article_link%2Ftech%232%3B7103%2Fusatoday%2Fnative-article_link%2Ftech%233%3B7103%2Fusatoday%2Fnative-article_link%2Ftech%234%3B7103%2Fusatoday%2Fposter%2Ftech%235%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%236%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%237%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%238%3B7103%2Fusatoday%2Fposter_scroll%2Ftech%239%3B7103%2Fusatoday%2Fleaderboard_btf%2Ftech%2310&tk_flint=pbjs_lite_v6.2.0&x_source.tid=41a60374-5e12-471d-b76f-2af196e79b8a%3B52b827eb-5847-4105-8d6f-eb5bb30a4988%3Bd1c104a2-951a-4929-a860-a6071b6de6ec%3Bd2a4e0bf-4ee6-458a-98dd-0551aad41eb4%3Bd7cb3226-d5aa-4cd8-8f7a-a183882d3040%3B59c7e5e4-c6d2-43b1-80a7-99894cc404a7%3B08e3af5b-5593-48d9-9390-a03ce61bf1e3%3B5c2b0cd0-2e5a-4ec1-9915-42f10f0f904f%3B0cf5274f-1f4e-4aa9-bdaf-4f12558eea3a%3Bd09af16c-32a1-48ea-ab73-051311ae40a8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=10&rand=0.32789163483102146
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
330f3220f2ea2bfd2c5a8c1556c7287e647d6f16cefd00e30155a132a685892a

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/json
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.2.0&p=%5B%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-high_impact-tech-1%22%2C%22callback_id%22%3A%221107e2ebb97828b1%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fhigh_impact%2Ftech%231%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-native-article_link-tech-2%22%2C%22callback_id%22%3A%22111320ce4fbfe437%22%2C%22sizes%22%3A%5B%5B640%2C360%5D%2C%5B300%2C250%5D%2C%5B3%2C3%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%232%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-native-article_link-tech-3%22%2C%22callback_id%22%3A%2211299d05dabe449b%22%2C%22sizes%22%3A%5B%5B640%2C360%5D%2C%5B300%2C250%5D%2C%5B3%2C3%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%233%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-native-article_link-tech-4%22%2C%22callback_id%22%3A%221138d07c44db651a%22%2C%22sizes%22%3A%5B%5B640%2C360%5D%2C%5B300%2C250%5D%2C%5B3%2C3%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%234%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-poster-tech-5%22%2C%22callback_id%22%3A%221145be28c9e6a3e6%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fposter%2Ftech%235%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-6%22%2C%22callback_id%22%3A%22115c0f4e82c23973%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C1050%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%236%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-7%22%2C%22callback_id%22%3A%22116e4f5a2ffc717e%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C1050%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%237%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-8%22%2C%22callback_id%22%3A%2211706ec9645db9d5%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C1050%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%238%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-9%22%2C%22callback_id%22%3A%2211811ec7fe7ea74a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C1050%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%239%22%7D%2C%7B%22placement_id%22%3A%22ad-slot-7103-usatoday-leaderboard_btf-tech-10%22%2C%22callback_id%22%3A%2211942bf90ab7ee51%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222411744428919038150%22%2C%22gpid%22%3A%22%2F7103%2Fusatoday%2Fleaderboard_btf%2Ftech%2310%22%7D%5D&page_url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&bust=1663607682316&pr=https%3A%2F%2Ft.co%2F&scrd=1&dnt=false&description=A%20data%20breach%20at%20Uber%20puts%20the%20spotlight%20on%20an%20effective%20break-in%20routine%3A%20tricking%20an%20employee%20into%20sharing%20their%20credentials.&title=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=1---
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.236.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-236-203.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.usatoday.com
pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
cdb
bidder.criteo.com/ 		2 KB
740 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=185&av=34&wv=6.2.0&cb=10170716410
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d80606064b258039cd2f53d874ac46d3657f4694a9d34b61d8738a40eabb5c2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
469
/
colossusssp.com/ 		2 B
243 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.122 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.usatoday.com
Date
Mon, 19 Sep 2022 17:14:42 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
232953
search.spotxchange.com/openrtb/2.3/dados/ 		0
810 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/232953?src_sys=prebid
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.142 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:14:43 GMT
x-spotx-timing-transform
0.001958
x-spotx-timing-spotmarket
0.017983
x-spotx-timing-page-require
0.001968
x-fe
121
x-spotx-timing-page-misc
0.008405
x-spotx-timing-page-cookie
0.000006
x-spotx-timing-page
0.038724
pragma
no-cache
x-spotx-timing-page-context
0.000473
last-modified
Mon, 19 Sep 2022 17:14:43 GMT
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary
0.017983
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
x-spotx-timing-page-exception
0.000001
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-uri
0.000019
x-spotx-timing-page-mux
0.007911
access-control-allow-headers
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
hbjson
grid.bidswitch.net/ 		25 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8fe42b160b909de72a6feaa46639efb0ecc5cdf3cdf6172a2b9bfa1d9e078c1e

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 19 Sep 2022 17:14:43 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
cygnus
htlb.casalemedia.com/ 		38 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=196725&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22151d538b6c64d58c%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22name%22%3A%22USA%20TODAY%22%2C%22domain%22%3A%22usatoday.com%22%2C%22cat%22%3A%5B%22IAB19%22%5D%2C%22sectioncat%22%3A%5B%5D%2C%22keywords%22%3A%22uber%2Chacking%2Chacker%2Cride-hailing%2Cdata-breach%2Coverall-negative%2Ccybersecurity%2Ccomputer-crime%2Cdefense-and-cybersecurity%2Ccomputer-security%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22brandsafety%22%3A%5B%22disasters%22%2C%22custom-verizon%22%5D%2C%22section%22%3A%5B%22tech%22%5D%2C%22subsection%22%3A%5B%22%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A8%2C%22ren%22%3Afalse%2C%22version%22%3A%226.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22152c7db447743c12%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A196725%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fhigh_impact%2Ftech%231%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A196725%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fhigh_impact%2Ftech%231%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fhigh_impact%2Ftech%231%22%7D%7D%2C%7B%22id%22%3A%22155482ddfd448b38%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A196728%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter%2Ftech%235%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A196728%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter%2Ftech%235%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter%2Ftech%235%22%7D%7D%2C%7B%22id%22%3A%221574b4765b1e3c8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%236%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%236%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%236%22%2C%22sid%22%3A%22300x1050%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%236%22%7D%7D%2C%7B%22id%22%3A%22160bd2c2c9866932%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%237%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%237%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%237%22%2C%22sid%22%3A%22300x1050%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%237%22%7D%7D%2C%7B%22id%22%3A%22163ae61d4bf52c6e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%238%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%238%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%238%22%2C%22sid%22%3A%22300x1050%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%238%22%7D%7D%2C%7B%22id%22%3A%221661e381725ed0d6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%239%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%239%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22ext%22%3A%7B%22siteID%22%3A196732%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%239%22%2C%22sid%22%3A%22300x1050%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%239%22%7D%7D%2C%7B%22id%22%3A%22169b99afd1ea3e72%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A196727%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fleaderboard_btf%2Ftech%2310%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fleaderboard_btf%2Ftech%2310%22%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28170d61d3a7b7c26262346c2c0ff85fb7f2b72b88af6d633708f894adac8f1f

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuY3Tff%2B5q3S3LM9ugmmor%2B04Mp6BOQPVNkRGKeR351ynX27iWSBC0dkKiACPWp2Sir%2FF5BO5uU%2FWO6xwX1uwEZ03vGd3neZh%2Fm%2FWbSNrUZ4pCG3bl1l0FHB4IeNpEtVRVZ0lMNn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74d3f58f0e0aa244-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
cygnus
htlb.casalemedia.com/ 		38 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=196725&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22151d538b6c64d58c%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22name%22%3A%22USA%20TODAY%22%2C%22domain%22%3A%22usatoday.com%22%2C%22cat%22%3A%5B%22IAB19%22%5D%2C%22sectioncat%22%3A%5B%5D%2C%22keywords%22%3A%22uber%2Chacking%2Chacker%2Cride-hailing%2Cdata-breach%2Coverall-negative%2Ccybersecurity%2Ccomputer-crime%2Cdefense-and-cybersecurity%2Ccomputer-security%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22brandsafety%22%3A%5B%22disasters%22%2C%22custom-verizon%22%5D%2C%22section%22%3A%5B%22tech%22%5D%2C%22subsection%22%3A%5B%22%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A8%2C%22ren%22%3Afalse%2C%22version%22%3A%226.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2215456ee74cba515a%22%2C%22ext%22%3A%7B%22siteID%22%3A239824%2C%22sid%22%3A%221%22%2C%22dfp_ad_unit_code%22%3A%22%2F7103%2Fusatoday%2Fteal-hero%2Ftech%23videoSlot1%22%7D%2C%22video%22%3A%7B%22playerType%22%3A%22HTML5%22%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22mimes%22%3A%5B%22application%2Fjavascript%22%2C%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%2C%22application%2Fx-mpegURL%22%2C%22application%2Fdash%2Bxml%22%2C%22video%2Fms-asf%22%2C%22video%2Fx-ms-wmv%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A120%2C%22linearity%22%3A1%2C%22playerSize%22%3A%5B%5B660%2C372%5D%5D%2C%22placement%22%3A1%2C%22w%22%3A660%2C%22h%22%3A372%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28170d61d3a7b7c26262346c2c0ff85fb7f2b72b88af6d633708f894adac8f1f

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CtzbCyAwnLoq%2BVFOx7K1saCuPQMHi4jHVYZbIAH0ANVz9LJgmZmiFKqVvUdL6sZHBjFpcibec4lzB3faLAfoADwOb954nyJXDQ2iY13jrvZiFEo%2FPsfGsLN7gBggWAj4FqOxSNW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74d3f58f0e10a244-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
8764973002.webvtt.m3u8
hlsmedia.gannett-cdn.com/_captions/ 		148 B
247 B 		Other
General
Check archive.org
Download Go to
Full URL
https://hlsmedia.gannett-cdn.com/_captions/8764973002.webvtt.m3u8
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/main-q1a2z3ec888503.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
794afd020d65d819e404ec6e59d3ca4ce8850c36821ddd79fb53f37d184f395a

Request headers

Referer
https://www.usatoday.com/
Origin
https://www.usatoday.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 varnish, 1.1 varnish
server
otfp
age
79323
x-served-by
cache-iad-kiad7000034-IAD, cache-yul12828-YUL
x-cache
HIT, HIT
content-type
application/x-mpegurl
access-control-allow-origin
*
fastly-stats
otfp=1
accept-ranges
bytes
x-timer
S1663607682.341094,VS0,VE1
content-length
148
x-cache-hits
1, 1
scroll-smart.js
static.scroll.com/js/ 		1 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.scroll.com/js/scroll-smart.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.usatoday.com/
Origin
https://www.usatoday.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 varnish
age
37506
x-guploader-uploadid
ADPycdvJq4vdPd95SFSZ2drE6SogN3m-EfH6nMycj-4jF2GQjUDYSqc76GzaO9NvO7m-5u9pTEeWyQIbIpufHlcyLPfsm1zZstDK
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
content-length
1
x-served-by
cache-yul12823-YUL
last-modified
Mon, 06 Jan 2020 18:21:36 GMT
server
UploadServer
x-timer
S1663607682.388320,VS0,VE0
etag
"68b329da9893e34099c7d8ad5cb9c940"
vary
Origin
x-goog-hash
crc32c=OZ97aQ==, md5=aLMp2piT40CZx9itXLnJQA==
x-goog-generation
1578334896006287
access-control-allow-origin
https://www.usatoday.com
expires
Wed, 03 Aug 2022 06:10:58 GMT
cache-control
public, max-age=0, s-maxage=86400
access-control-allow-credentials
true
x-goog-stored-content-length
1
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
435
main.js
www.usatoday.com/dcjs/prod/ 		135 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/dcjs/prod/main.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/main-q1a2z3ec888503.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3de6ca902e365219c2ffd5ff7a1e7aeff4c58adc609b9a03c2e11c8f6ee1bbd0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Origin
https://www.usatoday.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=eIvo0w==, md5=TPRKdljc0BuA0JD14qe3OQ==
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
248685
x-amz-meta-goog-reserved-file-mtime
1663358974
x-guploader-uploadid
ADPycdubyn_PINOxymfhYMizGTwyY8D6h996R4YFEesunnbFnLbsS-2Le9Lk94a6sojt1QQTPnCGzTVbk0O1DkPf7nfP4Q
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
42176
last-modified
Fri, 16 Sep 2022 20:09:56 GMT
x-timer
S1663607682.343382,VS0,VE1
etag
"4cf44a7658dcd01b80d090f5e2a7b739"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-generation
1663358996450846
access-control-allow-origin
*
cache-control
max-age=3600
x-goog-stored-content-length
137754
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/ 		202 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:14:42 GMT
Content-Encoding
gzip
Age
259042
X-Cache
HIT
Connection
keep-alive
Content-Length
65932
x-amz-id-2
V/KsZeUml9OPtn8DD0LGMUba2pK1GX3V3q+t55b+Hb7VGylg+mTtICNrkG4dWAZ2HsqsYs+quZI=
X-Served-By
cache-yul12827-YUL
Last-Modified
Tue, 06 Sep 2022 17:14:03 GMT
Server
AmazonS3
X-Timer
S1663607682.347433,VS0,VE0
ETag
"ff03fa033abd214ac10b94ea9d102f86"
x-amz-request-id
6YAM0F6YY433SV0Y
Via
1.1 varnish
Cache-Control
public, max-age=864000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
457335
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:37:16 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
27447
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
via
1.1 d873eb6ebbb9da58c373c3c3b1843e76.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
content-type
application/javascript
x-amz-cf-id
XMg9TyxqYemcP0g6r90AAmwSj8pkUC4ewcklDF152rwRPbin42qpfg==
config
c.amazon-adsystem.com/cdn/prod/ 		849 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3062&u=https%3A%2F%2Fwww.usatoday.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
a3fdf333d2e97c0f0dfc85a5b2d93216ce560fd3e973165219c624532249b38b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:34:52 GMT
via
1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
server
Server
age
9589
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.usatoday.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR52-C2
content-length
849
x-amz-cf-id
IqtBTZdvwG3q5tHLCX2KEiFfFQyDhwo0AZ7py99BjPuHc3hx-o-kVw==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&pr=https%3A%2F%2Ft.co%2F&pid=0jXjZn6ewfPTe&cb=0&ws=1600x1200&v=22.9.81452&t=1500&slots=%5B%7B%22sd%22%3A%22ad-slot-7103-usatoday-high_impact-tech-1%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fhigh_impact%2Ftech%231%22%7D%2C%7B%22id%22%3A%22videoSlot1%22%2C%22mt%22%3A%22v%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-native-article_link-tech-2%22%2C%22s%22%3A%5B%22640x360%22%2C%22300x250%22%2C%223x3%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%232%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-native-article_link-tech-3%22%2C%22s%22%3A%5B%22640x360%22%2C%22300x250%22%2C%223x3%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%233%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-native-article_link-tech-4%22%2C%22s%22%3A%5B%22640x360%22%2C%22300x250%22%2C%223x3%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fnative-article_link%2Ftech%234%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-poster-tech-5%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter%2Ftech%235%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-6%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%236%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-7%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%237%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%238%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-poster_scroll-tech-9%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Ftech%239%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-leaderboard_btf-tech-10%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fleaderboard_btf%2Ftech%2310%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.69.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-69-177.iad89.r.cloudfront.net
Software
Server /
Resource Hash
eca0b35ce30602407ca710d5bec01e6ea5f7bb1e29ee111c4663d0c98a412fff
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-P1
x-amz-rid
6FJWER87R32G9RH9D0ZB
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
2114
x-amz-cf-id
zgJESmkyQSRgkLZ5k2VTNr5JPa6Apsh4QZt9YjdYizVCsLF3PmWOCg==
pub
pixel.adsafeprotected.com/services/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:ad-slot-7103-usatoday-high_impact-tech-1,s:970.250,p:7103/usatoday/high_impact/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-native-article_link-tech-2,s:640.360,p:7103/usatoday/native-article_link/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-native-article_link-tech-3,s:640.360,p:7103/usatoday/native-article_link/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-native-article_link-tech-4,s:640.360,p:7103/usatoday/native-article_link/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-poster-tech-5,s:300.250,p:7103/usatoday/poster/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-poster_scroll-tech-6,s:300.250,p:7103/usatoday/poster_scroll/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-poster_scroll-tech-7,s:300.250,p:7103/usatoday/poster_scroll/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-poster_scroll-tech-8,s:300.250,p:7103/usatoday/poster_scroll/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-poster_scroll-tech-9,s:300.250,p:7103/usatoday/poster_scroll/tech,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-leaderboard_btf-tech-10,s:728.90,p:7103/usatoday/leaderboard_btf/tech,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=1b174cc2-f724-b126-13a5-3c2fdb263638&url=https%253A%252F%252Fwww.usatoday.com%252Fstory%252Ftech%252F2022%252F09%252F18%252Fuber-data-breach-hacked-phishing%252F10419761002%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.29.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-29-33.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2b2d1aaba2e2af0f1c90a944d1ead670fde436bee36976e8c2337d506d46f830

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
x-server-name
app17.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.usatoday.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
iasADX.js
static.adsafeprotected.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/iasADX.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:8800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 19:03:18 GMT
content-encoding
gzip
age
598285
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 14 Feb 2022 12:59:56 GMT
server
AmazonS3
etag
W/"c700d1e14608af0f21adaf6e08ac2cf5"
vary
Accept-Encoding
x-amz-version-id
S08nbEMSQBiWsSqdAKl6yaGPRyD0riRA
via
1.1 4e2a7874b5959279490dd3b94b18a312.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
2Z5sEs1zOVXSgxmvUDI25PyLzFkEiMGLczMNbHpKEUdbe15C3jEpSQ==
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_m&anid:922805&sessionId:1b174cc2-f724-b126-13a5-3c2fdb263638
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.29.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-29-33.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
x-server-name
app04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
bridge3.531.0_en.html
imasdk.googleapis.com/js/core/ Frame 9932 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.531.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
359729
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211701
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:19:13 GMT
expires
Fri, 15 Sep 2023 13:19:13 GMT
last-modified
Thu, 15 Sep 2022 13:10:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663607682477&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663607682477&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_s...
43 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663607682477&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=0&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1663607682482&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=4&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=https%3A%2F%2Ft.co%2F
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 3ea826f29560ca95cae18534029cc5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
content-length
43
x-amz-cf-id
8xtpn5bH9_Z4rFdCiP3pG66lyU0oTj_xCqYXwdnEy4GBsRBU9NIbug==
x-cache
Miss from cloudfront
content-type
image/gif

Redirect headers

location
/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663607682477&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=0&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1663607682482&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=4&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=https%3A%2F%2Ft.co%2F
date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 3ea826f29560ca95cae18534029cc5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
content-length
0
x-amz-cf-id
wBGpwu931eoJVGJIWmzBEFOWmfDRMyW0jG2s-SZl6x1OGH1bcovoEA==
x-cache
Miss from cloudfront
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663607682477&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663607682477&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_s...
43 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663607682477&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=3&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=3&ns_st_dpt=3&ns_st_ipt=3&ns_st_et=3&ns_st_det=3&ns_st_upc=3&ns_st_dupc=3&ns_st_iupc=3&ns_st_upa=3&ns_st_dupa=3&ns_st_iupa=3&ns_st_lpc=3&ns_st_dlpc=3&ns_st_lpa=3&ns_st_dlpa=3&ns_st_pa=3&ns_ts=1663607682485&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=https%3A%2F%2Ft.co%2F
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 3ea826f29560ca95cae18534029cc5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
content-length
43
x-amz-cf-id
3RORN6sBhupHkM1Diixl96TN7rIVubw_JDFIlruERMTA3BbmU0PClw==
x-cache
Miss from cloudfront
content-type
image/gif

Redirect headers

location
/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663607682477&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=3&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=3&ns_st_dpt=3&ns_st_ipt=3&ns_st_et=3&ns_st_det=3&ns_st_upc=3&ns_st_dupc=3&ns_st_iupc=3&ns_st_upa=3&ns_st_dupa=3&ns_st_iupa=3&ns_st_lpc=3&ns_st_dlpc=3&ns_st_lpa=3&ns_st_dlpa=3&ns_st_pa=3&ns_ts=1663607682485&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=https%3A%2F%2Ft.co%2F
date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 3ea826f29560ca95cae18534029cc5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
content-length
0
x-amz-cf-id
9_Y_KQ1kX0a3d7Y8cfxU0Oj8EoVCr9GS8i7F64Ig7BxTl3wPxuKXpg==
x-cache
Miss from cloudfront
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:39:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
300911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 16 Sep 2023 05:39:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		621 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.usatoday.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c0e8032448feed73a00d6ded147a500990327e7391ec952b96586bd1f5cd32e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
239
x-xss-protection
0
expires
Mon, 19 Sep 2022 17:14:42 GMT
ats.js
ats.rlcdn.com/ 		109 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: t.co
URL: https://t.co/ZUv10TUi4A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-111.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via
1.1 cf426d8f6e10e609055662f292295434.cloudfront.net (CloudFront)
etag
"148e21f812b555a13b2a9c6b616141f4"
age
72534
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
content-length
112112
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Sun, 18 Sep 2022 21:05:49 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/x-javascript
x-amz-cf-id
_h-NnGHWvF8IU8yVH_cV5cgBbMKZY_CGMJ3rPU3sm0TB4cNPvwZmFw==
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:47:41 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
8821
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3ea826f29560ca95cae18534029cc5a6.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
IAD55-P3
x-amz-cf-id
U9T5asABzzYFUFHfIbcSnlbg_VHkff-z5NR6lMUIOnLW61E3Z8qp_w==
tr5
cdn.taboola.com/libtrc/ 		3 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=aa_test_for_monitoring_var
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663607683.586253,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
content-type
text/html
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
load.js
widget.perfectmarket.com/usatodaydemo/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/usatodaydemo/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f462305b0fa1cf6b138314840673fc57278fe4a22a4c041f7c7002e507fd8e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
sIhlgdY23G4B4SeUF3CoyE.2qjAuGLGx
content-encoding
gzip
etag
"9bd661ed70dc54df824cfbbe2a292a6d"
age
105
x-cache
HIT, HIT
content-length
1179
x-amz-id-2
DxwfuoTmaAOU+mw88PRNnI4V7MhzjI4uL5veWEqSNXPJ9dYSYd9KARh5Zo3q9PjgbchenJm2W40=
x-served-by
cache-sna10722-LGB, cache-yul12833-YUL
last-modified
Wed, 11 Mar 2020 08:48:12 GMT
server
AmazonS3
x-timer
S1663607683.612049,VS0,VE0
date
Mon, 19 Sep 2022 17:14:42 GMT
vary
Accept-Encoding,,
x-amz-request-id
00N5B0DZZ6T7RQ4B
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 3
impl.20220919-29-RELEASE.js
cdn.taboola.com/libtrc/ 		686 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220919-29-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
7475c05506be64a3776f01a8983debdb2776e64807042516043ca861986cad40

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
T4BwW6L7GkUUwUHkGO95NCIpA3.XfdwB
content-encoding
br
etag
"91098208efb744fc7f4777d1c6754b4d"
age
3549
x-cache
HIT
content-length
145351
x-amz-id-2
iFYM6cirozLeDUOxNC/lW1YiQQZH92ycX87z4bpE9X4FlnemTQzEOW8Jhi3RthGnAmtVKoph4H0=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 19 Sep 2022 15:43:23 GMT
server
AmazonS3-br
x-timer
S1663607683.588293,VS0,VE0
date
Mon, 19 Sep 2022 17:14:42 GMT
vary
Accept-Encoding
x-amz-request-id
13XT2GMYNRXB1Q95
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
32
x-cache-hits
8363
events
bidder.criteo.com/csm/ 		0
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 17:14:41 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
USAT-TEALIUM-TANGENT.json
www.usatoday.com/dcc/prod/ 		73 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/dcc/prod/USAT-TEALIUM-TANGENT.json
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f4a0264f0dbec6232658dd0ffb9e44c69c8f6f173de038ee99020cc672dba9b1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=wAS9Bg==, md5=J/FL1M+w5mowKLZ3m7iPDg==
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
261691
x-amz-meta-goog-reserved-file-mtime
1663275020
x-guploader-uploadid
ADPycdu0wocILzCBanO51nYcUs4huyMzJjy-Agxk__M9rUtwWhufXFddGp3LN3lxXpT-FOILSLfT5Yt8YkYitYVv72G3pw
x-cache
HIT, HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
8285
last-modified
Thu, 15 Sep 2022 21:07:56 GMT
x-timer
S1663607683.605418,VS0,VE1
etag
"27f14bd4cfb0e66a3028b6779bb88f0e"
strict-transport-security
max-age=63072000
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-generation
1663276076574051
access-control-allow-origin
*
cache-control
max-age=3600
x-goog-stored-content-length
74463
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
b
sb.scorecardresearch.com/ 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663607682652&ns_c=UTF-8&c7=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&c8=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&c9=https%3A%2F%2Ft.co%2F
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 3ea826f29560ca95cae18534029cc5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
x-amz-cf-id
RHvNZpzMtUmU_mVuG26QlYQZzrFExJ27MmXewSdhMGNVkKqfUydxog==
x-cache
Miss from cloudfront
b
sb.scorecardresearch.com/ 		0
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663607682653&ns_c=UTF-8&c7=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&c8=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&c9=https%3A%2F%2Ft.co%2F
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 3ea826f29560ca95cae18534029cc5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
x-amz-cf-id
R1KGOVkdCwX00W6g9LimCm0Gh0QAzo3bYnzYuVFehNuP4EOgPoBijA==
x-cache
Miss from cloudfront
pmk-202002191.13.js
widget.perfectmarket.com/usatodaydemo/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/usatodaydemo/pmk-202002191.13.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/usatodaydemo/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df01c813a1afc16c8570d18db67c216942ebac119a2339bc84eb28cc0a72df39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
eV1dWizooeGEhNj7xzEDsqAiwZR.fWIA
content-encoding
gzip
etag
"aedbc3f638528fcb2b620ded2817932f"
age
22308203
x-cache
HIT, HIT
content-length
30942
x-amz-id-2
dsB76pVH7rPoa1IPQ987cSBAnBtWUsyI5M6C4CpUp7ZeeiQ3bYiBEv3a3nzZC70mn98zaniut1Q=
x-served-by
cache-lax10636-LGB, cache-yul12833-YUL
last-modified
Wed, 11 Mar 2020 08:48:12 GMT
server
AmazonS3
x-timer
S1663607683.661704,VS0,VE0
date
Mon, 19 Sep 2022 17:14:42 GMT
vary
Accept-Encoding,,
x-amz-request-id
YPKKF6ASCTQC5P8B
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
500, 6009
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6035223/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:10:34 GMT
content-encoding
gzip
etag
W/"5b0f9f0704a703b8da651007721fac57"
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
age
249
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3ea826f29560ca95cae18534029cc5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
x-amz-cf-id
rXeUY-JCHtRZVgoKcEMVTpHqY5WtjYOw-klpODyq_MRl5N3GoqV_Aw==

Redirect headers

location
/internal-cs/default/beacon.js
date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 3ea826f29560ca95cae18534029cc5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
content-length
0
x-amz-cf-id
zyDIlIP4AQ17r509O38wjMJvi7--WSqybvW0_r517c5bfeKpi-YnQA==
x-cache
Miss from cloudfront
USAT-GCIAF-STANDARD
www.gannett-cdn.com/gciaf/prod/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.gannett-cdn.com/gciaf/prod/USAT-GCIAF-STANDARD
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 17:14:43 GMT
via
1.1 varnish
x-content-type-options
nosniff
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache
MISS
vary
Origin
x-xss-protection
1;mode=block
x-served-by
cache-yul12832-YUL, cache-yul12832-YUL
accept-ranges
bytes
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
same-origin
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.usatoday.com
origin-agent-cluster
?1
cache-control
no-store
feature-policy
autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
permissions-policy
autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
access-control-allow-credentials
true
timing-allow-origin
*
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2950
date
Mon, 19 Sep 2022 16:25:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 19 Sep 2022 18:25:32 GMT
js
www.googletagmanager.com/gtag/ 		183 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QQ6YP2J211
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13c244d25ba042da4e5a8e3d83a0e539ac13050a7ba44ec0aeb461c2e0b80215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68049
x-xss-protection
0
expires
Mon, 19 Sep 2022 17:14:42 GMT
p.js
cdn.parsely.com/keys/usatoday.com/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/usatoday.com/p.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.201.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-201-38.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
9d6ba6e6cbb253a4892d8d92c679cae1575a58ecebc0898657e46a779647e0a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
public
date
Mon, 19 Sep 2022 14:17:41 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 14:30:41 GMT
server
nginx
age
10621
etag
W/"609be691-11d9d"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 613a9db04d23967014b7c42269dc1c12.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
XaB9GlMFPzxANmfsxEFeeTaOUmiAQ5QN81QQRhHWUOuwQHuBARLs2w==
expires
Tue, 20 Sep 2022 14:17:41 GMT
suual7uwr.js
cdn.krxd.net/controltag/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/suual7uwr.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c97302ec51a0d6a168a6f974565bea551b90c4157b110e6929a569be67a05ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 varnish, 1.1 varnish
age
41
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
11135
x-served-by
config-service-a005-ash-prod.krxd.net, cache-iad-kjyo7100098-IAD, cache-yul12833-YUL
x-response-time
1
x-do-esi
esi
x-timer
S1663607683.759614,VS0,VE0
etag
"f9cd9884f3f8f2dcc90aaa9aa89177d6c9d4a9ff"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 1088
v2
z-na.associates-amazon.com/onetag/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=d987ab8b-f962-42cf-a0eb-81c187032d94
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.96.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-96-135.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
3167e516e4093b233cb2095a7e5039e3f86bd461b39ac59976b51e5906d2f3c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:47:48 GMT
content-encoding
gzip
accept-charset
UTF-8
server
Server
age
26814
x-amz-rid
VF309MM4ZT48HA28E8FG
vary
accept-encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P8
x-amz-cf-id
QGQyfV7qJz6sj516MGNYjaWYAa6akYF_pnz1SpGMMBGZSZvPQtwL3A==
via
1.1 cea4663e4864185add284e6e883e90f2.cloudfront.net (CloudFront)
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
100gDODK207ifCH7KgUqH0MDktPYdZPks/ZiCfxwwkVeDawmpe3QqUnb8NGGhA4ref7PFIoHICIAwH543l4/xw==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:14:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15701
x-xss-protection
0
server
cafe
etag
15927311876428925992
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 17:14:42 GMT
v2_event.js
www.gstatic.com/retail/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/retail/v2_event.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab3eb0cc4af553940c3126bca328d001e51651098b3bec670395a2c879091706
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloud-ai-recommendation
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloud-ai-recommendation
content-encoding
gzip
x-content-type-options
nosniff
age
298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
863
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 00:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloud-ai-recommendation"
date
Mon, 19 Sep 2022 17:09:44 GMT
vary
Accept-Encoding
report-to
{"group":"cloud-ai-recommendation","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloud-ai-recommendation"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:59:44 GMT
ktag.js
resources.xg4ken.com/js/v2/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.xg4ken.com/js/v2/ktag.js?tid=KT%E2%80%90N2B92%E2%80%903EB
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.100.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-100-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b2d2edfd67a8599f69483fd29240eaab4266233e8dff0767890a82dc0777b6a7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2022 12:45:42 GMT
server
nginx
etag
"6321ccf6-dd8"
content-type
text/plain
cache-control
max-age=86400, public
content-length
3544
x-xss-protection
1; mode=block
expires
Tue, 20 Sep 2022 17:14:42 GMT
A2920824-78d2-4593-b257-ae490811f1a01.js
d.impactradius-event.com/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.impactradius-event.com/A2920824-78d2-4593-b257-ae490811f1a01.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
56bd20c7592caa35f56a3f8bca3517937a0537b3ab1884aa4b05a028ad26695c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:13:16 GMT
content-encoding
gzip
age
86
x-guploader-uploadid
ADPycdt6dN-zj8eTTVQsG3SeX-RXW8zsx2XAmrdhdySZVBt1QX8vx7UcQ5yoP0ezcXsOUP3y8Ze4YLY_J7oELsPQxsw3Hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15526
last-modified
Thu, 21 Jul 2022 14:20:17 GMT
server
UploadServer
etag
"96de76dd1279d04d6b8c17ecc7213b13"
vary
Accept-Encoding
x-goog-hash
crc32c=jKxJqw==, md5=lt523RJ50E1rjBfsxyE7Ew==
x-goog-generation
1658413217786667
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
15526
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Mon, 19 Sep 2022 17:18:16 GMT
a-01aa.min.js
b-code.liadm.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-01aa.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:f200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
71a127d0a084e582a0b49104772f77ac88995258224862a8b2b8603894e1f028

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 11:09:01 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
age
21941
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
PHL50-C1
content-encoding
gzip
x-amz-cf-id
RTptfKY0hK7M8or-4TrHJKhPlmygCR04HDpKrFMa9VY_4G0b0UDarQ==
collect.js
10870841.collect.igodigital.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://10870841.collect.igodigital.com/collect.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.87.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-87-208.compute-1.amazonaws.com
Software
/
Resource Hash
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2022 14:43:07 GMT
vary
Accept-Encoding
content-type
application/javascript
scevent.min.js
sc-static.net/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.113.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-113-246.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
811f2e3d49494c1b9efce2da51082d3c79da94db5d80b8dc55504ff332aa3e46

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
JFK50-P3
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
7961
via
1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
x-amz-cf-id
lqkTiTvr9Xz0I1OIJo3MmYXZVs_G3-n9pH8EteFD6pBN62VPsg-DMQ==
tfa.js
cdn.taboola.com/libtrc/unip/1168/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4418c65239351eb99c41a5c0725a6eecd036b65147e3c51e3f995f136a6aafd1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
grrShWuOB499nwnovJpek9cr8_J38Csd
content-encoding
gzip
etag
"9d3d89435d85f0f7afaa7133eaa47108"
age
6433
x-cache
HIT
x-amz-replication-status
COMPLETED
fastly-restarts
1
x-amz-id-2
oRys0laonTN7IXWayVWcHQq+Ws4alsiXUFEYJzAnbsoPCdSrQlswuUYiQRdAY8qFW4Tjvqlk9u4=
x-served-by
cache-yul12832-YUL
accept-ranges
bytes
last-modified
Mon, 19 Sep 2022 15:27:07 GMT
server
AmazonS3
x-timer
S1663607683.710435,VS0,VE22
date
Mon, 19 Sep 2022 17:14:42 GMT
vary
Accept-Encoding
x-amz-request-id
KR7SN3VQRTYNFXHB
via
1.1 varnish
cache-control
private,max-age=14401
content-length
17600
content-type
application/javascript; charset=utf-8
abp
32
x-cache-hits
504
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-138-162.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 00:03:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
61846
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 f452d023faa737bf8fd4899df4e76a44.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
EWR52-C2
X-Amz-Cf-Id
ftiD0tNn2X4Kda5rM3VTPPgXk9RM9uygma2FSfC-ARczLQFLp08c1g==
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 14:35:09 GMT
etag
"d4de8398858246712016031c834bb061+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15317
x-served-by
cache-iad-kcgs7200084-IAD
json
trc.taboola.com/usatodaydemo/trc/3/ 		75 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/trc/3/json?tim=17%3A14%3A42.736&lti=aa_test_for_monitoring_var&data=%7B%22id%22%3A145%2C%22ii%22%3A%22%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1663604871046%2C%22vi%22%3A1663607682733%2C%22cv%22%3A%2220220919-29-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A8049%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22vpi%22%3A%22%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22e%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9558%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-u%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20-%20Feed%20Redesign%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20-%20Feed%20Redesign%22%2C%22cd%22%3A7902.25%2C%22mw%22%3A660%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22organic-thumbnails-rr-stream%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%20-%20Organic%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%20-%20Organic%22%2C%22cd%22%3A1176%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%2CBelow%20Article%20Thumbnails%20-%20Feed%20Redesign%3Dthumbnails-u%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%20-%20Organic%3Dorganic-thumbnails-rr-stream%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22aa_test_for_monitoring_var%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220919-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
779b0059a240e5469de2570137656965100874f8390f21b3a40af3f693217ab8

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
715
date
Mon, 19 Sep 2022 17:14:43 GMT
content-encoding
gzip
server
nginx
x-timer
S1663607683.749678,VS0,VE715
x-served-by
cache-yul12832-YUL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.usatoday.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
/
geo.privacymanager.io/ 		30 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-59.ewr52.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:37:17 GMT
via
1.1 e71ab653feb8332f51edf19089ecf9fc.cloudfront.net (CloudFront), 1.1 76ba6b3d9cbda18b2d8a4974a9dc976a.cloudfront.net (CloudFront)
age
34645
x-amzn-requestid
ccd0dc89-08df-41e4-92c6-a9868b09852d
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-63281c2d-191eba8b43b42fe42533577e;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
IAD55-P4, EWR52-C4
x-amz-apigw-id
YslXGFuljoEFdoQ=
content-length
30
x-amz-cf-id
D_frET2ZMJjTz-A-C670PX_s8Hhj7eHdnqaI-vlHzRMeuLijg195wA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
14143
gannett.sjv.io/xur/ 		114 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gannett.sjv.io/xur/14143
Requested by
Host: d.impactradius-event.com
URL: https://d.impactradius-event.com/A2920824-78d2-4593-b257-ae490811f1a01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.211.136 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
136.211.227.35.bc.googleusercontent.com
Software
/
Resource Hash
c59f335948580c2407c807b846a1d30b81e98441287090b4c5063b95846831d2

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin
https://www.usatoday.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Sep 2022 17:14:42 GMT
userEvents:collect
retail.googleapis.com/v2/projects/gannett-recommendations/locations/global/catalogs/default_catalog/ 		7 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retail.googleapis.com/v2/projects/gannett-recommendations/locations/global/catalogs/default_catalog/userEvents:collect?key=AIzaSyCiYeR-fmRSr595wMC03A9OjemIfGfcCbU&uri=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&user_event=%7B%22visitorId%22%3A%22cbaf261a-900b-444b-8dbf-c7d5de325888%22%2C%22productDetails%22%3A%5B%7B%22product%22%3A%7B%22id%22%3A%2210419761002%22%7D%7D%5D%2C%22eventType%22%3A%22detail-page-view%22%2C%22attributes%22%3A%7B%22platform%22%3A%7B%22text%22%3A%5B%22tangent%22%5D%7D%2C%22site_code%22%3A%7B%22text%22%3A%5B%22USAT%22%5D%7D%7D%2C%22referrerUri%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22userInfo%22%3A%7B%22userId%22%3A%228a0639dd-9ea4-42a3-a85b-2b8ba9af3a73%22%7D%7D&ets=1663607682793
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:43 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
server-timing
gfet4t7; dur=148
vary
Origin, X-Origin, Referer
content-length
7
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.83
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-xss-protection
0
pragma
public
x-fb-debug
cN+TK7PyJh32HmwYdGnuuz/XuC+Gh0FnB+Sez2kYj6zUzOhnCCCCNgGCMvCQC4DpD/RuyamX8pCLNtd5eRmIrw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:14:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1613278598987210
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1613278598987210?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8bb52308d8aa4a8e7c29119995908151ad846738b7913f624912af64b679721b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86376
x-xss-protection
0
pragma
public
x-fb-debug
mZ+B/aJsWlknXo6ucJblCejBOyrEgLOu9WEP8YYSWZpyAY/U+L9Ja9Ph/kTuxtjw/Yee3+jdCvbc0NJ4hs7USg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:14:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
controltag.js.387e8802bbd0d9fbfa52c1546d7297df
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/suual7uwr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
age
12483731
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1127007
content-length
84742
x-served-by
cache-yul12833-YUL
last-modified
Thu, 28 Apr 2022 05:17:05 GMT
x-timer
S1663607683.814843,VS0,VE0
etag
"387e8802bbd0d9fbfa52c1546d7297df"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 25 Apr 2032 05:17:04 GMT
unip
trc.taboola.com/1168/log/3/ 		0
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1168/log/3/unip?sourceurl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&user_type=guest&en=page_view&unified_id=8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73&paywall=false&tim=1663607682813&ref=https%3A%2F%2Ft.co%2F&cv=20220919-29-RELEASE&tos=3&ssd=1&scd=12&ler=other&mrir=u&vi=1663607682733
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
18
pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 varnish
server
nginx
x-timer
S1663607683.824020,VS0,VE18
x-served-by
cache-yul12832-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1012762984&t=pageview&_s=1&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KHBAAEABEAAAAC~&jid=1361300270&gjid=1976313532&cid=327780952.1663607683&tid=UA-166840762-3&_gid=461884958.1663607683&_r=1&_slc=1&cd177=light&cd166=1&cd5=5%3A00%20pm&cd6=0&cd26=frank%20bajak&cd59=Frank%20Bajak&cd65=tech&cd23=2022-09-18&cd24=16%3A22%3A48Z&cd25=Uber%20says%20services%20are%20operational%20following%20data%20breach&cd14=10419761002&cm9=1&cd58=uber%2Chacking%2Chacker%2Cride-hailing%2Cdata%20breach%2Coverall%20negative%2Ccybersecurity%2Ccomputer%20crime%2Cdefense%20and%20cybersecurity%2Ccomputer%20security&cd27=metered&cd94=Associated%20Press&cd61=tech&cd62=null&cd64=null&cd63=null&cd60=no%20story%20highlights&cd30=story%20pages&cd180=1166&cd1=pageview&cd72=1&cd128=1&cd129=1&cd126=3&cd127=3&cd159=3&cd2=gciAnalytics%3Aprod%3A0.245.0%3AUSAT-TEALIUM-TANGENT&cd3=0.245.0&cd108=f&cd76=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&cd176=kick%7C10%2Cspk%7C11%2Cspk%7C22%2Cspk%7C29%2Cspk%7C46%2Cspk&cd45=desktop&cd49=tangent&cd91=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&cd77=USAT-E&cd48=yes&cd178=no&cd50=2%7C1%2Ctwitter%2C10419761002%7C2%2Ctwitter%2C10419761002&cd95=McLean%2C%20VA&cd68=VA&cd67=usatoday&cd43=https%3A%2F%2Ft.co%2F&cd28=USAT&cd99=Gannett&cd162=A&cd83=top%2Cbottom&cd79=USAT-TEALIUM-TANGENT&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&cd4=8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73&cd179=16276&cd11=na%7Canonymous%7Cna%7Cna%7Cna&cd165=na%7Canonymous%7Cna%7Cna%7Cna&cd169=000&cd170=000&cd40=1&cd160=null&cd42=control%3A1&cd8=unauthenticated&cd90=0&cd33=anonymous&cd7=327780952.1663607683.95634848&cd44=327780952.1663607683&z=1904218003
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1012762984&t=event&_s=2&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=navigation&ea=scroll%20milestone&el=0&_u=KHBAAEABEAAAAC~&jid=&gjid=&cid=327780952.1663607683&tid=UA-166840762-3&_gid=461884958.1663607683&cd177=light&cd166=1&cd5=5%3A00%20pm&cd6=0&cd14=10419761002&cd58=&cd61=tech&cd62=null&cd64=null&cd63=null&cd30=story%20pages&cd180=1166&cd1=custom&cd72=1&cd128=1&cd129=1&cd126=3&cd127=3&cd159=3&cd2=gciAnalytics%3Aprod%3A0.245.0%3AUSAT-TEALIUM-TANGENT&cd3=0.245.0&cd108=f&cd76=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&cd45=desktop&cd49=tangent&cd91=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&cd77=USAT-E&cd178=no&cd95=McLean%2C%20VA&cd68=VA&cd67=usatoday&cd43=https%3A%2F%2Ft.co%2F&cd28=USAT&cd99=Gannett&cd162=A&cd79=USAT-TEALIUM-TANGENT&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&cd4=8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73&cd179=16276&cd11=na%7Canonymous%7Cna%7Cna%7Cna&cd165=na%7Canonymous%7Cna%7Cna%7Cna&cd169=000&cd170=000&cd40=1&cd160=null&cd42=control%3A1&cd8=unauthenticated&cd90=0&cd33=anonymous&cd7=327780952.1663607683.70032409&cd44=327780952.1663607683&cd92=scroll%20milestone&cd153=body%20nav&z=516721258
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:21:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
49999
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c2=6035223&c1=2&c5=tech&comscorekw=tech&c6=tech&c4=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&c15=8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73&cs_ucfr=&cs_it=b2&cv=3.8.0.210223&ns__t=1663607682859&ns_c=UTF-8&c7=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&c8=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&c9=https%3A%2F%2Ft.co%2F
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:42 GMT
via
1.1 3ea826f29560ca95cae18534029cc5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
x-amz-cf-id
0fQ8gvmE03BtrRWS5CG5w2Q_hP2pwfWfBJWD9VNd-jtnY3B2zd5RqA==
x-cache
Miss from cloudfront
andoncord
assoc-na.associates-amazon.com/onetag/ 		16 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assoc-na.associates-amazon.com/onetag/andoncord
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=d987ab8b-f962-42cf-a0eb-81c187032d94
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
Server /
Resource Hash
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:14:43 GMT
Server
Server
x-amz-rid
N4DJ0M6VVMTPJXYBRDKB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.usatoday.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
16
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/994302621/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994302621/?random=1663607682868&cv=9&fst=1663607682868&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ref=https%3A%2F%2Ft.co%2F&tiba=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b50f84aca1780fbed04fba6f2fa8f40c3958469dcdb72aeb3158a48df50376bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1098
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1663607682880&plid=51942547&idsite=usatoday.com&url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&urlref=https%3A%2F%2Ft.co%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%22userStatus%22%3A%22unauthenticated%22%2C%22userType%22%3A%22anonymous%22%2C%22sevenDayReturn%22%3Afalse%7D&tagManager=gciAnalytics%3Aprod%3A0.245.0%3AUSAT-TEALIUM-TANGENT&sid=1&surl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&sref=https%3A%2F%2Ft.co%2F&sts=1663607682876&slts=0&title=Uber+data+breach%3A+Employee+apparently+tricked+into+sharing+credentials&date=Mon+Sep+19+2022+17%3A14%3A42+GMT%2B0000+(GMT)&action=pageview&urlRef=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&js=1&pvid=70312756&u=pid%3Dd18f4ea72a75462cb9b12e3fbb8a06db
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:14:42 GMT
Cache-Control
no-cache
Last-Modified
Monday, 19-Sep-2022 17:14:42 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync-container.js
b-code.liadm.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01aa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:f200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 17 Sep 2022 11:50:41 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 11:48:07 GMT
server
AmazonS3
age
192242
etag
W/"ae5e94de938b0387eda6df8f20da811a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
ZRfVtKW52YwLipMgrwaZhepFYjtGuxxRM6Wdt-2Vr-i6bTfLFO7PBQ==
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QQ6YP2J211&gtm=2oe9e0&_p=1012762984&cid=327780952.1663607683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&uid=8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73&cu=USD&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&dr=https%3A%2F%2Ft.co%2F&sid=1663607682&sct=1&seg=0&dt=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QQ6YP2J211
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-166840762-3&cid=327780952.1663607683&jid=1361300270&gjid=1976313532&_gid=461884958.1663607683&_u=KHBAAEAAEAAAAC~&z=1257823405
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 19 Sep 2022 17:14:43 GMT
content-type
text/plain
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 9876 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
40458203
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
525
content-type
text/html
date
Mon, 19 Sep 2022 17:14:42 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
expires
Fri, 19 Feb 2027 17:50:50 GMT
last-modified
Tue, 21 Feb 2017 17:50:54 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
345728
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by
cache-yul12833-YUL
x-timer
S1663607683.968225,VS0,VE0
iu3
s.amazon-adsystem.com/ Frame 510F
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_rbd_n-emx_ppt_n-vmg_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_rbd_n-emx_ppt_n-vmg_an-db5_3lift&dcc=t
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_rbd_n-emx_ppt_n-vmg_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
328
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 19 Sep 2022 17:14:43 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
KJE48ZWY7KG0J0MKJMNH

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 19 Sep 2022 17:14:43 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_rbd_n-emx_ppt_n-vmg_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
6Y7R5AMZWXZG9K66PRCE
update_item
nova.collect.igodigital.com/c2/10870841/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nova.collect.igodigital.com/c2/10870841/update_item?payload=%5B%7B%22author%22%3A%22Frank%20Bajak%22%2C%22name%22%3A%22Uber%20says%20services%20are%20operational%20following%20data%20breach%22%2C%22item%22%3A%2210419761002%22%2C%22category%22%3A%22tech%22%2C%22item_type%22%3A%22story%20pages%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%7D%5D
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.87.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-87-208.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
track_page_view
nova.collect.igodigital.com/c2/10870841/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nova.collect.igodigital.com/c2/10870841/track_page_view?payload=%7B%22category%22%3A%22tech%22%2C%22title%22%3A%22Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22referrer%22%3A%22https%3A%2F%2Ft.co%2F%22%7D
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.87.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-87-208.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-runtime
0.011285
date
Mon, 19 Sep 2022 17:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"98b3d9d20e032f90aca49e9b116225d5"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
e3ee4d51-7f3b-4243-8a95-395246c122dc
adsct
t.co/i/ 		43 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=3e864b6a-74ed-4a30-9f89-81a673954445&events=%5B%5B%22pageview%22%2C%7B%22currency%22%3A%22USD%22%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e058a287-631e-448f-a67e-499c0b8b4fbb&tw_document_href=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6it1&type=javascript&version=2.3.27
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
6
date
Mon, 19 Sep 2022 17:14:42 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
0ae3e06136402682c20ba6744081aa936f28c8252f063ee0eea0a3dbb4f26d97
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3e864b6a-74ed-4a30-9f89-81a673954445&events=%5B%5B%22pageview%22%2C%7B%22currency%22%3A%22USD%22%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e058a287-631e-448f-a67e-499c0b8b4fbb&tw_document_href=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6it1&type=javascript&version=2.3.27
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
7
date
Mon, 19 Sep 2022 17:14:42 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
338ce1944c64cf5cfbd426950fcfe04b84b9611842b65b8b2d7457b77075f9a6
content-length
43
444277530343501
connect.facebook.net/signals/config/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/444277530343501?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
842c379cf6c7045e068c129e66893f841042bee3c65818afe7906484fbd1ede9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86450
x-xss-protection
0
pragma
public
x-fb-debug
7rst8e47jUVKApAsxuhrac4jzXjEESieR8QA4OMEYw1ucS/CloPico0jtkYVlCP/s0zOLpjhF1qEdGW01anfAg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:14:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1613278598987210&ev=PageView&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1663607682988&cd[currency]=USD&cd[content_type]=product&sw=1600&sh=1200&ud[external_id]=397269784cdc9d9bf08269e7428abea725f21a2acc6df7ee7fe9c29b99862a44&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663607682693.7626780169&it=1663607682803&coo=false&eid=pageview-6589b144-0f64-410e-965a-399b09d4c594&tm=1&rqm=GET
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 17:14:43 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1613278598987210&ev=ViewContent&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1663607682989&cd[currency]=USD&cd[content_type]=product&sw=1600&sh=1200&ud[external_id]=397269784cdc9d9bf08269e7428abea725f21a2acc6df7ee7fe9c29b99862a44&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663607682693.7626780169&it=1663607682803&coo=false&eid=pageview-6589b144-0f64-410e-965a-399b09d4c594&tm=1&rqm=GET
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 17:14:43 GMT
init
tr.snapchat.com/ 		126 B
491 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/init?pids=83ed99d9-8377-45aa-ba76-e017d4d8e602
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2f69e78584888f6169761ee7c96cd73d26b6b72127b4f8fea25763d6bf35232e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:43 GMT
content-encoding
gzip
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google, 1.1 google
is_enabled
tr.snapchat.com/collector/ 		78 B
166 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=83ed99d9-8377-45aa-ba76-e017d4d8e602&tld=com
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
22a1e454ab88130ab3e742afb5eb58bbf6f496a64f659372c0f0fdd850e31682
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:43 GMT
content-encoding
gzip
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usatoday.com
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google, 1.1 google
i
tr.snapchat.com/cm/ Frame DA10 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=83ed99d9-8377-45aa-ba76-e017d4d8e602&u_scsid=a4632f63-5ee1-4e57-aa49-eadd62045d1f&u_sclid=524ce26b-eeca-496d-bd8b-0cd0dc78ae29
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
gzip
content-type
text/html
date
Mon, 19 Sep 2022 17:14:43 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
11
/
www.google.com/pagead/1p-user-list/994302621/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/994302621/?random=1663607682868&cv=9&fst=1663606800000&num=1&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ref=https%3A%2F%2Ft.co%2F&tiba=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&async=1&fmt=3&is_vtc=1&random=879100344&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/994302621/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/994302621/?random=1663607682868&cv=9&fst=1663606800000&num=1&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ref=https%3A%2F%2Ft.co%2F&tiba=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&async=1&fmt=3&is_vtc=1&random=879100344&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e88225a2-3b7b-45e3-9cc2-a3130b91f0db
consumer.krxd.net/consent/get/ 		237 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/e88225a2-3b7b-45e3-9cc2-a3130b91f0db?idt=device&dt=kxcookie&callback=Krux.ns.gannett.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
208d4d3247c0b03ec9ef551ced347e1daf0ce627c391567940e2894212a24df7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:43 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a015-ash-prod.krxd.net, cache-yul12828-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1663607683.059204,VS0,VE17
content-length
192
x-cache-hits
0, 0
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1663607683008&aid=a-01aa&se=e30&duid=bf719b866c77--01gdbbxdtf5496t7v6zvc4vbb8&tna=v2.4.2&pu=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-...
  • https://rp4.liadm.com/j?dtstmp=1663607683008&aid=a-01aa&se=e30&duid=bf719b866c77--01gdbbxdtf5496t7v6zvc4vbb8&tna=v2.4.2&pu=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data...
45 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1663607683008&aid=a-01aa&se=e30&duid=bf719b866c77--01gdbbxdtf5496t7v6zvc4vbb8&tna=v2.4.2&pu=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ext_gup_anonid=8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73&us_privacy=1---&wpn=lc-bundle&refr=https%3A%2F%2Ft.co%2F&c=PHRpdGxlPlViZXIgZGF0YSBicmVhY2g6IEVtcGxveWVlIGFwcGFyZW50bHkgdHJpY2tlZCBpbnRvIHNoYXJpbmcgY3JlZGVudGlhbHM8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGRhdGEgYnJlYWNoIGF0IFViZXIgcHV0cyB0aGUgc3BvdGxpZ2h0IG9uIGFuIGVmZmVjdGl2ZSBicmVhay1pbiByb3V0aW5lOiB0cmlja2luZyBhbiBlbXBsb3llZSBpbnRvIHNoYXJpbmcgdGhlaXIgY3JlZGVudGlhbHMuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNhdG9kYXkuY29tL3N0b3J5L3RlY2gvMjAyMi8wOS8xOC91YmVyLWRhdGEtYnJlYWNoLWhhY2tlZC1waGlzaGluZy8xMDQxOTc2MTAwMi8iPjxoMSBjbGFzcz0iZ250X2FyX2hsIiBlbGVtZW50dGltaW5nPSJhci1oZWFkbGluZSI-VWJlciBzYXlzIHNlcnZpY2VzIGFyZSBvcGVyYXRpb25hbCBmb2xsb3dpbmcgZGF0YSBicmVhY2g8L2gxPjx0aXRsZSBpZD0icGxheV90ZWFscGxheWVyX3N2ZyI-UGxheTwvdGl0bGU-PHRpdGxlIGlkPSJwYXVzZV90ZWFscGxheWVyX3N2ZyI-UGF1c2U8L3RpdGxlPjx0aXRsZSBpZD0ibXV0ZV90ZWFscGxheWVyX3N2ZyI-U291bmQgT248L3RpdGxlPjx0aXRsZSBpZD0idW5tdXRlX3RlYWxwbGF5ZXJfc3ZnIj5Tb3VuZCBPZmY8L3RpdGxlPjx0aXRsZSBpZD0iY2xvc2VkQ2FwdGlvbl90ZWFscGxheWVyX3N2ZyI-Q2xvc2VkQ2FwdGlvbjwvdGl0bGU-PHRpdGxlIGlkPSJzaGFyZV90ZWFscGxheWVyX3N2ZyI-T3BlbiBTaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJmdWxsc2NyZWVuX3RlYWxwbGF5ZXJfc3ZnIj5FbnRlciBGdWxsIFNjcmVlbjwvdGl0bGU-PHRpdGxlIGlkPSJleGl0RnVsbHNjcmVlbl90ZWFscGxheWVyX3N2ZyI-RXhpdCBGdWxsIFNjcmVlbjwvdGl0bGU-&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjE1&n3pc=true
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Server
52.7.56.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-56-125.compute-1.amazonaws.com
Software
/
Resource Hash
eb27d5196cca3fe422ace69d7a4d4b0f4f5d38cab34d75a3cb66eb3edd1fef85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:43 GMT
x-pixel-event-id
382877b1-6e6c-4f5e-866b-73a699640850
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
null
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
e0c9e93018610ec9
request-time
0
content-length
45
x-content-type-options
nosniff

Redirect headers

date
Mon, 19 Sep 2022 17:14:43 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
location
https://rp4.liadm.com/j?dtstmp=1663607683008&aid=a-01aa&se=e30&duid=bf719b866c77--01gdbbxdtf5496t7v6zvc4vbb8&tna=v2.4.2&pu=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ext_gup_anonid=8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73&us_privacy=1---&wpn=lc-bundle&refr=https%3A%2F%2Ft.co%2F&c=PHRpdGxlPlViZXIgZGF0YSBicmVhY2g6IEVtcGxveWVlIGFwcGFyZW50bHkgdHJpY2tlZCBpbnRvIHNoYXJpbmcgY3JlZGVudGlhbHM8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIGRhdGEgYnJlYWNoIGF0IFViZXIgcHV0cyB0aGUgc3BvdGxpZ2h0IG9uIGFuIGVmZmVjdGl2ZSBicmVhay1pbiByb3V0aW5lOiB0cmlja2luZyBhbiBlbXBsb3llZSBpbnRvIHNoYXJpbmcgdGhlaXIgY3JlZGVudGlhbHMuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNhdG9kYXkuY29tL3N0b3J5L3RlY2gvMjAyMi8wOS8xOC91YmVyLWRhdGEtYnJlYWNoLWhhY2tlZC1waGlzaGluZy8xMDQxOTc2MTAwMi8iPjxoMSBjbGFzcz0iZ250X2FyX2hsIiBlbGVtZW50dGltaW5nPSJhci1oZWFkbGluZSI-VWJlciBzYXlzIHNlcnZpY2VzIGFyZSBvcGVyYXRpb25hbCBmb2xsb3dpbmcgZGF0YSBicmVhY2g8L2gxPjx0aXRsZSBpZD0icGxheV90ZWFscGxheWVyX3N2ZyI-UGxheTwvdGl0bGU-PHRpdGxlIGlkPSJwYXVzZV90ZWFscGxheWVyX3N2ZyI-UGF1c2U8L3RpdGxlPjx0aXRsZSBpZD0ibXV0ZV90ZWFscGxheWVyX3N2ZyI-U291bmQgT248L3RpdGxlPjx0aXRsZSBpZD0idW5tdXRlX3RlYWxwbGF5ZXJfc3ZnIj5Tb3VuZCBPZmY8L3RpdGxlPjx0aXRsZSBpZD0iY2xvc2VkQ2FwdGlvbl90ZWFscGxheWVyX3N2ZyI-Q2xvc2VkQ2FwdGlvbjwvdGl0bGU-PHRpdGxlIGlkPSJzaGFyZV90ZWFscGxheWVyX3N2ZyI-T3BlbiBTaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJmdWxsc2NyZWVuX3RlYWxwbGF5ZXJfc3ZnIj5FbnRlciBGdWxsIFNjcmVlbjwvdGl0bGU-PHRpdGxlIGlkPSJleGl0RnVsbHNjcmVlbl90ZWFscGxheWVyX3N2ZyI-RXhpdCBGdWxsIFNjcmVlbjwvdGl0bGU-&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjE1&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://www.usatoday.com
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
fa1d5f30756e9725
request-time
0
content-length
0
x-content-type-options
nosniff
p
tr.snapchat.com/ 		68 B
572 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryZAftcc2xEQ45zkLw

Response headers

date
Mon, 19 Sep 2022 17:14:43 GMT
via
1.1 google, 1.1 google
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-type
text/html
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
/
www.facebook.com/tr/ 		44 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=444277530343501&ev=PageView&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1663607683029&cd[currency]=USD&cd[content_type]=product&sw=1600&sh=1200&ud[external_id]=397269784cdc9d9bf08269e7428abea725f21a2acc6df7ee7fe9c29b99862a44&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663607682693.7626780169&it=1663607682803&coo=false&eid=pageview-6589b144-0f64-410e-965a-399b09d4c594&tm=1&rqm=GET
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 17:14:43 GMT
/
www.facebook.com/tr/ 		44 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=444277530343501&ev=ViewContent&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1663607683030&cd[currency]=USD&cd[content_type]=product&sw=1600&sh=1200&ud[external_id]=397269784cdc9d9bf08269e7428abea725f21a2acc6df7ee7fe9c29b99862a44&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663607682693.7626780169&it=1663607682803&coo=false&eid=pageview-6589b144-0f64-410e-965a-399b09d4c594&tm=1&rqm=GET
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 17:14:43 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-166840762-3&cid=327780952.1663607683&jid=1361300270&_u=KHBAAEAAEAAAAC~&z=1030684164
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-166840762-3&cid=327780952.1663607683&jid=1361300270&_u=KHBAAEAAEAAAAC~&z=1030684164
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
onetag
assoc-na.associates-amazon.com/ 		64 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22reviewedcom03-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%7D&u=https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=d987ab8b-f962-42cf-a0eb-81c187032d94
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
Server /
Resource Hash
4ded5a9d3ea2eacd97b37069e260066b57f26edd9e64b7e93b242fe5fbb271f8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:14:43 GMT
Server
Server
x-amz-rid
24181NRKFFXC2J79HJRE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.usatoday.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
64
a-01aa
i.liadm.com/s/c/ Frame 0EE4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-01aa?s=&cim=&ps=true&ls=true&duid=bf719b866c77--01gdbbxdtf5496t7v6zvc4vbb8&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.108.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-108-1.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
698
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 17:14:43 GMT
ETag
1.61803398874
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
baker
sli.usatoday.com/ 		19 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sli.usatoday.com/baker?dtstmp=1663607683305
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.226 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-226.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Expires
Mon, 19 Sep 2022 17:14:43 GMT
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.5/ 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.9.5/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220919-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92f452014c4bd081f4e3395e0423c9f5088e12f20b456f60c8b0d6b51a118127

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:43 GMT
via
1.1 5da360f23ca6a5d9a9a5e95b0b553be0.cloudfront.net (CloudFront), 1.1 varnish
age
547758
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
30400
x-served-by
cache-yul12832-YUL
last-modified
Tue, 13 Sep 2022 09:04:05 GMT
server
AmazonS3
x-timer
S1663607683.498575,VS0,VE0
etag
"61c09a3e99bef5074941c5ea63321376"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
06iT85FXYVv5EZwz82s8k4JJsG24riv9D9fNTwegBwyoYjiBUnqnRw==
x-cache-hits
65607
feed-card-placeholder.20220919-29-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20220919-29-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca2e9669d0cc6319cbefa68c880fbf59f06141c190fb30b1922ee88a11e4f64a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
oE2L0sg8IjI8o.LvE.X6XXckBXxvWy4t
content-encoding
gzip
etag
"7aa21c42eda65f471860308033598cb9"
age
3513
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1264
x-amz-id-2
FQxYjM0Tkc1Uhrj5/Yya0kuCLDxCqok4YyIg/MLDih2B0Wi8vtx9wLMOvQUjkORIFH9gW9GbFqE=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 19 Sep 2022 15:48:36 GMT
server
AmazonS3
x-timer
S1663607684.500796,VS0,VE0
date
Mon, 19 Sep 2022 17:14:43 GMT
vary
Accept-Encoding
x-amz-request-id
65NKG6JCJ10SDYYS
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
55
x-cache-hits
5503
cta-component.20220919-29-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20220919-29-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a737e3f66a346ee9e475bb77fbec472b519714c9c8c3b544435af89782a0edaf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
LIrl5t8vsKYDDMRJEwgha2brFfkf6PzJ
content-encoding
gzip
etag
"07191a19ea572ebde5ecd445300f9077"
age
3544
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5109
x-amz-id-2
1Pwwvncu//RHvGqNHZk7G0yvPeqPb8hT+fSWvDAVM9p/MI9xlDwBScL4/1S9LQolaS3Djy4EnQk=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 19 Sep 2022 15:48:46 GMT
server
AmazonS3
x-timer
S1663607684.514712,VS0,VE0
date
Mon, 19 Sep 2022 17:14:43 GMT
vary
Accept-Encoding
x-amz-request-id
6SPR0GMAHYCGXQXB
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
55
x-cache-hits
4106
userx.20220919-29-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220919-29-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f36fa0a282c376f2979a7958b50bf9dec790f9d18ad9071f99401b6abeabb81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
25EVsynxzKUy7pAkJ3e.9LAjTC3XwEJ6
content-encoding
gzip
etag
"a2de6bb2cdeb556a13b6aede27212c0f"
age
3548
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5399
x-amz-id-2
eOCwoq2kpdGTtBzEDU7ph7+kYOST4Ii9s3PhyYHBYhxqlJgG3e8iMroqwTpWxDdqWoVB/qxyJew=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 19 Sep 2022 15:45:31 GMT
server
AmazonS3
x-timer
S1663607684.517946,VS0,VE0
date
Mon, 19 Sep 2022 17:14:43 GMT
vary
Accept-Encoding
x-amz-request-id
75YPXA0RBT92RG7E
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
55
x-cache-hits
2155
social
us-trc-events.taboola.com/usatodaydemo/log/3/ 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/usatodaydemo/log/3/social?route=US:US:V&lti=aa_test_for_monitoring_var&ri=38639573b77017dac7173921c3bad824&sd=v2_ffc22df8a58d5198ece1be945465b917_0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902_1663607682_1663607682_CGoQkAkYre36tbUwIAEoATAmOInoB0Dq9QdIp8vZA1CuzAdYAGAAaN6m7pak_O37ywFwAQ&ui=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&pi=/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/&wi=5356780592502002784&pt=text&vi=1663607682733&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22rref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Uber%20says%20services%20are%20operational%20following%20data%20breach%22%2C%22sec%22%3A%22tech%22%2C%22aut%22%3A%5B%22Frank%20Bajak%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.gannett-cdn.com%2Fpresto%2F2022%2F09%2F18%2FUSAT%2Fff9d0fe9-65c0-4de6-b9e9-00b83ec760bf-AP_Uber.jpg%3Fcrop%3D3544%2C1994%2Cx0%2Cy180%26width%3D3200%26height%3D1801%26format%3Dpjpg%26auto%3Dwebp%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=17%3A14%3A43.516&id=4785&llvl=2&cv=20220919-29-RELEASE&
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 19 Sep 2022 17:14:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
social
us-trc-events.taboola.com/usatodaydemo/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/usatodaydemo/log/3/social?route=US:US:V&lti=aa_test_for_monitoring_var&ri=38639573b77017dac7173921c3bad824&sd=v2_ffc22df8a58d5198ece1be945465b917_0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902_1663607682_1663607682_CGoQkAkYre36tbUwIAEoATAmOInoB0Dq9QdIp8vZA1CuzAdYAGAAaN6m7pak_O37ywFwAQ&ui=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&pi=/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/&wi=5356780592502002784&pt=text&vi=1663607682733&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22ln%22%3A%22below-fold%22%2C%22lx%22%3A290%2C%22ly%22%3A710%2C%22m%22%3A%22video%22%2C%22v%22%3A3%2C%22md%22%3A%7B%22ap%22%3Anull%2C%22vd%22%3Anull%7D%7D%5D%7D&tim=17%3A14%3A43.516&id=2284&llvl=2&cv=20220919-29-RELEASE&
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 19 Sep 2022 17:14:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
50
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
mNc0QtgGEk5fjAEs86GntrS7BlEyDR/AohLDyBTk/uNsgQOkRrtnlEkJn1cYLIkWHL896HRkEbs=
x-served-by
cache-yul12832-YUL
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1663607684.527795,VS0,VE0
date
Mon, 19 Sep 2022 17:14:43 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
3FDSYTBK3X1PQKQQ
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
55
x-cache-hits
66
/
www.facebook.com/tr/ Frame 5F18 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.usatoday.com
Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.usatoday.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:14:43 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 819A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.usatoday.com
Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.usatoday.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:14:43 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
apple-store-fifth-avenue-new-york.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gannett-cdn.com/-mm-/9a59bb524ec9ca36e003815a74d768f534167181/c%3D0-85-1632-1... 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gannett-cdn.com/-mm-/9a59bb524ec9ca36e003815a74d768f534167181/c%3D0-85-1632-1003/local/-/media/2022/07/27/USATODAY/usatsports/apple-store-fifth-avenue-new-york.jpg
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9d0a3c574548100590f52b50b6c93e176208fbe0a15082c838c78ca8c09179

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 19 Sep 2022 17:14:43 GMT
via
1.1 varnish, 1.1 varnish
age
2724791
edge-cache-tag
305756504726627978296296530595431687273,405550598551822833538911228744018708920,29ecf9b93bbf306179626feeda1fab70
cache-tag
305756504726627978296296530595431687273,405550598551822833538911228744018708920,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
107
x-cache
MISS, HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gannett-cdn.com/-mm-/9a59bb524ec9ca36e003815a74d768f534167181/c%3D0-85-1632-1003/local/-/media/2022/07/27/USATODAY/usatsports/apple-store-fifth-avenue-new-york.jpg
content-length
2834
x-request-id
b327de0804f15a5adfd1dcf3f6b8226b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 19 Aug 2022 04:15:39 GMT
server
nginx
x-timer
S1663607684.611130,VS0,VE2
etag
"9b049a1e3af7c6709f522ccb456aae5d"
x-served-by
cache-iad-kjyo7100179-IAD, cache-iad-kiad7000061-IAD, cache-lga21965-LGA, cache-iad-kcgs7200123-IAD, cache-yul12832-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 1
surprise-smartphone-news-stock-shock.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gannett-cdn.com/-mm-/357bf1307573283c634fe2b2c18659f099299e54/c%3D0-344-6598-... 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gannett-cdn.com/-mm-/357bf1307573283c634fe2b2c18659f099299e54/c%3D0-344-6598-4055/local/-/media/2022/09/08/USATODAY/usatsports/surprise-smartphone-news-stock-shock.jpg
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
907b15777c4dd1794477502ff3c294f6f7320717829adfc88748c00e8ffecb1e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 17:14:43 GMT
via
1.1 varnish, 1.1 varnish
age
100875
edge-cache-tag
387984454723558835760092925389540539104,405550598551822833538911228744018708920,29ecf9b93bbf306179626feeda1fab70
cache-tag
387984454723558835760092925389540539104,405550598551822833538911228744018708920,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
1330
req-referer
https://www.usatoday.com/
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gannett-cdn.com/-mm-/357bf1307573283c634fe2b2c18659f099299e54/c%3D0-344-6598-4055/local/-/media/2022/09/08/USATODAY/usatsports/surprise-smartphone-news-stock-shock.jpg
content-length
3232
x-request-id
78abf9eab67f0a398b6f5f436c3b3c57
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Sun, 18 Sep 2022 12:08:48 GMT
server
nginx
x-timer
S1663607684.611331,VS0,VE1
etag
"432be210c8247e97728d9921975768c7"
x-served-by
cache-iad-kjyo7100033-IAD, cache-iad-kiad7000157-IAD, cache-lax10655-LGB, cache-iad-kcgs7200175-IAD, cache-yul12832-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
1ef64ddb0b5374f341226dd2d0e01b16.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ef64ddb0b5374f341226dd2d0e01b16.jpg
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e6f83ec3e9006b337d5cd6732ad19c4267b6bf9f7040ff6de3a39c6a23d130a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 17:14:43 GMT
via
1.1 varnish, 1.1 varnish
age
5569196
edge-cache-tag
341099822509778766746952493491853389868,405550598551822833538911228744018708920,29ecf9b93bbf306179626feeda1fab70
cache-tag
341099822509778766746952493491853389868,405550598551822833538911228744018708920,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
9
expiration
expiry-date="Wed, 17 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ef64ddb0b5374f341226dd2d0e01b16.jpg
content-length
3350
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sun, 17 Jul 2022 05:38:33 GMT
server
nginx
x-timer
S1663607684.611303,VS0,VE1
etag
"99706cf3deb3de2bf38df53453ff5e71"
x-served-by
cache-iad-kjyo7100082-IAD, cache-iad-kiad7000152-IAD, cache-chi-kigq8000128-CHI, cache-iad-kiad7000106-IAD, cache-yul12832-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 1, 1
st
imprnjmp.taboola.com/ Frame 83B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7by0CFgMjkyOHb_1OkwQjkyOHb_1OkwUAAAAGBvQHJLhwuAyj4WStMk0cbtFiZFtLHB7DWrhb2UyrycZl8myMQIILh8swGk7WKtPE4RYtRra1xOExrIW7lc20mmxcJs_GCi_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs9BLZCxXCaDpGVyeZ4-uxu40HQ6fK57ve73u6s-D9Pf5HDeNX63X3P6W55_0ctj9EsGk8lesNwrhnvVxWV5ixymh1tieTk8RrfQ4fG6TG7B0ek5Ou0-v2IwWix3s8VgMNnLAQAAAODh____HwIAAAAgAgAAAEACAAAAgCKg4t9C4AIAAAAA4____18DwGRDIDrkQGi_3XR5Ocz-AAAAAAABAAAAIAEgQKgpAejgnjn5_________48ZoM-8kfn___-_UegBePABeBACAAC4GCoaXd6KoRvPJCI4LGIEAAAAUImTqXs0qRMqi6r___9-K4ArAICAQStfW_ws3UGJtzAAAIADMTXNuphfd63DsQV6WPx-s8Ou8btd9v________9v9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcCHXgKbT4XPd60V3jd8vugBY3UCMNrMDAAAAuPv____HU9Osi_l11zrUAzGbxzIZ2YwL13DkWiyHK4_LMXE5R6vRbDVxLnbbS_R_2wrtGn_vixGW2e87KCinp8fsMoiKrrfF7nCaPQe1QMZymQySlsnlefrsBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0v4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggDI49tMLO51pLVbLgWzQaLtXC4nK0lxs1itDFOVsuVbS16fUwPy2SyHEy2KBjQtBfJ0yKdiDyLlcXichhHrplrsNytHKbJcGOZmDye3cYz3E3EEs3JIp3ILvuazWOZjGzGhWs4ci2Ww5XH5Zi4nKPVaLaaOBe7fWHksQ1mNtdaspoN16LZYLEWDpeztcS4WYw2xslqubKtRa-P6WGZTJaDyb4xm21mg91sONk3ZrPNbLCbDSf7Do_v6Dq4zsrLMxtdXL0ng8V3kBpsP5PutxBGjOei5CQcZ9cGY8O6PkjOBo_BYNhpa9_g4fX3Obvl78Z7MCpiieAinag-D9Pf5HCeXG6_RSxRmi7SiV5z-luef9HLY_RLBpPJXrDcK4Z71cVleYscpodbYnk5PEa30OHxukxuwdHpOTrtPr9iMFosd7PFYDDZS8QSwekinYhextNF_UeHGC3nqtlcsdrMFcPZKgEAAAAAAAAALGHKvAkAAADAaSCz0WS0WudBLFez5WK1XAAAAkjdH_Wxv-z_g71dpauNyKFkarDixo8Z6vMw_U0O58nl9lsZAEDgg3nzZ4JYq9WyBgAAEMAGAAAI4NbNWyA6FP____8fBwAAICNHDwAAQL8PxKTeAzd6rcBPgKPNZA!&cmcv=&pix=undefined&cb=1663607683850&uv=3226&tms=1663607683850&abt=inc_all_video_vA!ntvc_vB!scec11_vB!spa2_vA!t45!ufm_vE&ru=https://t.co/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=8aae0482-e4ba-41d6-bac0-87ef452ced3c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 19 Sep 2022 17:14:43 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12832-YUL
x-timer
S1663607684.863089,VS0,VE21
sync
us-match.taboola.com/ Frame 916D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V7by0CFgMjkyOHb_1OkwQjkyOHb_1OkwUAAAAGBvQHJLhwuAyj4WStMk0cbtFiZFtLHB7DWrhb2UyrycZl8myMQIILh8swGk7WKtPE4RYtRra1xOExrIW7lc20mmxcJs_GCi_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs9BLZCxXCaDpGVyeZ4-uxu40HQ6fK57ve73u6s-D9Pf5HDeNX63X3P6W55_0ctj9EsGk8lesNwrhnvVxWV5ixymh1tieTk8RrfQ4fG6TG7B0ek5Ou0-v2IwWix3s8VgMNnLAQAAAODh____HwIAAAAgAgAAAEACAAAAgCKg4t9C4AIAAAAA4____18DwGRDIDrkQGi_3XR5Ocz-AAAAAAABAAAAIAEgQKgpAejgnjn5_________48ZoM-8kfn___-_UegBePABeBACAAC4GCoaXd6KoRvPJCI4LGIEAAAAUImTqXs0qRMqi6r___9-K4ArAICAQStfW_ws3UGJtzAAAIADMTXNuphfd63DsQV6WPx-s8Ou8btd9v________9v9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcCHXgKbT4XPd60V3jd8vugBY3UCMNrMDAAAAuPv____HU9Osi_l11zrUAzGbxzIZ2YwL13DkWiyHK4_LMXE5R6vRbDVxLnbbS_R_2wrtGn_vixGW2e87KCinp8fsMoiKrrfF7nCaPQe1QMZymQySlsnlefrsBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0v4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggDI49tMLO51pLVbLgWzQaLtXC4nK0lxs1itDFOVsuVbS16fUwPy2SyHEy2KBjQtBfJ0yKdiDyLlcXichhHrplrsNytHKbJcGOZmDye3cYz3E3EEs3JIp3ILvuazWOZjGzGhWs4ci2Ww5XH5Zi4nKPVaLaaOBe7fWHksQ1mNtdaspoN16LZYLEWDpeztcS4WYw2xslqubKtRa-P6WGZTJaDyb4xm21mg91sONk3ZrPNbLCbDSf7Do_v6Dq4zsrLMxtdXL0ng8V3kBpsP5PutxBGjOei5CQcZ9cGY8O6PkjOBo_BYNhpa9_g4fX3Obvl78Z7MCpiieAinag-D9Pf5HCeXG6_RSxRmi7SiV5z-luef9HLY_RLBpPJXrDcK4Z71cVleYscpodbYnk5PEa30OHxukxuwdHpOTrtPr9iMFosd7PFYDDZS8QSwekinYhextNF_UeHGC3nqtlcsdrMFcPZKgEAAAAAAAAALGHKvAkAAADAaSCz0WS0WudBLFez5WK1XAAAAkjdH_Wxv-z_g71dpauNyKFkarDixo8Z6vMw_U0O58nl9lsZAEDgg3nzZ4JYq9WyBgAAEMAGAAAI4NbNWyA6FP____8fBwAAICNHDwAAQL8PxKTeAzd6rcBPgKPNZA!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 19 Sep 2022 17:14:43 GMT
machineid
3109
server
nginx
st
us-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7by0CFgMjkyOHb_1OkwQjkyOHb_1OkwUAAAAGBvQHJLhwuAyj4WStMk0cbtFiZFtLHB7DWrhb2UyrycZl8myMQIILh8swGk7WKtPE4RYtRra1xOExrIW7lc20mmxcJs_GCi_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs9BLZCxXCaDpGVyeZ4-uxu40HQ6fK57ve73u6s-D9Pf5HDeNX63X3P6W55_0ctj9EsGk8lesNwrhnvVxWV5ixymh1tieTk8RrfQ4fG6TG7B0ek5Ou0-v2IwWix3s8VgMNnLAQAAAODh____HwIAAAAgAgAAAEACAAAAgCKg4t9C4AIAAAAA4____18DwGRDIDrkQGi_3XR5Ocz-AAAAAAABAAAAIAEgQKgpAejgnjn5_________48ZoM-8kfn___-_UegBePABeBACAAC4GCoaXd6KoRvPJCI4LGIEAAAAUImTqXs0qRMqi6r___9-K4ArAICAQStfW_ws3UGJtzAAAIADMTXNuphfd63DsQV6WPx-s8Ou8btd9v________9v9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcCHXgKbT4XPd60V3jd8vugBY3UCMNrMDAAAAuPv____HU9Osi_l11zrUAzGbxzIZ2YwL13DkWiyHK4_LMXE5R6vRbDVxLnbbS_R_2wrtGn_vixGW2e87KCinp8fsMoiKrrfF7nCaPQe1QMZymQySlsnlefrsBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0v4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggDI49tMLO51pLVbLgWzQaLtXC4nK0lxs1itDFOVsuVbS16fUwPy2SyHEy2KBjQtBfJ0yKdiDyLlcXichhHrplrsNytHKbJcGOZmDye3cYz3E3EEs3JIp3ILvuazWOZjGzGhWs4ci2Ww5XH5Zi4nKPVaLaaOBe7fWHksQ1mNtdaspoN16LZYLEWDpeztcS4WYw2xslqubKtRa-P6WGZTJaDyb4xm21mg91sONk3ZrPNbLCbDSf7Do_v6Dq4zsrLMxtdXL0ng8V3kBpsP5PutxBGjOei5CQcZ9cGY8O6PkjOBo_BYNhpa9_g4fX3Obvl78Z7MCpiieAinag-D9Pf5HCeXG6_RSxRmi7SiV5z-luef9HLY_RLBpPJXrDcK4Z71cVleYscpodbYnk5PEa30OHxukxuwdHpOTrtPr9iMFosd7PFYDDZS8QSwekinYhextNF_UeHGC3nqtlcsdrMFcPZKgEAAAAAAAAALGHKvAkAAADAaSCz0WS0WudBLFez5WK1XAAAAkjdH_Wxv-z_g71dpauNyKFkarDixo8Z6vMw_U0O58nl9lsZAEDgg3nzZ4JYq9WyBgAAEMAGAAAI4NbNWyA6FP____8fBwAAICNHDwAAQL8PxKTeAzd6rcBPgKPNZA!&cmcv=&pix=31589837&cb=1663607683850&uv=3226&tms=1663607683850&abt=inc_all_video_vA!ntvc_vB!scec11_vB!spa2_vA!t45!ufm_vE&ru=https://t.co/&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1663607682008.2!ts:1663607683850&mntl=1
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:43 GMT
content-length
0
server
nginx
prebid-event
traxex.gannettdigital.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://traxex.gannettdigital.com/prebid-event
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.193.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.193.149.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 17:14:43 GMT
via
1.1 google
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.usatoday.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2443147377356773&correlator=2045873032760698&eid=31068356%2C44742768&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=7103%2Cusatoday%2Chigh_impact%2Ctech%2Cnative-article_link%2Cposter%2Cposter_scroll%2Cleaderboard_btf&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F4%2F3%2C0%2F1%2F4%2F3%2C0%2F1%2F4%2F3%2C0%2F1%2F5%2F3%2C0%2F1%2F6%2F3%2C0%2F1%2F6%2F3%2C0%2F1%2F6%2F3%2C0%2F1%2F6%2F3%2C0%2F1%2F7%2F3&prev_iu_szs=970x250%7C970x90%7C970x66%7C728x90%7C1x2%7C2560x1440%2C320x50%7C640x360%7C300x250%7C3x3%7C1x1%2C320x50%7C640x360%7C300x250%7C3x3%7C1x1%2C320x50%7C640x360%7C300x250%7C3x3%7C1x1%2C300x250%7C300x600%2C300x250%7C300x600%7C300x1050%2C300x250%7C300x600%7C300x1050%2C300x250%7C300x600%7C300x1050%2C300x250%7C300x600%7C300x1050%2C728x90&fluid=0%2Cheight%2Cheight%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=2675892286%2C3163588119%2C3163588112%2C3163588113%2C2753249855%2C1961648847%2C1961648846%2C1961648845%2C1961648844%2C1758763108&sfv=1-0-38&fsapi=false&prev_scp=position%3Dhigh_impact%26adCount%3D1%26id%3D8d1e89fa-383e-11ed-af6f-0ecee0cb6f2f%26vw%3D40%26grm%3D40%26nsf%3Dparamount%2Cparamount-high_impact%7Cposition%3Dnative-article_link%26adCount%3D1%26id%3D8d1e89fb-383e-11ed-af6f-0ecee0cb6f2f%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%26MVPlacementKey%3Dtangent-spike%26features%3Dnoautoplay%2CheavyAds%2Cpolarcirc%26nsf%3Dparamount%2Cparamount-16_9%7Cposition%3Dnative-article_link%26adCount%3D2%26id%3D8d1e89fc-383e-11ed-af6f-0ecee0cb6f2f%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%26MVPlacementKey%3Dtangent-spike%26features%3Dnoautoplay%2CheavyAds%2Cpolarcirc%26nsf%3Dparamount%2Cparamount-16_9%7Cposition%3Dnative-article_link%26adCount%3D3%26id%3D8d1e89fd-383e-11ed-af6f-0ecee0cb6f2f%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%26MVPlacementKey%3Dtangent-spike%26features%3Dnoautoplay%2CheavyAds%2Cpolarcirc%26nsf%3Dparamount%2Cparamount-16_9%7Cposition%3Dposter%26adCount%3D1%26amznbid%3Dhg02dc%26amzniid%3DJOVT7n3L5CXjJPq7Wku1kY8AAAGDVr63SQEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICAcMcV6%26amznsz%3D300x600%26amznp%3D1s4lr0g%26id%3D8d1e89fe-383e-11ed-af6f-0ecee0cb6f2f%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7Cposition%3Dposter_scroll%26adCount%3D1%26hb_ap_id%3D3351817%26hb_ap%3D0.06%26hb_adid%3D4977851dad637dc%26hb_deal%3D2165694417%26hb_size%3D300x1050%26amznbid%3Dhg02dc%26amzniid%3DJFt3UGvyWTISxyX0jY1nJsUAAAGDVr63SQEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICBhlf-A%26amznsz%3D300x600%26amznp%3D1s4lr0g%26id%3D8d1e89ff-383e-11ed-af6f-0ecee0cb6f2f%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%2C70%7Cposition%3Dposter_scroll%26adCount%3D2%26amznbid%3Dhg02dc%26amzniid%3DJIo4tqW_TEdVCfX5vK439d8AAAGDVr63SQEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICAjsY0r%26amznsz%3D300x600%26amznp%3D1s4lr0g%26id%3D8d1e8a00-383e-11ed-af6f-0ecee0cb6f2f%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%2C70%7Cposition%3Dposter_scroll%26adCount%3D3%26amznbid%3Dhg02dc%26amzniid%3DJBpYPuxWlzG4D-trpb1rNOIAAAGDVr63SQEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICDz03r5%26amznsz%3D300x600%26amznp%3D1s4lr0g%26id%3D8d1e8a01-383e-11ed-af6f-0ecee0cb6f2f%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%2C70%7Cposition%3Dposter_scroll%26adCount%3D4%26amznbid%3Dhg02dc%26amzniid%3DJL8D-chS9jMNROyc24VHLn4AAAGDVr63SQEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICCLO5xg%26amznsz%3D300x600%26amznp%3D1s4lr0g%26id%3D8d1e8a02-383e-11ed-af6f-0ecee0cb6f2f%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%2C70%7Cposition%3Dleaderboard_btf%26adCount%3D1%26id%3D8d1e8a03-383e-11ed-af6f-0ecee0cb6f2f&eri=1&cust_params=aam_props%3Dtangent-desktop%257Cdesktop%257Cstory%2520pages%26alerttype%3D%26build%3Dtangent-desktop%26content_category%3Dcomputers-electronics%252Ccomputer-security%26contentid%3D10419761002%26cst_section%3Dtech%26features%3Dnoautoplay%252CheavyAds%26gnt_sb%3D1%26gnt_ub%3D3%26hls%3Dhttps%253A%252F%252Fwww.usatoday.com%252Fgannett-web%252Fapps%252Fteal%252Fdist%252Fvendor%252Fhls%252Fhls.0.14.9.min.js%26ksg%3D%26kuid%3D%26navigationtype%3Dexternal%26origin%3DAssociated%2520Press%26pageType%3Dstory%26privacy%3DNA%26property%3DUSAT%26referrer%3Dco%252F%26sitepage%3DUSAT%252Ftech%26sgrp%3Dc%26ssts_section%3Dtech%26topic%3Duber%252Chacking%252Chacker%252Cride-hailing%252Cdata-breach%252Coverall-negative%252Ccybersecurity%252Ccomputer-crime%252Cdefense-and-cybersecurity%252Ccomputer-security%26userguid%3D8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73%26utm_props%3D%257C%257C%26variant%3Dad-control%26categoryvalue%3Ddisasters%252Ccustom-verizon%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_1506123_PG%252CIAS_1785_KW%252CIAS_3006647_PG%252CIAS_4858_KW%252CIAS_8809_KW%252CIAS_1500690_PG%252CIAS_1500693_PG%252CIAS_1507080_PG%252CIAS_6676_KW%252CIAS_1507654_PG%252CIAS_1507653_PG%26ss%3Dnon%252Ca%26swgt%3Dna%26dolookalike%3DNA%26user_traits%3Dcontrol%253A1%26excl_cat%3Ddisasters%252Ccustom-verizon&sc=1&cookie_enabled=1&abxe=1&dt=1663607683922&lmt=1663607683&dlt=1663607682088&idt=576&adxs=-12245933%2C-9%2C-9%2C-9%2C1010%2C-9%2C-9%2C-9%2C-9%2C436&adys=-12245933%2C-9%2C-9%2C-9%2C544%2C-9%2C-9%2C-9%2C-9%2C9188&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C0%7C-1%7C-1%7C-1%7C-1%7C1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&psz=1600x268%7C0x-1%7C0x-1%7C0x-1%7C300x268%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C880x108&msz=970x250%7C0x-1%7C0x-1%7C0x-1%7C300x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C728x90&fws=4%2C2%2C2%2C2%2C516%2C2%2C2%2C2%2C2%2C4&ohw=1600%2C0%2C0%2C0%2C1600%2C0%2C0%2C0%2C0%2C728&ga_vid=327780952.1663607683&ga_sid=1663607684&ga_hid=1012762984&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGML2-rW1MEgAUgIIaw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
979ef8feb93971f5f98de4b8000357c9cd8e56ecf8c0471480adbf990687a9cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46891
x-xss-protection
0
google-lineitem-id
-1,6101444084,6095185387,6091851794,4442091020,4442091020,4442091020,4442091020,4442091020,6053649295
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138404385832,138402635485,138402437015,138212695896,138212742965,138212695905,138212695902,138212695899,138396663128
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
67f6879c27bd76a25660c21597c19b82.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D8A6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://67f6879c27bd76a25660c21597c19b82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:14:44 GMT
expires
Tue, 19 Sep 2023 17:14:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame FBB4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.usatoday.com
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:14:43 GMT
server
Kestrel
server-processing-duration-in-ticks
334095
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
www.ojrq.net/p/ 		50 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ojrq.net/p/?return=&cid=14143&tpsync=no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.127.121 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.127.95.34.bc.googleusercontent.com
Software
/
Resource Hash
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:44 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
expires
Mon, 19 Sep 2022 17:14:44 GMT
optout_check
beacon.krxd.net/ 		80 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.gannett.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.4.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-4-81.compute-1.amazonaws.com
Software
/
Resource Hash
ed0499617748787c0fb58fb40273cb17b7c723cc0e411bbe0b12a922a7b3f509

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:44 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=28 t=1663607684
x-served-by
beacon-n020-ash-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/ 		363 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=e88225a2-3b7b-45e3-9cc2-a3130b91f0db&technographics=1&callback=Krux.ns.gannett.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
affaee7bb4715b12f1c6173dcf4d53ecc36dd1cfd56f83265996c9f0c78d1482

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Mon, 19 Sep 2022 17:14:44 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a014-ash-prod.krxd.net, cache-yul12833-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1663607684.176014,VS0,VE20
content-length
281
x-cache-hits
0, 0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a084add8cb108c8515d020c223e1dc39a90231a210739adaaccf1103a4290f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11315
x-xss-protection
0
up
insight.adsrvr.org/track/ Frame A039 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=4bpffy2&ref=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&upid=zpgwcot&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 17:14:44 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
social
us-trc-events.taboola.com/usatodaydemo/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/usatodaydemo/log/3/social?route=US:US:V&lti=aa_test_for_monitoring_var&ri=38639573b77017dac7173921c3bad824&sd=v2_ffc22df8a58d5198ece1be945465b917_0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902_1663607682_1663607682_CGoQkAkYre36tbUwIAEoATAmOInoB0Dq9QdIp8vZA1CuzAdYAGAAaN6m7pak_O37ywFwAQ&ui=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&pi=/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/&wi=5356780592502002784&pt=text&vi=1663607682733&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%2C%22rref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22sref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22hdl%22%3A%22Uber%20says%20services%20are%20operational%20following%20data%20breach%22%2C%22sec%22%3A%22tech%22%2C%22aut%22%3A%5B%22Frank%20Bajak%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.gannett-cdn.com%2Fpresto%2F2022%2F09%2F18%2FUSAT%2Fff9d0fe9-65c0-4de6-b9e9-00b83ec760bf-AP_Uber.jpg%3Fcrop%3D3544%2C1994%2Cx0%2Cy180%26width%3D3200%26height%3D1801%26format%3Dpjpg%26auto%3Dwebp%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=17%3A14%3A44.196&id=7202&llvl=2&cv=20220919-29-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 19 Sep 2022 17:14:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:14:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 58B0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
25780
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 10:05:04 GMT
expires
Tue, 19 Sep 2023 10:05:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3AFA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3cOu_xMQGwIhMo42csICTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-3cOu_xMQGwIhMo42csICTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:14:44 GMT
expires
Mon, 19 Sep 2022 17:14:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=suual7uwr&_kpid=e88225a2-3b7b-45e3-9cc2-a3130b91f0db&_kcp_s=USATODAY.com-Web&_kcp_d=www.usatoday.com&_knifr=15&_kpref_=https%3A%2F%2Ft.co%2F&_kua_kx_tz=0&geo_country=ca&geo_region=qc&geo_dma=124462&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_web_user_anonymous_id=8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73&_kua_web_user_meter_state=na%7Canonymous%7Cna%7Cna%7Cna&_kua_web_user_status=unauthenticated&_kua_kx_tech_browser=Chrome%2010&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=ca&_kua_kx_geo_region=qc&_kua_kx_geo_dma=124462&_kua_kx_whistle=1&_kpa_kx_context_terms=MBjJ-xXv%3A1%2CMBjJ-fn7%3A6%2CMBjJ-YK9%3A3%2CMBjJ-R3u%3A2%2CMBlZcOw1%3A1%2CMBjJ-2dy%3A1%2CMBjJ-FZm%3A1%2CMBlZcJaq%3A1%2CMBjJ-XxB%3A1%2CMBjJ_RIM%3A1%2CMBjJ-fKT%3A1%2CMBjJ_aTn%3A1&_kpa_url_path_1=story&_kpa_url_path_2=tech&_kpa_url_path_3=2022&_kpa_domain=usatoday.com&_kpa_web_client_id=cbaf261a-900b-444b-8dbf-c7d5de325888&_kpa_web_content_byline=Frank%20Bajak&_kpa_web_content_headline=Uber%20says%20services%20are%20operational%20following%20data%20breach&_kpa_web_content_id=10419761002&_kpa_web_content_keywords=uber%2Chacking%2Chacker%2Cride-hailing%2Cdata%20breach%2Coverall%20negative%2Ccybersecurity%2Ccomputer%20crime%2Cdefense%20and%20cybersecurity%2Ccomputer%20security&_kpa_web_content_s_s_t_s_section=tech&_kpa_web_content_type=story%20pages&_kpa_web_page_publishing_group=usatoday&_kpa_web_page_experience_type=desktop&_kpa_web_page_domain=www.usatoday.com&_kpa_web_page_has_video=yes&_kpa_web_page_analytics_implementation=gciAnalytics%3Aprod%3A0.245.0%3AUSAT-TEALIUM-TANGENT&_kpa_web_page_experience_version=tangent&_kpa_web_user_anonymous_id=8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73&_kpa_web_user_segmentation=control%3A1&_kpa_web_user_type=anonymous&t_navigation_type=0&t_dns=21&t_tcp=23&t_http_request=-1&t_http_response=3&t_content_ready=219&t_window_load=2127&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=xs3z2ciiz&userdata_user=PFrSBYY5%2Cxs3z2ciiz&sview=1&kplt0=44647&kplt1=33512&kplt2=33513&kplt3=34784&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2Fe88225a2-3b7b-45e3-9cc2-a3130b91f0db%2C74%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C27%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C34
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.4.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-4-81.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:44 GMT
cache-control
private, no-cache, no-store
x-request-time
D=63 t=1663607684
x-served-by
beacon-n023-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
unip
trc.taboola.com/1168/log/3/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1168/log/3/unip?en=pre_d_eng_tb&tos=1619&scd=12&ssd=1&est=1663607682810&ver=35&isls=true&src=i&invt=1500&tim=1663607684431&mrir=u&vi=1663607682733&ui=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&ref=https%3A%2F%2Ft.co%2F&cv=20220919-29-RELEASE&ler=other
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
41
pragma
no-cache
date
Mon, 19 Sep 2022 17:14:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1663607684.440625,VS0,VE41
x-served-by
cache-yul12832-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
jsvid
pixel.adsafeprotected.com/ 		237 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jsvid?videoId=9e87b19b211fbfdda0b3df90689b2ba0&anId=922805&campId=660x371&placementId=6060303800&pubCreative=138398532660
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/gannett-web/apps/teal/dist/vendor/ias/ias-3.5.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.29.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-29-33.compute-1.amazonaws.com
Software
/
Resource Hash
8fcb1ffb144ba9e09992fcc0ffd1323fdac65f3f1f22c741a95b42d5f3def2bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:44 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
bulk
trc.taboola.com/usatodaydemo/log/3/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/log/3/bulk?route=US%3AUS%3AV&lti=aa_test_for_monitoring_var&bulkSize=3
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
20
pragma
no-cache
date
Mon, 19 Sep 2022 17:14:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1663607685.502270,VS0,VE20
x-served-by
cache-yul12832-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
csi
csi.gstatic.com/ 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~l891273o&c=1549598423794&slotId=774799211897&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r1---sn-quxapm-3c2l.gvt1.com/videoplayback/id/c85a85186257962e/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1663629284/sparams/acao,ctie...
Redirect Chain
  • https://redirector.gvt1.com/videoplayback/id/c85a85186257962e/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1663629284/sparams/ip,ipbits,...
  • https://r1---sn-quxapm-3c2l.gvt1.com/videoplayback/id/c85a85186257962e/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1663629284/sparams/a...
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-quxapm-3c2l.gvt1.com/videoplayback/id/c85a85186257962e/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1663629284/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/0254051BBF52B23CFBE5462E56B854476CECA1D1.252DBEB7BFB26665F257639098F43A21AABBE6F5/key/cms1/cms_redirect/yes/mh/Be/mip/2607:5300:60:7867::15/mm/28/mn/sn-quxapm-3c2l/ms/nvh/mt/1663607259/mv/u/mvi/1/pl/32/file/file.mp4
Protocol
H3
Server
2a00:1588:d802::c , Ukraine, ASN36040 (YOUTUBE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
a43ff0e96c0242a0b50e599b52ea05c810cabcb0290e41b5f21f3eed2fbb0b3f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 Jul 2022 18:13:48 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-2449289/2449290
client-protocol
quic
cache-control
private, max-age=21299
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2449290
expires
Mon, 19 Sep 2022 17:14:45 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:44 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-quxapm-3c2l.gvt1.com/videoplayback/id/c85a85186257962e/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1663629284/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/0254051BBF52B23CFBE5462E56B854476CECA1D1.252DBEB7BFB26665F257639098F43A21AABBE6F5/key/cms1/cms_redirect/yes/mh/Be/mip/2607:5300:60:7867::15/mm/28/mn/sn-quxapm-3c2l/ms/nvh/mt/1663607259/mv/u/mvi/1/pl/32/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
703
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.5.12.js
static.adsafeprotected.com/ Frame 4DDE 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:8800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 06:50:21 GMT
content-encoding
gzip
age
8331864
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 4e2a7874b5959279490dd3b94b18a312.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
18eDzdqSMTGCcO8ypRoX3MesNtcV-VT-tqrDkrYrsKkMGgzlphzrgQ==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=7f696e4a-fbda-148f-103e-176966ed8ac4&tv=%7Bc:oGjGdv,pingTime:-8,time:26,type:l,vv:3.5.1,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:26,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:290.710.660.371,am:v,cc:290.710.660.371,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B19~100%5D,as:%5B19~660.371%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jsvid,dtt:0,fm:thTWiZd+1*.922805%7C11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f,idMap:1*,rmeas:1,rend:1,renddet:env,siq:25%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:44 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=7f696e4a-fbda-148f-103e-176966ed8ac4&tv=%7Bc:oGjGe7,pingTime:-2,time:64,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2564,beZ:2565,mfA:2567,cmA:2568,inA:2568,inZ:2574,prA:2574,prZ:2582,si:2588,poA:2590,poZ:2611,cmZ:2611,mfZ:2611,loA:2619,loZ:2621,ltA:2627,ltZ:2627%7D%7D,env:%7Bgca:false,cca:true,ccd:%7BuspString:1---,version:1%7D,gca2:false%7D,clog:%5B%7Bpiv:100,vs:o,r:v,w:660,h:371,t:24%7D%5D,ve:%7BvEventCount:1,vEvents:%5B%7Bt:-79,tp:adLoaded,sl:o,volume:0,ad_duration:30,height:360,width:640%7D%5D%7D,vv:3.5.1,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:64,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:290.710.660.371,am:v,cc:290.710.660.371,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B57~100%5D,as:%5B57~660.371%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jsvid,dtt:0,fm:thTWiZd+1*.922805%7C11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f,idMap:1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:env,siq:25,slid:%5B%5D,sinceFw:37,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:44 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
6786
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
VNuE79zGkuG1WkYkook/LzjO6m8khshs44k88xUnWQ3oapFOdrvCIvii4035AZYl3g9EnhgUwco=
x-served-by
cache-yul12832-YUL
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1663607685.646057,VS0,VE0
date
Mon, 19 Sep 2022 17:14:44 GMT
x-amz-request-id
JFXX7NJ7M2FJYZ6M
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
55
x-cache-hits
17065
%7B%22_type%22%3A%22featureUsage%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22ccpa%22%2C%22feat%22%3A%22y%22%7D%2C%7B%22cat%22%3A%22blockedBidders-init%22%2C%22feat%22%3A%22n%22%7D%2C%7B%22cat%22%3A%22simpl...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_type%22%3A%22featureUsage%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22ccpa%22%2C%22feat%22%3A%22y%22%7D%2C%7B%22cat%22%3A%22blockedBidders-init%22%2C%22feat%22%3A%22n%22%7D%2C%7B%22cat%22%3A%22simplerGpt%22%2C%22feat%22%3A%22n%22%7D%2C%7B%22cat%22%3A%22deals%22%2C%22feat%22%3A%22y%22%7D%2C%7B%22cat%22%3A%22schain%22%2C%22feat%22%3A%22n%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.usatoday.com%252Fstory%252Ftech%252F2022%252F09%252F18%252Fuber-data-breach-hacked-phishing%252F10419761002%252F%22%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223062%22%2C%22lv%22%3A%2222.9.81452%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:45 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
RB6483YZ7CWWKHZ7H5QA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
%7B%22_type%22%3A%22featureUsage%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22useSafeFrames%22%2C%22feat%22%3A%22n%22%7D%2C%7B%22cat%22%3A%22adServer%22%2C%22feat%22%3A%22none%22%7D%2C%7B%22cat%22%3A%22gdpr...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_type%22%3A%22featureUsage%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22useSafeFrames%22%2C%22feat%22%3A%22n%22%7D%2C%7B%22cat%22%3A%22adServer%22%2C%22feat%22%3A%22none%22%7D%2C%7B%22cat%22%3A%22gdpr%22%2C%22feat%22%3A%22no-cmp%22%7D%2C%7B%22cat%22%3A%22blockedBidders-fetchBids%22%2C%22feat%22%3A%22n%22%7D%2C%7B%22cat%22%3A%22slots%22%2C%22feat%22%3A%22aps%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.usatoday.com%252Fstory%252Ftech%252F2022%252F09%252F18%252Fuber-data-breach-hacked-phishing%252F10419761002%252F%22%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223062%22%2C%22lv%22%3A%2222.9.81452%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:45 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
HXY8K8H1Z23KBB2KDD08
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
%7B%22_type%22%3A%22featureUsage%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22AaxSlotSizes%22%2C%22feat%22%3A%222d-number%22%7D%2C%7B%22cat%22%3A%22fetchBids%22%2C%22feat%22%3A%22multi-onload-initial%22%7D%...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_type%22%3A%22featureUsage%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22AaxSlotSizes%22%2C%22feat%22%3A%222d-number%22%7D%2C%7B%22cat%22%3A%22fetchBids%22%2C%22feat%22%3A%22multi-onload-initial%22%7D%2C%7B%22cat%22%3A%22slotType%22%2C%22feat%22%3A%22display%22%7D%2C%7B%22cat%22%3A%22customFloor%22%2C%22feat%22%3A%22n%22%7D%2C%7B%22cat%22%3A%22idRemap%22%2C%22feat%22%3A%22y%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.usatoday.com%252Fstory%252Ftech%252F2022%252F09%252F18%252Fuber-data-breach-hacked-phishing%252F10419761002%252F%22%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223062%22%2C%22lv%22%3A%2222.9.81452%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:45 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
CNWX9JCAZ7YYQJ57GNX1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
%7B%22_type%22%3A%22featureUsage%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22slotType%22%2C%22feat%22%3A%22video%22%7D%2C%7B%22cat%22%3A%22trustToken%22%2C%22feat%22%3A%22notSupported%22%7D%2C%7B%22cat%22%...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_type%22%3A%22featureUsage%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22slotType%22%2C%22feat%22%3A%22video%22%7D%2C%7B%22cat%22%3A%22trustToken%22%2C%22feat%22%3A%22notSupported%22%7D%2C%7B%22cat%22%3A%22bidType%22%2C%22feat%22%3A%22d-amzniid%22%7D%2C%7B%22cat%22%3A%22bidRender%22%2C%22feat%22%3A%22unfriendly%22%7D%2C%7B%22cat%22%3A%22targeting%22%2C%22feat%22%3A%22targetingKeys-display%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.usatoday.com%252Fstory%252Ftech%252F2022%252F09%252F18%252Fuber-data-breach-hacked-phishing%252F10419761002%252F%22%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223062%22%2C%22lv%22%3A%2222.9.81452%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:45 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
X18XK42FPJTRN2V0N10C
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=7f696e4a-fbda-148f-103e-176966ed8ac4&tv=%7Bc:oGjGjr,pingTime:-10,time:394,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1663607684964%7C%7C771a0dc12849dbf095d0955024d5db2e%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7C1a56c8b8e905143b13013a1d60df01f5%7C%7C5ea89c475acba1f44cfbb77d00eb435c%7C%7C366150fb862f2461a94e8cc2032f4cad%7C%7C75dd0ad08bb062e6f44f34f577f1656d%7C%7C934abebd534bc65d6377f684d830d4e5%7C%7C1629390669%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091301&jk=2443147377356773&bg=!fn2lfTnNAAZqQh0mSkI7ACkAdvg8Wutb9LGVe54eoFWX4iX36ImKcMNMFojpgUa4C9DTkoLwWld4bQIAAABRUgAAAAJoAQcKAJa8Eokve72fYKdq6utMh4LGZStwKd58tZdLY8og6j7vnYiqrCb7aJR4oO4s_RuMu-TUA96Igt9ei7HlwQ8Mmlt0cKKoCoZoxy6CDPYWnuQIN33CngsXj4YfkhJ0fXP3eWAfmMzaHNQ_wM8qDdCQdlMvWL-oDHshzpALUxTgwFDXutETWumVMgQCzn0ezd0Kd_kZp-_d7j2ZAuy5xStSmlVx-LzQGO28xAkjgRaoJ-LdKCyDCkdUTvRF2WSI_Nt_37uTubQbt-FjU710lMgJsIhUOMNaVvLk2PEJq2bfIqm1i42JDzQj-fIYG-sRPXYHJ8VtB9Cv75wIZt0eR542ZHpIjSBf4DFyippeguFv2wIaUmCCFwcLf12bZAVOkZZSAW9XYTKBMvZLuDz_w3zV1J16hbpPN0NXvliEgGm_H3HNDf7XLKXDtVsvOVTETkq8zAZLfCbfSQU0MC6urQ8WwPaaWh7uHDYs7xQ_Q1KMazwUpPlMKrEgrEOAmK4VvG_Ycg5MsJnRPnD76RSocIQMx3CvpsSlwherfrDSl56LsH5OTXyuQYam9UGbh6cgpH5Ul-XA9aFJ7BPO-YFYFsQtqYiWkvxG2cngcimP7L8fza41B-umodyycE4Jd4gaIdegK4DXtsfabCE-r3Dnr6GgEXmOa3IKKi4EztXBuxCMi8IiM-QtknqMUbBjNgiYskydWNAg2u5KSHMwUj1abWyMoRhI9Yk6P4HsVpXasON2ZmIKXxUC87jBmOtHGxFjmYKQcXZBsjLnYW7XJQqssX1p7bpMCZdAOoU-wSGj61_k5jZX-cFVHk-u4jZNBInr2jlIeyO2CovpvpSqG2d4qxI9R01Hsei9H72srjJJbsaGq-QrVF61Xc6m8cPTUQYXnwx0H0OfVL5nx0wf4cM2gGSKKuhL8cMqgS90RnV2d6Mxv0DNcMDk0_6gvyfOl1mDCwz9sXlsZQ370FnuH6kw5D_9sXIaIlV4m_D9N6jlCp1f0UuExFtq39RqZ9-p6u_CRVMnSncA4IZcm1GxWQ1GhJ8EvJgpwPEQsqYp0XpAxyUyyUaYpUmw0pLol62aTWUCZo0xJpExyhAaHh4pEjmGxkfHPMAq9okieTPPtMUBuqpLpb2gyvBIYyoxhKTvo1Gk-AuZl7pHRvbEnOvgXA4GlgeD6zOUNWl0EHMx0EQU1MioWrwdTkAC7TQs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
container.html
67f6879c27bd76a25660c21597c19b82.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EE4A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://67f6879c27bd76a25660c21597c19b82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/main-q1a2z3ec888503.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:14:44 GMT
expires
Tue, 19 Sep 2023 17:14:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6AA3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv59gn1uOMyPYJUMi6HUui-bFAYtpMXVCG9gAd8YtZjIvtP1RyX6ASzmEnerQ9f64XT-c3LZatYMFm8aDd_iKJheuEgWFpexxjbReC41KOgNXMO6hwBVNakSs_AGVAET9shMmz_2B9vbKv3zVEnz8a7AGLYFNkpqn7S3o-XoK0cS6NFPWLbON6EE1kfEOorLzH0cb9_U2oDO_HybLC_GhvbbpB06wQkk-5EeYEDnfBOUDoJw4qeZW-SfUWrTfppOmKsRjd2MeLsBJmFKjn_y5h6vgvRd2rzGKZwUptGAgkIXDU_2YZC1NDE5eFPalGO_xyMDTQG&sai=AMfl-YTrM8cJssdetQnbSuAV3GupKYf2h1qRddiY_1Uxg4mEFy30_AwHFrhHFfZe-wBFxgdAz7tqQZGAbmdDB6oSOGI7pfFXDBDhKh7nkxdAb3dqwzu7495grHnkdBYe2QA&sig=Cg0ArKJSzOpC4RC1X4gOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: t.co
URL: https://t.co/ZUv10TUi4A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:14:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6AA3 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: t.co
URL: https://t.co/ZUv10TUi4A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:14:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9378 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujG80-Pldjs7xm7-4WnOOMgg3WGNZlWvCciUhf2wjiWkGFRl3FX704jhs5m67oVqinLMs1C-e0tTWIK0HYD4oUJxY_6W8T3dhZpK890ysxeMqTWevGARJQ4WCL2g-z7AklcWKbFJovPfSUVYEV1PwjlBEnE6PAX1VJpMuvFh_qhC9Qt5atnHtkoQ9j-e8vYHV1NQjrHxGVGFaEH45ov-4VjZegKxv8jxGKw4vY9AJqx6Jx3u_BX1j1GqHiXlABp4Wwep0ghMeRSzEqUxTZd_HMgvBks1YWt6pC1KTB39kbd8vch6WBsNT8Q_u2UmUV_5LXO3UD15vmqd4HNGHlRmyMDcijYotV4XX3&sai=AMfl-YQRbwfmZUhCIqfYi3krH30JB3EX2jzXJOvbhZZkul9Ka1ssH_JUBJNmKdrefonw8TXTsbtnDUoV1GJ-BuJzMBceanBNafUaVzutHQ4lbAY8_3oJToP1LS18fc20u10&sig=Cg0ArKJSzHE-3Rzyn4mmEAE&uach_m=[UACH]&adurl=
Requested by
Host: t.co
URL: https://t.co/ZUv10TUi4A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:14:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 9378 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: t.co
URL: https://t.co/ZUv10TUi4A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 17:13:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9378 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: t.co
URL: https://t.co/ZUv10TUi4A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:14:45 GMT
4907745971159831724
tpc.googlesyndication.com/simgad/ Frame 9378 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4907745971159831724
Requested by
Host: t.co
URL: https://t.co/ZUv10TUi4A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa9b87754876c84c8ecece31f925be4edc7e5471e1dfdee655eec9525ea3bc59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 19:58:48 GMT
x-content-type-options
nosniff
age
594957
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97793
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 22:34:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Sep 2023 19:58:48 GMT
l
www.google.com/ads/measurement/ Frame 9378 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTC5jVzd7IJCEj-dapSHIDSkiIMvZZax_kXbgFEHPipih_48Q-vqMEAh5zqrOuxynMFFaqDakCwRh-J9kBvDjnbzuxtpw
Requested by
Host: t.co
URL: https://t.co/ZUv10TUi4A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
truncated
/ Frame 9378 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bc9b19a38265e8a3c73f64cffad19cbad903baab9c573226aca9f53159e60cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
091322_USAT40th_entrance
cm.usatoday.com/overlay/ Frame 133F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.usatoday.com/overlay/091322_USAT40th_entrance
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/main-q1a2z3ec888503.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors https://usatoday.com https://*.usatoday.com https://*.gannettdigital.com https://*.usatodaynetworkservice.com https://*.usatodaynetwork.com 'self';default-src 'none';script-src 'unsafe-inline';style-src 'unsafe-inline';worker-src 'none';style-src-elem 'unsafe-inline';connect-src https://reporting-api.gannettinnovation.com https://api.parsely.com;font-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';img-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com https://images.parsely.com data: 'self';prefetch-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';form-action https://*.usatoday.com 'self' 'unsafe-hashes';sandbox allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms;report-sample;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
339138
cache-control
public, max-age=3600, stale-while-revalidate=7200
content-encoding
gzip
content-length
86281
content-security-policy
upgrade-insecure-requests;frame-ancestors https://usatoday.com https://*.usatoday.com https://*.gannettdigital.com https://*.usatodaynetworkservice.com https://*.usatodaynetwork.com 'self';default-src 'none';script-src 'unsafe-inline';style-src 'unsafe-inline';worker-src 'none';style-src-elem 'unsafe-inline';connect-src https://reporting-api.gannettinnovation.com https://api.parsely.com;font-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';img-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com https://images.parsely.com data: 'self';prefetch-src https://*.usatoday.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';form-action https://*.usatoday.com 'self' 'unsafe-hashes';sandbox allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms;report-sample;report-uri https://reporting-api.gannettinnovation.com;report-to default
content-type
text/html
cross-origin-resource-policy
same-site
date
Mon, 19 Sep 2022 17:14:45 GMT
etag
"94043d897680bb622d622a3da7ca775f"
expires
Thu, 15 Sep 2022 19:02:27 GMT
feature-policy
autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
last-modified
Thu, 15 Sep 2022 18:28:49 GMT
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
origin-agent-cluster
?1
permissions-policy
autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
strict-transport-security
max-age=63072000;includeSubDomains;preload
timing-allow-origin
*
vary
X-AbVariant,Accept-Encoding
x-cache
HIT, HIT
x-content-type-options
nosniff
x-goog-generation
1663266529634091
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
128823
x-robots-tag
noindex
x-timer
S1663607685.332766,VS0,VE0
x-xss-protection
1;mode=block
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~l89128pd&c=1549598423794&slotId=774799211897&met.4=hvd_lc.l89128pd~hvd_src.l89128pd
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14143
gannett.sjv.io/cur/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gannett.sjv.io/cur/14143
Requested by
Host: d.impactradius-event.com
URL: https://d.impactradius-event.com/A2920824-78d2-4593-b257-ae490811f1a01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.211.136 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
136.211.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Mon, 19 Sep 2022 17:14:45 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1012762984&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscribe&ea=overlay%20impression&el=acquisition-entrance%20a0802e&_u=KHBAAEABEAAAAC~&jid=&gjid=&cid=327780952.1663607683&tid=UA-166840762-3&_gid=461884958.1663607683&cd177=light&cd166=1&cd5=5%3A00%20pm&cd6=0&cd14=10419761002&cd58=&cd61=tech&cd62=null&cd64=null&cd63=null&cd30=story%20pages&cd180=1166&cd1=custom&cd72=1&cd128=1&cd129=1&cd126=3&cd127=3&cd159=3&cd2=gciAnalytics%3Aprod%3A0.245.0%3AUSAT-TEALIUM-TANGENT&cd3=0.245.0&cd108=f&cd76=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&cd45=desktop&cd49=tangent&cd91=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&cd77=USAT-E&cd178=no&cd95=McLean%2C%20VA&cd68=VA&cd67=usatoday&cd43=https%3A%2F%2Ft.co%2F&cd28=USAT&cd99=Gannett&cd162=A&cd79=USAT-TEALIUM-TANGENT&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&cd4=8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73&cd179=16276&cd11=na%7Canonymous%7Cna%7Cna%7Cna&cd165=na%7Canonymous%7Cna%7Cna%7Cna&cd169=000&cd170=000&cd40=1&cd160=null&cd42=control%3A1&cd8=unauthenticated&cd90=0&cd33=anonymous&cd7=327780952.1663607683.87829640&cd44=327780952.1663607683&cd92=overlay%20impression&cd153=content%20entrance%20overlay&z=867514562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:21:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50002
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?videoId=9e87b19b211fbfdda0b3df90689b2ba0&anId=922805&campId=660x371&placementId=6060303800&pubCreative=138398532660&adsafe_url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.usatoday.com%2F&adsafe_type=f&adsafe_jsinfo=,id:7f696e4a-fbda-148f-103e-176966ed8ac4,c:oGjGdt,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-779cbf6c5b-xb2c8,rg:va,pt:2-5-15,wc:0.0.1600.1200,ac:290.710.660.371,am:v,cc:290.710.660.371,piv:100,obst:0,th:0,reas:v,mu:10000,br:c,bru:c,an:n,oam:0,vc:jv3,scm:publ2.grpm2,mtim:3,mot:0,app:0,maw:0,fm:thTWiZd+1*.922805%7C11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:jsvid,et:25,oid:8e4fb791-383e-11ed-814a-1a723c5ee77a,v:19.8.352,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,x_vv:3.5.1,x_vanstag:cm,x_xcamp:660x371,x_xplac:6060303800,x_xpc:ima
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.29.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-29-33.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
x-server-name
app01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
p
sb.scorecardresearch.com/ 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663607682477&ns_st_ec=3&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=end&ns_st_po=3&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=8764973002&ns_st_pt=3&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=2932&ns_st_det=2929&ns_st_upc=3&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=3&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=3&ns_st_dlpc=0&ns_st_lpa=3&ns_st_dlpa=0&ns_st_pa=3&ns_ts=1663607685414&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=0&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=travel&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-11-26T17%3A07%3A46Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=travel&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Ftravel%2F2021%2F11%2F26%2Ffour-tips-saving-money-uber-and-lyft-rides%2F8764973002%2F&c8=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&c9=https%3A%2F%2Ft.co%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
via
1.1 3ea826f29560ca95cae18534029cc5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
content-length
43
x-amz-cf-id
VKEMHxmnWKmze4tYAmNWyqApe3_4-HaTeFHEaJPoccZGb0wE9Cm_hQ==
x-cache
Miss from cloudfront
content-type
image/gif
p
sb.scorecardresearch.com/ 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1663607682477&ns_st_ec=4&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=2&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=1&ns_st_ad=1&ns_st_ci=8764973002&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=3&ns_ts=1663607685415&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_st=*null&ns_st_pu=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&c8=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&c9=https%3A%2F%2Ft.co%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
via
1.1 3ea826f29560ca95cae18534029cc5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
content-length
43
x-amz-cf-id
AUaPvbzfLx1es9wMI0p2bUTJQMU80HBDquVeVuq-F42Wyx2sDGYlBQ==
x-cache
Miss from cloudfront
content-type
image/gif
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1012762984&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=ad-start&el=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&_u=KHBAAEABEAAAAC~&jid=&gjid=&cid=327780952.1663607683&tid=UA-166840762-3&_gid=461884958.1663607683&cd177=light&cd166=1&cd5=5%3A00%20pm&cd6=0&cd26=staff%20video&cd65=travel&cd25=Four%20tips%20for%20saving%20money%20on%20Uber%20and%20Lyft%20rides&cd14=8764973002&cd58=Travel%2COverall%20Positive%2CMoney%2CTips%20and%20Tricks%2CLyft%2CUber%2CVideo%20Syndication%20-%20USAT&cd94=USA%20TODAY&cd61=travel&cd62=null&cd64=null&cd63=null&cd30=video&cd1=video-ad-start&cd72=1&cd128=1&cd129=1&cd126=3&cd127=3&cd159=3&cd2=gciAnalytics%3Aprod%3A0.245.0%3AUSAT-TEALIUM-TANGENT&cd3=0.245.0&cd76=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&cd45=desktop&cd49=tangent&cd77=USAT-E&cd95=McLean%2C%20VA&cd68=VA&cd67=usatoday&cd43=https%3A%2F%2Ft.co%2F&cd28=USAT&cd99=Gannett&cd162=A&cd79=USAT-TEALIUM-TANGENT&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&cd4=8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73&cd11=na%7Canonymous%7Cna%7Cna%7Cna&cd165=na%7Canonymous%7Cna%7Cna%7Cna&cd169=000&cd170=000&cd40=1&cd160=null&cd42=control%3A1&cd8=unauthenticated&cd90=0&cd33=anonymous&cd7=327780952.1663607683.30919253&cd44=327780952.1663607683&cd92=autoplay%7Cmuted%7Cpreroll%7Cteal-hero&cd55=&cd17=6060303800&cd13=50&cd18=USATODAY&cd16=autoplay%7Cmuted%7Cpreroll%7Cteal-hero&cd22=&cd15=teal&cd19=USA%20TODAY&cm6=0&cd21=&cd20=hero&cm7=1&z=1841812435
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:21:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50002
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
8aae3612-a36c-48d4-b654-ae0ed8cb1bac-VPC_RIDESHARE_PRICES.jpg
www.gannett-cdn.com/presto/2021/11/26/USAT/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2021/11/26/USAT/8aae3612-a36c-48d4-b654-ae0ed8cb1bac-VPC_RIDESHARE_PRICES.jpg?width=660&height=371&fit=crop&format=pjpg&auto=webp
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jsvid?videoId=9e87b19b211fbfdda0b3df90689b2ba0&anId=922805&campId=660x371&placementId=6060303800&pubCreative=138398532660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
16fe769b2edcb8b600e58c0907b8275182c09fc886c265681b94d50a56adb5ad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=zhYOfg==, md5=tP8Kn1iB9Fu2nAW8BbrSOA==
date
Mon, 19 Sep 2022 17:14:45 GMT
via
1.1 varnish, 1.1 varnish
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
3433512
x-guploader-uploadid
ADPycdtippw-Vcpb0SS68jydDh14Rj1oNJaLIcbNZbZGVT-599OBwHVDtJgQr45DIqOizJOLRtHqZgNYVhMaXt6idT4olA
x-cache
HIT, HIT
fastly-io-info
ifsz=403808 idim=1080x1080 ifmt=jpeg ofsz=22194 odim=660x371 ofmt=webp
x-goog-storage-class
NEARLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
22194
x-served-by
cache-iad-kjyo7100023-IAD, cache-yul12832-YUL
vcl_data
4teo2sTrkRpe2BJzz4IyqE.277_19-e95cb5ef2212fd9d1b5de488fdb8074b
server
UploadServer
x-timer
S1663607685.438065,VS0,VE0
etag
"P4pbpV8lehpskBUoHzhpRBpdx4KZ4TWdwyspY/RMbb0"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
x-goog-generation
1637940054220348
expires
Wed, 10 Aug 2022 23:29:32 GMT
cache-control
max-age=2592000
x-goog-stored-content-length
403808
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 2
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=7f696e4a-fbda-148f-103e-176966ed8ac4&tv=%7Bc:oGjGqY,pingTime:0,time:861,type:pf,clog:%5B%7Bpiv:100,vs:o,r:v,w:660,h:371,t:24%7D,%7Bvs:i,r:,t:861%7D%5D,ve:%7BvEventCount:4,vEvents:%5B%7Bt:-79,tp:adLoaded,sl:o,volume:0,ad_duration:30,height:360,width:640%7D,%7Bt:839,tp:adImpression,sl:o,volume:0,ad_duration:30,height:360,width:640,x_vv:3.5.1,x_vanstag:cm,x_xcamp:660x371,x_xplac:6060303800,x_xpc:ima%7D,%7Bt:842,tp:adStarted,sl:o,volume:0,ad_duration:30,height:360,width:640%7D,%7Bt:842,tp:adVideoStart,sl:o,volume:0,ad_duration:30,height:360,width:640%7D%5D%7D,vv:3.5.1,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:861,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:290.710.660.371,am:v,cc:290.710.660.371,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B854~100%5D,as:%5B854~660.371%5D%7D%7D,%7Bsl:i,t:861,wc:0.0.1600.1200,ac:290.710.660.371,am:v,cc:290.710.660.371,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~660.371%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:92,fm:thTWiZd+1*.922805%7C11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f,idMap:1*,rmeas:1,rend:1,renddet:env,siq:25%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
x-server-name
dt28.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
truncated
/ Frame 6AA3 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcbab4467c7a6a5ee2cd09a6acba33d7992f8e995c103f8dfc751660086e6aef

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame BB72 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=922805&campId=300x600&pubId=76839168&chanId=35441208&placementId=4442091020&pubCreative=138212695896&pubOrder=2154910521&cb=184719300&adsafe_par&impId=8d1e89fe-383e-11ed-af6f-0ecee0cb6f2f&custom2=external&custom3=story
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.29.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-29-33.compute-1.amazonaws.com
Software
/
Resource Hash
6954e335e3fcfdf60110467b3feebe861d7d192bebd3ad5ddae64c979e81cfee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
admi
aax-us-east.amazon-adsystem.com/e/dtb/ Frame C7EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JOVT7n3L5CXjJPq7Wku1kY8AAAGDVr63SQEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICAcMcV6&rnd=840120812081663607685265&pp=hg02dc&p=1s4lr0g&crid=519816_ssl&ep=%7B%22ce%22%3A%221%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
10423
Content-Type
text/html;charset=UTF-8
Date
Mon, 19 Sep 2022 17:14:45 GMT
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
EDVQA555WVNDYJS1YTN1
csm_othersv5.js
c.amazon-adsystem.com/bao-csm/direct/ Frame 6AA3 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/direct/csm_othersv5.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:39:36 GMT
content-encoding
gzip
server
Server
age
27309
x-amz-rid
1AGP4BKBP8T6TPK9BNQ1
etag
cea0ea9972e073858d8de90ee4cf862f
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
NrcrBRhYoyhvhoCKzTufe7nzST2CrV9B
via
1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
_duLQi5NedQgFFWWAw6De5XESd5gYSaa_ISmqIrZz3bsTO1RGah8Pw==
view
securepubads.g.doubleclick.net/pcs/ Frame 9378 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHhrydLwrWHjEOWxO5dsFPb2m6NC635u7RksF-PYeYgD2Bz-G6x91AMcx6lB986d01xhaa9Tab3IYVdhBVL7jMK6jOqcRWWQJ2ULPWs-2mMP2DZHd9sGv12UkRSFtgP4MO9M2G_Ix7w_W983bE-pBC_bC7FPJfbKXhMw8GFpgKrn9hi1uxDh4hpGNH09T4flCoaAY7GQo9Q63_nqxYKliu0s9T01sGCYIN0Cb4CTUYNK_DUF39kjMxy2fKmTsxGnD7VPFPOmVWq2kPrlLo_T8RLfmNgjVFhdRx6OmXFoQvRs8BxOq_uPTU8BXcs2znWbKB4LGRL-yMCSlOUUyX&sai=AMfl-YR1XRmymsNjl4TXX5nSDqZ7i9o76xffyIK8bdRGTu6o82F4CPt_6nbGvnJh8DL2MMcO4sPfMhPsemOs5wZae9s0qw29RJLBgTsrDGaCh_xWb-ZA5NGsN1usMUj2tpI&sig=Cg0ArKJSzJIerve_XGMWEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:14:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 19 Sep 2022 17:14:45 GMT
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 516E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891274L-O-FVDG
0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891274L-O-FVDG
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Mon, 19 Sep 2022 17:14:45 GMT
via
1.1 varnish
server
nginx
x-timer
S1663607686.642992,VS0,VE18
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-yul12832-YUL

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L891274L-O-FVDG
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 516E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIy_ImZ29TXFo-TRZ9kgidY&google_cver=1
0
85 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIy_ImZ29TXFo-TRZ9kgidY&google_cver=1
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
416
date
Mon, 19 Sep 2022 17:14:46 GMT
via
1.1 varnish
server
nginx
x-timer
S1663607686.648521,VS0,VE416
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12832-YUL

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIy_ImZ29TXFo-TRZ9kgidY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 516E 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902:$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 516E
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902
date
Mon, 19 Sep 2022 17:14:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17322
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 516E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9f3abfbb-69b7-48a9-9a3f-979dc96f1a25
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9f3abfbb-69b7-48a9-9a3f-979dc96f1a25
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
242
date
Mon, 19 Sep 2022 17:14:45 GMT
via
1.1 varnish
server
nginx
x-timer
S1663607686.648445,VS0,VE242
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12832-YUL

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9f3abfbb-69b7-48a9-9a3f-979dc96f1a25
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 516E
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:45 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:45 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 516E 		49 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-75d8c985f8-kznrw
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 516E 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.193 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 516E 		43 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.209.207.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-207-157.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
content-length
43
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 516E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=51e7f96a-26b9-4eec-b7be-9c878bdcd9d8
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=51e7f96a-26b9-4eec-b7be-9c878bdcd9d8
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17297

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=51e7f96a-26b9-4eec-b7be-9c878bdcd9d8
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
10649055
content-length
0
expires
Mon, 19 Sep 2022 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 516E
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F464%2F2%2F6%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/2/6/2.gif?puid=3652634210590589388&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOgiGvfEYZj0N-vMIxZL3_q7439OM9ekqVfq7V8g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/5/3.gif?puid=f2d76328-a383-4c00-8626-2af3546de117&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=9f3abfbb-69b7-48a9-9a3f-979dc96f1a25&ttl=%%TTL%%
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F3%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/429/3/5.gif?puid=2CEDD11A-7AAA-4725-B4BE-19216827D34E&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/464/434/2/6.gif?puid=4a95cd8e-2285-41e0-ba7a-cd7037ff5897&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/464/108/1/7.gif?puid=4721a8b0-9d82-4313-ad7e-90db194e7fe7&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F0%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F0%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/0/8.gif?puid=E9061D50A785F35D&gdpr=0&gdpr_consent=
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOgiGvfEYZj0N-vMIxZL3_q7439OM9ekqVfq7V8g
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOgiGvfEYZj0N-vMIxZL3_q7439OM9ekqVfq7V8g
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
26571

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOgiGvfEYZj0N-vMIxZL3_q7439OM9ekqVfq7V8g
date
Mon, 19 Sep 2022 17:14:46 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 516E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=taboola&bsw=2fc1ffe9-f839-4cfc-877f-9f8c295f1968
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=taboola&bsw=2fc1ffe9-f839-4cfc-877f-9f8c295f1968&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=MTI0M2NiMmY0NjM5YmRh&gdpr=0&gdpr_consent=&us_privacy=&ssp=taboola&bsw_param=2fc1ffe9-f839-4cfc-877f-9f8c295f1968
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2fc1ffe9-f839-4cfc-877f-9f8c295f1968
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2fc1ffe9-f839-4cfc-877f-9f8c295f1968
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21677

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2fc1ffe9-f839-4cfc-877f-9f8c295f1968
Date
Mon, 19 Sep 2022 17:14:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 516E
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1cc87faf-cdbd-43a7-a158-081f5ef04f5b
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1cc87faf-cdbd-43a7-a158-081f5ef04f5b&tbid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&query=taboola_hm%3D1cc87faf-cdbd-...
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1cc87faf-cdbd-43a7-a158-081f5ef04f5b&tbid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&query=taboola_hm%3D1cc87faf-cdbd-43a7-a158-081f5ef04f5b&isDirect=0
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
via
1.1 varnish
server
nginx
x-timer
S1663607686.841184,VS0,VE18
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12832-YUL

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1cc87faf-cdbd-43a7-a158-081f5ef04f5b&tbid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&query=taboola_hm%3D1cc87faf-cdbd-43a7-a158-081f5ef04f5b&isDirect=0
date
Mon, 19 Sep 2022 17:14:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22044
sd
u.openx.net/w/1.0/ Frame 516E 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 516E 		37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&dongle=tbla
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame 516E 		49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-type
image/gif
content-length
49
expires
0
/
s.uuidksinc.net/match/1135/ Frame 516E 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/1135/?remote_uid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
server
nginx/1.19.0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 516E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=WNOpMrZBRChLAc_rtzvVMJU4mbo
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=WNOpMrZBRChLAc_rtzvVMJU4mbo
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18434

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=WNOpMrZBRChLAc_rtzvVMJU4mbo
Date
Mon, 19 Sep 2022 17:14:45 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 516E
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&gdpr=0&gdpr_consent=&us_privacy=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2fc1ffe9-f839-4cfc-877f-9f8c295f1968&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2fc1ffe9-f839-4cfc-877f-9f8c295f1968&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2fc1ffe9-f839-4cfc-877f-9f8c295f1968&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Mon, 19 Sep 2022 17:14:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
t.adx.opera.com/ Frame 516E 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:46 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 516E
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=f97cf699-9575-0c19-3690-36c4f0f99da4
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=f97cf699-9575-0c19-3690-36c4f0f99da4
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17297

Redirect headers

date
Mon, 19 Sep 2022 17:14:45 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=f97cf699-9575-0c19-3690-36c4f0f99da4
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220919-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
NrP0zRqJgdqCAFOGjLJOgaX1BFZQx8TJ
content-encoding
gzip
etag
"8cbcf8a5c724c32aa9be09d14a4c624d"
age
785
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
923
x-amz-id-2
E043v4cAlJxnnSXL9R3tp+CFTXw996vLrBDS3tyutnboFiGdeMV2jjChDnaXkTKEN54QsI6IDoo=
x-served-by
cache-yul12832-YUL
last-modified
Thu, 15 Sep 2022 14:11:45 GMT
server
AmazonS3
x-timer
S1663607686.592683,VS0,VE0
date
Mon, 19 Sep 2022 17:14:45 GMT
vary
Accept-Encoding
x-amz-request-id
158FYBNJ3HNDCNTT
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
55
x-cache-hits
4693
main.19.8.352.js
static.adsafeprotected.com/ Frame BB72 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=300x600&pubId=76839168&chanId=35441208&placementId=4442091020&pubCreative=138212695896&pubOrder=2154910521&cb=184719300&adsafe_par&impId=8d1e89fe-383e-11ed-af6f-0ecee0cb6f2f&custom2=external&custom3=story
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:8800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:52:08 GMT
content-encoding
gzip
age
260558
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 4e2a7874b5959279490dd3b94b18a312.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
q3ue8Usm_vybB_wQiKdppGK3_Yu4yEQdbc6K3Af3iFHt6Llzv25QEw==
/
pips.taboola.com/ 		64 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
7668c9941b80176513e853cc25b61b81a81f80417d52b4c2016deee3935b2b05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:45 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-yul12831-YUL
access-control-allow-methods
GET
access-control-allow-origin
https://www.usatoday.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
sca.17.5.12.js
static.adsafeprotected.com/ Frame C62C 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:8800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 06:50:21 GMT
content-encoding
gzip
age
8331865
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 4e2a7874b5959279490dd3b94b18a312.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
flEsTTv8DqZwhPm07pmRGnQMpF3LqcQKd0HlFTaizYfbVBZ8pWrDww==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=922805&campId=300x600&pubId=76839168&chanId=35441208&placementId=4442091020&pubCreative=138212695896&pubOrder=2154910521&cb=184719300&adsafe_par&impId=8d1e89fe-383e-11ed-af6f-0ecee0cb6f2f&custom2=external&custom3=story&adsafe_url=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.usatoday.com%2F&adsafe_type=f&adsafe_jsinfo=,id:e6fd2da9-a38c-62ab-1a38-f9969dcbf3ad,c:oGjGvj,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-779cbf6c5b-84dcr,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:84,mot:0,app:0,maw:0,fm:thTWjfL+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1h*.922805%7C1h1%7C1h21%7C1h3%7C1h4%7C1i%7C1j%7C1k,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:105,oid:8ee9fb91-383e-11ed-b177-422086841e4f,v:19.8.352,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.29.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-29-33.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
x-server-name
app01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=e6fd2da9-a38c-62ab-1a38-f9969dcbf3ad&tv=%7Bc:oGjGvD,pingTime:0,time:124,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:104%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:124,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:104,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~100%5D,as:%5B37~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:thTWjfL+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1h*.922805%7C1h1%7C1h21%7C1h3%7C1h4%7C1i%7C1j%7C1k,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&uad=d072346c8db79fd6f2ceecdb0d73cb8a94262461c336c967531048a4d7ce0f27
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 17:14:45 GMT
cache-control
no-store
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=e6fd2da9-a38c-62ab-1a38-f9969dcbf3ad&tv=%7Bc:oGjGvS,pingTime:-2,time:139,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:98,beZ:99,mfA:182,cmA:183,inA:183,inZ:188,prA:188,prZ:195,si:203,poA:204,poZ:219,cmZ:219,mfZ:219,loA:226,loZ:229,ltA:236,ltZ:236,mdA:99,mdZ:141%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7BuspString:1---,version:1%7D,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:104%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:139,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:104,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B52~100%5D,as:%5B52~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:thTWjfL+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1h*.922805%7C1h1%7C1h21%7C1h3%7C1h4%7C1i%7C1j%7C1k,idMap:1h*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106,slid:%5Bgoogle_ads_iframe_7103/usatoday/poster/tech_0,google_ads_iframe_7103/usatoday/poster/tech_0__container__,ad-slot-7103-usatoday-poster-tech-5%5D,sinceFw:32,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=e6fd2da9-a38c-62ab-1a38-f9969dcbf3ad&tv=%7Bc:oGjGwo,time:171,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:171,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:104,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B84~100%5D,as:%5B84~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:thTWjfL+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1h*.922805%7C1h1%7C1h21%7C1h3%7C1h4%7C1i%7C1j%7C1k,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106,sis:158%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:45 GMT
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
%7B%22_type%22%3A%22iframeRender%22%2C%22c%22%3A%22dtb%22%2C%22pid%22%3A%220jXjZn6ewfPTe%22%2C%22crt%22%3A452%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223062%22%2C%22lv%22%3A%2222.9.81452%22%7D
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_type%22%3A%22iframeRender%22%2C%22c%22%3A%22dtb%22%2C%22pid%22%3A%220jXjZn6ewfPTe%22%2C%22crt%22%3A452%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223062%22%2C%22lv%22%3A%2222.9.81452%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:46 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
YBK4DWCWP99X6Z3YJWT9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
view
securepubads.g.doubleclick.net/pcs/ Frame 6AA3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0zt8d6u5084vooqBCtsIKFND7UBpJ-b0zz3tO7v9v9dOCwo_wvfO4PkZgoMnSzSFinqAmlt2yQsQuOQuN1BO2CFwIgU-2hP1Df-vDSwJbRstQIu0sfq-PDOX-s_Kq32A5nFTA_Uw0NfjnQrX_6Rcr_sGqDbsXQl0V43LIyOvE_qihR_SJSBmrEBSAPDTauEleDih7YNGt7Wyv0SxdiyM9m0oLVtydGRENWpTHJnyT6tqOcJfp_zIL_rE8_J56gje5bFXgXLDktw4JmfNtC6a3KpFCuYofVcng42drcpUD57cy04CYxCGLNeRrimJ00WNoMqaqURQ&sai=AMfl-YR--gypm2EA-o3ZC69iZ-y9d1RtWI5sZ39ta4-Zw8iEUerKc4l-OGW7jPjjNg9lDKxcfSPLy1AdWDutEiUZEeSr6-OxWrhDQrjbZP16aolUUZ9D6JZ75f4elC9tVAc&sig=Cg0ArKJSzOIQ0LQF5uIXEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:14:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 19 Sep 2022 17:14:46 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=e6fd2da9-a38c-62ab-1a38-f9969dcbf3ad&tv=%7Bc:oGjGLN,pingTime:1,time:1126,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:104%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1126,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:104,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1039~100%5D,as:%5B1039~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:91,fm:thTWjfL+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1h*.922805%7C1h1%7C1h21%7C1h3%7C1h4%7C1i%7C1j%7C1k,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106,sis:158%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:46 GMT
x-server-name
dt27.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=e6fd2da9-a38c-62ab-1a38-f9969dcbf3ad&tv=%7Bc:oGjGLN,pingTime:1,time:1126,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:104%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1126,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:104,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1039~100%5D,as:%5B1039~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:91,fm:thTWjfL+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1h*.922805%7C1h1%7C1h21%7C1h3%7C1h4%7C1i%7C1j%7C1k,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106,sis:158%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:46 GMT
x-server-name
dt28.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=e6fd2da9-a38c-62ab-1a38-f9969dcbf3ad&tv=%7Bc:oGjGLN,pingTime:1,time:1126,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:104%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1126,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:104,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1039~100%5D,as:%5B1039~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:91,fm:thTWjfL+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1h*.922805%7C1h1%7C1h21%7C1h3%7C1h4%7C1i%7C1j%7C1k,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106,sis:158,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:46 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=e6fd2da9-a38c-62ab-1a38-f9969dcbf3ad&tv=%7Bc:oGjGLO,pingTime:1,time:1127,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:104%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1127,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:104,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1040~100%5D,as:%5B1040~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:91,fm:thTWjfL+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1h*.922805%7C1h1%7C1h21%7C1h3%7C1h4%7C1i%7C1j%7C1k,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106,sis:158,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:46 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
async_usersync.html
acdn.adnxs.com/dmp/ Frame 12B2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31262
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 19 Sep 2022 17:14:46 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 177276
X-Served-By
cache-lga21963-LGA, cache-yul12833-YUL
X-Timer
S1663607687.949028,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame B8FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.248 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-248.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 17:14:46 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A9E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/tangstatic/js/pbjsandwich-q1a2z3d1e3c40a.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.usatoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 17:14:46 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=4a95cd8e-2285-41e0-ba7a-cd7037ff5897&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=r9iIQHpUwJEj
49 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=r9iIQHpUwJEj
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:46 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-143
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=r9iIQHpUwJEj
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-75d8c985f8-kznrw
expires
-1
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=f2d76328-a383-4c00-8626-2af3546de117
49 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=f2d76328-a383-4c00-8626-2af3546de117
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:46 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-143
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 19 Sep 2022 17:14:46 GMT
Server
MT3 4505 5b23575 master ord-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=f2d76328-a383-4c00-8626-2af3546de117
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 17:14:45 GMT
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=themediagrid
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=WNOpMrZBRChLAc_rtzvVMJU4mbo&user_group=1&ssp=themediagrid
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=188&user_id=WNOpMrZBRChLAc_rtzvVMJU4mbo&user_group=1&ssp=themediagrid
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:14:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=188&user_id=WNOpMrZBRChLAc_rtzvVMJU4mbo&user_group=1&ssp=themediagrid
Date
Mon, 19 Sep 2022 17:14:46 GMT
Connection
keep-alive
Content-Length
140
Content-Type
text/html; charset=utf-8
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=997336234403908317
49 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=997336234403908317
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-143
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=997336234403908317
Date
Mon, 19 Sep 2022 17:14:47 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pbsync
ads.yieldmo.com/
Redirect Chain
  • https://colossusssp.com/?c=o&m=cookie
  • https://sync.colossusssp.com/hms.gif
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=9um7azn&ttd_tpi=1
  • https://sync.colossusssp.com/td.gif?puid=9f3abfbb-69b7-48a9-9a3f-979dc96f1a25&ttl=1666199687
  • https://bh.contextweb.com/bh/rtset?pid=562060&ev=1&us_privacy=[us_privacy]&rurl=https%3A%2F%2Fsync.colossusssp.com/pp.gif?puid=cf74e5be-4fbf-4459-8380-1a2b0150b2f3
  • https://sync.colossusssp.com/pp.gif?puid=cf74e5be-4fbf-4459-8380-1a2b0150b2f3&ev=1&us_privacy=[us_privacy]&pid=562060
  • https://ib.adnxs.com/getuid?https://sync.colossusssp.com/ap.gif?puid=$UID
  • https://sync.colossusssp.com/ap.gif?puid=3652634210590589388
  • https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]=&us_privacy=[CCPA]&redirectUri=cf74e5be-4fbf-4459-8380-1a2b0150b2f3
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]=&us_privacy=[CCPA]&redirectUri=cf74e5be-4fbf-4459-8380-1a2b0150b2f3
Protocol
H2
Server
34.227.236.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-236-203.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:47 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:47 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Location
https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]=&us_privacy=[CCPA]&redirectUri=cf74e5be-4fbf-4459-8380-1a2b0150b2f3
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
0
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=092ac5c683&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=9f3abfbb-69b7-48a9-9a3f-979dc96f1a25&pubid=092ac5c683
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=4a95cd8e-2285-41e0-ba7a-cd7037ff5897
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4721a8b0-9d82-4313-ad7e-90db194e7fe7%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9f3abfbb-69b7-48a9-9a3f-979dc96f1a25&ttd_puid=4721a8b0-9d82-4313-ad7e-90db194e7fe7%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9f3abfbb-69b7-48a9-9a3f-979dc96f1a25&ttd_puid=4721a8b0-9d82-4313-ad7e-90db194e7fe7%2C
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:14:47 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9f3abfbb-69b7-48a9-9a3f-979dc96f1a25&ttd_puid=4721a8b0-9d82-4313-ad7e-90db194e7fe7%2C
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
353
sync
sofia.trustx.org/
Redirect Chain
  • https://sofia.trustx.org/push_sync?us_privacy=1---
  • https://sofia.trustx.org/ul_cb/push_sync?us_privacy=1---
  • https://nep.advangelists.com/xp/user-sync?acctid=418&redirect=https%3A%2F%2Fsofia.trustx.org%2Fsync%3Ftp_id%3D21%26tp_uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sofia.trustx.org/sync?tp_id=21&tp_uid=av-f3b027bc-8920-4a42-8b65-7262457844bd
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sofia.trustx.org/sync?tp_id=21&tp_uid=av-f3b027bc-8920-4a42-8b65-7262457844bd
Protocol
HTTP/1.1
Server
35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
6.168.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:14:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://sofia.trustx.org/sync?tp_id=21&tp_uid=av-f3b027bc-8920-4a42-8b65-7262457844bd
date
Mon, 19 Sep 2022 17:14:47 GMT
server
Apache-Coyote/1.1
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=sonobi&ssp_uuid=2fc1ffe9-f839-4cfc-877f-9f8c295f1968
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sonobi&ssp_uuid=2fc1ffe9-f839-4cfc-877f-9f8c295f1968
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=sonobi&user_id=ff847792-f3d0-4fdc-8650-2451717fc86d
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=2fc1ffe9-f839-4cfc-877f-9f8c295f1968
49 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=2fc1ffe9-f839-4cfc-877f-9f8c295f1968
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-143
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=2fc1ffe9-f839-4cfc-877f-9f8c295f1968
Date
Mon, 19 Sep 2022 17:14:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=e6fd2da9-a38c-62ab-1a38-f9969dcbf3ad&tv=%7Bc:oGjGR1,pingTime:-10,time:1450,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1663607684964%7C%7C771a0dc12849dbf095d0955024d5db2e%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7C1a56c8b8e905143b13013a1d60df01f5%7C%7C5ea89c475acba1f44cfbb77d00eb435c%7C%7C366150fb862f2461a94e8cc2032f4cad%7C%7C75dd0ad08bb062e6f44f34f577f1656d%7C%7C934abebd534bc65d6377f684d830d4e5%7C%7C1629390669,sca:%7Bspg:7f696e4a-fbda-148f-103e-176966ed8ac4%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:47 GMT
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 6AA3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssSnhOGGdl55Ow0sSXyXxzcm-bMf8Aas39ssBI6_MuC88ZjOdvpZO_sf-43F1B80XFnNbNJwZR3AAaVkbYQ6v2FV8T6hbrcE0o6IpVGEjFWO9bqajZ&sig=Cg0ArKJSzPdxvlpzYGMxEAE&id=lidar2&mcvt=1000&p=544,1010,1144,1310&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2753249855&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663607685242&rpt=896&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
%7B%22_type%22%3A%22featureUsage%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22bidRenderState%22%2C%22feat%22%3A%22EXPOSED%22%7D%2C%7B%22cat%22%3A%22renderFootprint%22%2C%22feat%22%3A%22standard-open-0.0.0%2...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_type%22%3A%22featureUsage%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22bidRenderState%22%2C%22feat%22%3A%22EXPOSED%22%7D%2C%7B%22cat%22%3A%22renderFootprint%22%2C%22feat%22%3A%22standard-open-0.0.0%22%7D%2C%7B%22cat%22%3A%22iframe%22%2C%22feat%22%3A%22unfriendly%22%7D%2C%7B%22cat%22%3A%22appended%22%2C%22feat%22%3A%22async%22%7D%2C%7B%22cat%22%3A%22resizeIframe%22%2C%22feat%22%3A%22defaultView%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.usatoday.com%252Fstory%252Ftech%252F2022%252F09%252F18%252Fuber-data-breach-hacked-phishing%252F10419761002%252F%22%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223062%22%2C%22lv%22%3A%2222.9.81452%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:47 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
5TEV5R4ERASSBFNFJV88
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
%7B%22_type%22%3A%22featureUsage%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22creativeSize%22%2C%22feat%22%3A%22resized%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.usatoday.com%252Fstory%252Ftech%252F20...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_type%22%3A%22featureUsage%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22creativeSize%22%2C%22feat%22%3A%22resized%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.usatoday.com%252Fstory%252Ftech%252F2022%252F09%252F18%252Fuber-data-breach-hacked-phishing%252F10419761002%252F%22%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223062%22%2C%22lv%22%3A%2222.9.81452%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:47 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
NGXAH2T2CD0BMX73EAK0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
unip
trc.taboola.com/1168/log/3/ 		0
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1168/log/3/unip?en=pre_d_eng_tb&tos=4621&scd=12&ssd=1&est=1663607682810&ver=35&isls=true&src=i&invt=3000&tim=1663607687433&mrir=u&vi=1663607682733&ui=0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902&ref=https%3A%2F%2Ft.co%2F&cv=20220919-29-RELEASE&ler=other
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
18
pragma
no-cache
date
Mon, 19 Sep 2022 17:14:47 GMT
via
1.1 varnish
server
nginx
x-timer
S1663607687.442197,VS0,VE18
x-served-by
cache-yul12832-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QQ6YP2J211&gtm=2oe9e0&_p=1012762984&cid=327780952.1663607683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&uid=8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73&dt=Uber%20data%20breach%3A%20Employee%20apparently%20tricked%20into%20sharing%20credentials&cu=USD&dl=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F&dr=https%3A%2F%2Ft.co%2F&sid=1663607682&sct=1&seg=1&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QQ6YP2J211
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usatoday.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.usatoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
%7B%22adCsm%22:[%7B%22tld%22:%22www.usatoday.com%22%7D,%7B%22ns%22:1663607685242,%22st%22:%22263.60%22,%22re%22:%22290.70%22,%22ldTot%22:%2227.10%22%7D,%7B%22lteu%22:%220.00%22,%22ltut%22:%220.00%2...
aax.amazon-adsystem.com/x/px/JOVT7n3L5CXjJPq7Wku1kY8AAAGDVr63SQEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICAcMcV6/ Frame 6AA3 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/JOVT7n3L5CXjJPq7Wku1kY8AAAGDVr63SQEAAAv2AQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICAcMcV6/%7B%22adCsm%22:[%7B%22tld%22:%22www.usatoday.com%22%7D,%7B%22ns%22:1663607685242,%22st%22:%22263.60%22,%22re%22:%22290.70%22,%22ldTot%22:%2227.10%22%7D,%7B%22lteu%22:%220.00%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.00%22,%22lths%22:%220.00%22,%22ltpm%22:%220.00%22,%22ltdm%22:%220.10%22,%22ltdb%22:%220.00%22,%22csmTot%22:%221.80%22%7D],%22pixelId%22:%223jn4yyuu4g5%22,%22ts%22:1663607688103,%22ver%22:%22d-1.20%22%7D?cb=9275820
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:14:48 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
WYJY2Q2F3GETP38J270Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=e6fd2da9-a38c-62ab-1a38-f9969dcbf3ad&tv=%7Bc:oGjHOi,pingTime:5,time:5125,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:104%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5125,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:104,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5039~100%5D,as:%5B5039~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:90,fm:thTWjfL+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1h*.922805%7C1h1%7C1h21%7C1h3%7C1h4%7C1i%7C1j%7C1k,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106,sis:158%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:50 GMT
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=e6fd2da9-a38c-62ab-1a38-f9969dcbf3ad&tv=%7Bc:oGjHOj,pingTime:5,time:5126,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:104%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5126,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:104,wc:0.0.1600.1200,ac:1010.544.300.600,am:i,cc:1010.544.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5039~100%5D,as:%5B5039~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:90,fm:thTWjfL+11%7C12%7C13%7C14%7C15%7C1611%7C16121%7C16122%7C16123%7C1613%7C1614%7C1615%7C1616%7C1617%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1h*.922805%7C1h1%7C1h21%7C1h3%7C1h4%7C1i%7C1j%7C1k,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106,sis:158%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.usatoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:14:50 GMT
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Verdicts & Comments Add Verdict or Comment

244 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| gnt object| g$ function| __uspapi object| OneTrust object| googletag object| __iasPET object| confiant object| pbjs object| twttr object| Criteo object| criteo_pubtag object| criteo_pubtag_prebid_116 object| Criteo_prebid_116 function| pbjsChunk object| _pbjsGlobals object| Scroll object| gciAnalytics string| gciAnalyticsUAID object| googleImaVansAdapter object| Teal object| ns_ function| Hls function| setPlayerSettings function| setPageData function| setVideoData object| Utils string| version boolean| apstagLOADED object| apstag object| diagPixSentCodes object| __iasAdRefreshConfig object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| google_tag_data object| closure_lm_473751 object| PARSELY object| ggeac boolean| creativeVendorLibraryLoaded object| closure_lm_490418 object| _taboola object| TRC object| _tblConsole undefined| msg object| _comscore number| taboola_view_id string| pm_pgtp object| __core-js_shared__ object| core function| snaptr object| __iasADX object| COMSCORE function| udm_ object| ns_p boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter undefined| google_measure_js_timing object| gciKruxData function| fbq function| _fbq function| google_trackConversion object| _gre function| ktag object| liQ object| _tfa function| twq function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| ats function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| pi object| _pm_mcg boolean| _tb_vd_pg function| ImpactRadiusEvent function| ire object| irEvent object| $jscomp object| cloud_retail function| Krux function| _typeof function| ga object| gaplugins object| gaGlobal object| gaData function| isAnExcludedLink object| Ktag_Constants object| Ktag_Toggles object| Ktag_Amp_Helpers object| Ktag_Helpers object| Ktag_Functions function| setup function| GooglemKTybQhCsO object| GooglebQhCsO function| ttd_dom_ready function| TTDUniversalPixelApi object| LI object| __li__evt_bus object| google_tag_manager object| dataLayer function| gtag object| _etmc object| _etmc_temp string| func_name object| args string| collect_url object| snaptrContext boolean| triedToSendCookieToNative object| WebJSBridge object| regeneratorRuntime function| _typeof2 function| __liSync object| tbopt object| placementData string| nam object| cmTag object| _cm_wfCounters function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id object| GoogleGcLKhOms function| __IntegralASDiagnosticCall object| __IntegralASConfig object| __IASScope boolean| isDomless object| __IASOmidVerificationClient undefined| __IntegralAS_7f696e4afbda148f103e176966ed8ac4_6887 object| google_image_requests function| confiantDfpWrap object| __IntegralASExec

185 Cookies

Domain/Path Name / Value
www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002 Name: _liChk
Value: 0.8278584681020527
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
.taboola.com/usatodaydemo/ Name: taboola_session_id
Value: v2_ffc22df8a58d5198ece1be945465b917_0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902_1663607682_1663607682_CGoQkAkYre36tbUwIAEoATAmOInoB0Dq9QdIp8vZA1CuzAdYAGAAaN6m7pak_O37ywFwAQ
i.liadm.com/s Name: _li_ss
Value: MgUIBhCkEzIFCAoQpBMyBQgLEKQTMgUIfhCkEzIGCIsBEKQTMgUIeRCkEzIGCIEBEKQT
.t.co/ Name: muc
Value: d4215383-568d-4011-9557-5f9664bc5116
.t.co/ Name: muc_ads
Value: d4215383-568d-4011-9557-5f9664bc5116
.usatoday.com/ Name: gup_anonid
Value: 8a0639dd-9ea4-42a3-a85b-2b8ba9af3a73
.usatoday.com/ Name: gup_clientid
Value: cbaf261a-900b-444b-8dbf-c7d5de325888
.usatoday.com/ Name: gnt_ub
Value: 3
.usatoday.com/ Name: gnt_sb
Value: 1
.usatoday.com/ Name: gnt_eid
Value: control:1
.www.usatoday.com/ Name: gnt_w
Value: f~83~6-q1a2z336db9d4f~Mostly%20Cloudy
.usatoday.com/ Name: gnt_i
Value: 31128804273144144368*16276*CA~QC
www.usatoday.com/ Name: usprivacy
Value: 1---
cdn.taboola.com/ Name: abLdr
Value: 18
.usatoday.com/ Name: gup_lng
Value: %7B%22ret-usr%22%3A%20false%2C%20%22ret-sub%22%3A%20false%2C%20%22auth%22%3A%20false%2C%20%22name%22%3A%20%22%22%2C%20%22hma%22%3A%20false%2C%20%22lic%22%3A%20%22none%22%2C%20%22lpf%22%3A%20false%2C%20%22updated%22%3A%201663607682%2C%20%223PID%22%3A%20null%2C%20%22ips%22%3A%20false%7D
.teads.tv/ Name: tt_viewer
Value: d2e3c1bd-8b06-4be4-ab05-0aa1fef8001c
.scorecardresearch.com/ Name: UID
Value: 1C74b0d42931ec3f0320a7b1663607682
.openx.net/ Name: i
Value: adea2ae3-d6f3-02b9-1ee8-ffaa35a30aed|1663607682
.rubiconproject.com/ Name: khaos
Value: L891274L-O-FVDG
.yahoo.com/ Name: A3
Value: d=AQABBIKjKGMCEIUn4cFQs4LuujLMwXAloIUFEgEBAQH1KWMyYwAAAAAA_eMAAA&S=AQAAAgKIxHzvcuJ9mpihXqqZc4M
.usatoday.com/ Name: gca_lcu
Value: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
.usatoday.com/ Name: _fbp
Value: fb.1.1663607682693.7626780169
www.usatoday.com/ Name: _tb_sess_r
Value: https%3A//t.co/
www.usatoday.com/ Name: _tb_t_ppg
Value: https%3A//www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
.usatoday.com/ Name: IR_gbd
Value: usatoday.com
.usatoday.com/ Name: IR_14143
Value: 1663607682778%7C0%7C1663607682778%7C%7C
.usatoday.com/ Name: _gid
Value: GA1.2.461884958.1663607683
.usatoday.com/ Name: _gat_gciAnalytics
Value: 1
.sjv.io/ Name: brwsr
Value: a055fd25-af28-31fc-bc9b-dacf83d3057f
.sjv.io/ Name: irtps
Value: 1
.usatoday.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/%22%2C%22sref%22:%22https://t.co/%22%2C%22sts%22:1663607682876%2C%22slts%22:0}
.usatoday.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=d18f4ea72a75462cb9b12e3fbb8a06db%22%2C%22session_count%22:1%2C%22last_session_ts%22:1663607682876}
www.usatoday.com/ Name: _lr_geo_location
Value: CA
.usatoday.com/ Name: _li_dcdm_c
Value: .usatoday.com
.usatoday.com/ Name: _lc2_fpi
Value: bf719b866c77--01gdbbxdtf5496t7v6zvc4vbb8
.usatoday.com/ Name: _ga
Value: GA1.1.327780952.1663607683
.usatoday.com/ Name: IR_PI
Value: a055fd25-af28-31fc-bc9b-dacf83d3057f%7C1663694082778
.krxd.net/ Name: _kuid_
Value: PFrSBYY5
.usatoday.com/ Name: _scid
Value: ce03a838-4973-4547-9a7f-b295d8d5e712
.igodigital.com/ Name: igodigitaltc2
Value: 8d6864b8-383e-11ed-8be8-66759aeefdf3
.igodigital.com/ Name: igodigitalst_10870841
Value: 8d686daa-383e-11ed-8be8-66759aeefdf3
.igodigital.com/ Name: igodigitalstdomain
Value: 24765
.facebook.com/ Name: fr
Value: 0wUrN76xjjVVo0FxC..BjKKOD...1.0.BjKKOD.
.amazon-adsystem.com/ Name: ad-id
Value: A27FOQbZzkSFgxoxFRQL6mc
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.twitter.com/ Name: personalization_id
Value: "v1_6CdW/DGBpxg9Jh7sZ5kxcg=="
.rlcdn.com/ Name: rlas3
Value: thgAKSBGE+JdUI+JpE5ft4Ykr0zRBNJi4OzqhMxofaE=
.doubleclick.net/ Name: IDE
Value: AHWqTUlL8NMbmZfsy5ri4ubKYvrMi_XEhueSbEKc6tk__AjK7z3_MzEgDTYYp9YDJO4
.eyeota.net/ Name: mako_uid
Value: 18356beb87a-e900000010a5f20
.eyeota.net/ Name: SERVERID
Value: 24352~DM
.liadm.com/ Name: lidid
Value: d8a80a79-8728-433e-91bc-8cad4070037d
.smaato.net/ Name: SCM
Value: 003851db
.smaato.net/ Name: SCMaps
Value: 003851db
.3lift.com/ Name: tluid
Value: 3314835991769047544497
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GwRGAMAgEwIqYOQIeYDfBwSpSvF/3tfOGJ7FlTZj4oKTt2vK05srRLq+jjltJI4Jp51d8O/tZYUAAAAA=
.contextweb.com/ Name: V
Value: r9iIQHpUwJEj
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 89b6582e51bc3894
.emxdgt.com/ Name: uid
Value: 53511663607683265442bb
.mathtag.com/ Name: uuid
Value: f2d76328-a383-4c00-8626-2af3546de117
.agkn.com/ Name: ab
Value: 0001%3AYIYYZOLnj1EYQrZTUdJ5NdaYszbfRQiI
.tapad.com/ Name: TapAd_TS
Value: 1663607683315
.tapad.com/ Name: TapAd_DID
Value: 4721a8b0-9d82-4313-ad7e-90db194e7fe7
.surveywall-api.survata.com/ Name: svResp
Value: 2094e959-5392-7245-a2fb-1d2a90f04705
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2CEDD11A-7AAA-4725-B4BE-19216827D34E
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156011:2
.pubmatic.com/ Name: DPSync3
Value: 1664150400%3A164%7C1663632000%3A174%7C1664755200%3A197_201
.pubmatic.com/ Name: SyncRTB3
Value: 1664150400%3A2%7C1664755200%3A54_220_21_13_22
.casalemedia.com/ Name: CMID
Value: Yyijg4mgoc.vZp3SdlJcqgAA
.casalemedia.com/ Name: CMPS
Value: 187
.casalemedia.com/ Name: CMPRO
Value: 187
.sharethrough.com/ Name: stx_user_id
Value: 9fe44ad3-7e5b-46bd-ac66-0c66b17424f1
.simpli.fi/ Name: suid
Value: 2F14E613F9F647EE971F2C1681F962B4
.rlcdn.com/ Name: pxrc
Value: CIPHopkGEgUI6EcQAA==
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:2F14E613F9F647EE971F2C1681F962B4
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEEyrU8yfFB43wvBr9b7Fw0A&KRTB&16514-CAESEEyrU8yfFB43wvBr9b7Fw0A&KRTB&23025-CAESEEyrU8yfFB43wvBr9b7Fw0A&KRTB&23386-CAESEEyrU8yfFB43wvBr9b7Fw0A
.adsrvr.org/ Name: TDID
Value: 9f3abfbb-69b7-48a9-9a3f-979dc96f1a25
.usatoday.com/ Name: _sctr
Value: 1|1663545600000
.taboola.com/ Name: t_gid
Value: 0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902
.adform.net/ Name: C
Value: 1
www.usatoday.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-7431fa13-ff12-48e6-8442-165f07d93987&KRTB&22918-7431fa13-ff12-48e6-8442-165f07d93987&KRTB&23031-7431fa13-ff12-48e6-8442-165f07d93987
.adform.net/ Name: uid
Value: 2216150599312640236
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ3_FZOX8eQoCJ1T5cXc45Yu2I7sKOr9ocPPArYTLZ2dQ5PJXJWr24zRZx5QC4TM1
.pippio.com/ Name: did
Value: hehsr58gPZ914eea
.pippio.com/ Name: didts
Value: 1663607683
.pippio.com/ Name: nnls
Value:
.turn.com/ Name: uid
Value: 3044412685884018819
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3044412685884018819&KRTB&23150-3044412685884018819
.bidswitch.net/ Name: tuuid
Value: 2fc1ffe9-f839-4cfc-877f-9f8c295f1968
.bidswitch.net/ Name: c
Value: 1663607683
.bidswitch.net/ Name: tuuid_lu
Value: 1663607683
.addthis.com/ Name: na_id
Value: 2022091917144300088210396406
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 6328a383b065360d
.addthis.com/ Name: ouid
Value: 6328a3830001897443a6637a70cfa2b731fd9331ae31e46525df
.zemanta.com/ Name: zuid
Value: QOgVdzDCpTBMJVn51P6q
.dotomi.com/ Name: DotomiTest
Value: 4b95ad4ac8c10ffb
.pippio.com/ Name: pxrc
Value: CIPHopkGEgQIAhAAEgYI7OsBEAA=
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&959c7075-479b-441b-8802-ea554f0b018b"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2790:u=1:x=1:i=1663607683:t=1663694083:v=2:sig=AQHOs7Srrlie00UGLWQkcUn7g3bx6JhS"
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.linksynergy.com/ Name: rmuid
Value: 2042728a-9c8a-41da-b835-5f54f5fb02ab
.linksynergy.com/ Name: icts
Value: 2022-09-19T17:14:43Z
.demdex.net/ Name: demdex
Value: 62517214008161912143666069660537907113
.dpm.demdex.net/ Name: dpm
Value: 62517214008161912143666069660537907113
.tremorhub.com/ Name: tv_UISTB
Value: <taboolaUserId>
.tremorhub.com/ Name: tvid
Value: e6e650cd489145349c2f58e683bb2d3d
.tremorhub.com/ Name: tvssa
Value: 1663607684037
.ojrq.net/ Name: brwsr
Value: 8e1fcdcc-383e-11ed-a143-9169d9a043cd
.criteo.com/ Name: uid
Value: 51e7f96a-26b9-4eec-b7be-9c878bdcd9d8
.usatoday.com/ Name: cto_bundle
Value: s43v4V85WEJtck5JeThyN0JNNlBaQ3ZLeUxhOUxtS0VsJTJCcUtXTmE0T3lWJTJGTzYlMkZxYnVJcDc5T3lYZHk2ZUxWMiUyQm5aNUtMc1FESmF6VHpZUiUyRlFUVkxtM0lGUFlmeHpQZFNWUktuQmdRWmJWdmpydUNrNFh4elVVazBzbUVMbzlkNEJHJTJCZDM4a3RmdHhObSUyRk9UYVJHN3BmdG1SQSUzRCUzRA
.usatoday.com/ Name: __gads
Value: ID=c4f96c5459536801:T=1663607683:S=ALNI_MbEJg5FYg_whYjNGsJ6cBZhKsxldQ
.usatoday.com/ Name: __gpi
Value: UID=00000575e96b197c:T=1663607683:RT=1663607683:S=ALNI_MaGk_CxrBJHMJTo8ZsPhAz1iawD-A
.usatoday.com/ Name: _ga_QQ6YP2J211
Value: GS1.1.1663607682.1.1.1663607685.0.0.0
.pubmatic.com/ Name: SPugT
Value: 1663607685
.adingo.jp/ Name: ID
Value: cf218c70c0e578970eb2f7d6b5ff43da
.emxdgt.com/ Name: dt
Value: 262
.lijit.com/ Name: ljt_reader
Value: FV-KfQZHzlrR3AfiR6WruZmn
.360yield.com/ Name: tuuid
Value: dd3f8f3b-13b1-4fe9-851a-f65960622610
.360yield.com/ Name: tuuid_lu
Value: 1663607685
.lijit.com/ Name: _ljtrtb_42
Value: 0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902
.mxptint.net/ Name: mxpim
Value: R1B332_F676A892_4D3F32ED.1.6328A385
.mfadsrvr.com/ Name: c
Value: 1663607685
.mfadsrvr.com/ Name: tuuid_lu
Value: 1663607685
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-2fc1ffe9-f839-4cfc-877f-9f8c295f1968
.pubmatic.com/ Name: PugT
Value: 1663607685
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-58d3a932-b641-4428-4b01-cfebb73bd530.EYEaoNH8bU2zWcaKOG5Xc5pIu35de3fGd1MGeS0M2rE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AWNOpMrZBRChLAc_rtzvVMJU4mbo.Iysfz4nbLrhQxs0H4pc9T44TBQrgWkeRsyofcW1pSTA
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.go.sonobi.com/ Name: __uis
Value: 4a95cd8e-2285-41e0-ba7a-cd7037ff5897
.go.sonobi.com/ Name: _usd_usatoday.com
Value: 7e2f532e-c768-47d4-95d8-b9f570b7d419
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.go.sonobi.com/ Name: HAPLB8A
Value: s859|YyihB
sync-dmp.mobtrakk.com/ Name: pid
Value: MTI0M2NiMmY0NjM5YmRh
.mfadsrvr.com/ Name: tuuid
Value: 3be10337-e945-4216-8a10-7c15b6a5e55e
.mfadsrvr.com/ Name: ssh
Value: !emx,1663607685!taboola,1663607685
.omnitagjs.com/ Name: ayl_visitor
Value: 80f38eca2ebe45db42debd4afd93bee0
.id5-sync.com/ Name: id5
Value: 45c6c880-45ef-4711-a05a-ba2f9dc99d69#1663607685833#2
.adnxs.com/ Name: uuid2
Value: 3652634210590589388
.adx.opera.com/ Name: UID
Value: ba01f4c21ec24dce87e866d48a2770ca
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 107:0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902
.smartadserver.com/ Name: pid
Value: 1546514923613325972
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.go.sonobi.com/ Name: HAPLB8S
Value: s85143|Yyije
.go.sonobi.com/ Name: __uin_pp
Value: r9iIQHpUwJEj
.go.sonobi.com/ Name: __uin_td
Value: 9f3abfbb-69b7-48a9-9a3f-979dc96f1a25
.go.sonobi.com/ Name: __uin_mm
Value: f2d76328-a383-4c00-8626-2af3546de117
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsrQ0NzY2MzI2MTEwtjSwMDY0F-Iz1PULc05yi_Bwr8jOTAEAGKfdnSQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsrQ0NzY2MzI2MTEwtjSwMDY0F-Iz1PULc05yi_Bwr8jOTAEAGKfdnSQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slymtoZmZsZmBuZmFuYGgKAFKpHN4QAAAA
.go.sonobi.com/ Name: __uin_zt
Value: 997336234403908317
.semasio.net/ Name: SEUNCY
Value: E9061D50A785F35D
sofia.trustx.org/ Name: tuuid
Value: 6c4dc14b-0de2-4e78-8a17-e55811b8ee59
sofia.trustx.org/ Name: c
Value: 1663607687
sofia.trustx.org/ Name: tuuid_lu
Value: 1663607687
.colossusssp.com/ Name: gtm_usr
Value: cf74e5be-4fbf-4459-8380-1a2b0150b2f3
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6305
.adsrvr.org/ Name: TDCPM
Value: CAESGQoKbGl2ZWludGVudBILCJyS2aOPm407EAUSFwoIYXBwbmV4dXMSCwiw0uCqj5uNOxAFEhYKB3J1Ymljb24SCwiw0uCqj5uNOxAFEhkKCnJpZ2h0bWVkaWESCwiw0uCqj5uNOxAFEhUKBmdvb2dsZRILCKKuwbePm407EAUSFAoFdGFwYWQSCwiu8tLEj5uNOxAFEhUKBmNhc2FsZRILCJLhr8aPm407EAUYASACKAIyCwiu6tXxpZuNOxAFOAFaBXRhcGFkYAI.
.fg8dgt.com/ Name: tuuid
Value: ff847792-f3d0-4fdc-8650-2451717fc86d
.fg8dgt.com/ Name: c
Value: 1663607687
.fg8dgt.com/ Name: tuuid_lu
Value: 1663607687
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1g70|4is.0.CAESEGN22yz3WTsjqK7V1duJmGg|89b.0.1|7TY.0|7LJ.0.4a95cd8e-2285-41e0-ba7a-cd7037ff5897|2N.0.AAAHZZ7FpnFdrwM-IsixAAAAAAA|3oy.0|5Ql.0.0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902
sofia.trustx.org/ Name: um2
Value: !21,av-f3b027bc-8920-4a42-8b65-7262457844bd,433210487
.go.sonobi.com/ Name: __uin_bw
Value: 2fc1ffe9-f839-4cfc-877f-9f8c295f1968
.csync.loopme.me/ Name: viewer_token
Value: d88bc7b1-8476-48b5-9ccb-426fc2788b4e
.casalemedia.com/ Name: CMTS
Value: 160
.colossusssp.com/ Name: lmg_r
Value: 1|10|8|7
.id5-sync.com/ Name: 3pi
Value: 464#1663607685932#-1042733334#0dc60ff5-2568-4601-8896-b8314c8259e6-tucta222902|112#1663607687597#-43255593#E9061D50A785F35D|2#1663607686124#-2117346961#3652634210590589388|434#1663607686691#542548504|3#1663607686263#2024945437#f2d76328-a383-4c00-8626-2af3546de117|264#1663607686389#-1427982614#9f3abfbb-69b7-48a9-9a3f-979dc96f1a25|108#1663607686829#2009246369|429#1663607686511#-1888755358#2CEDD11A-7AAA-4725-B4BE-19216827D34E
.id5-sync.com/ Name: callback
Value:
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2795:1769~2795:195y~2795"
.admixer.net/ Name: am-uid
Value: 7f88e0b7a4364914b046c762c1007f7b
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bG/12Ww9p+d0O1WuCoMxA8a+JUixCbOKdokEu2gZrfHPuk2+uWv8CXtYK+jF+SZFheu8EDtSFya3GjYHTlS9mMvxs5tJW3SAJg81De9lxpTwEoh1chh9FND

7 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: camera, display-capture, geolocation, microphone, payment, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
network error URL: https://nova.collect.igodigital.com/c2/10870841/update_item?payload=%5B%7B%22author%22%3A%22Frank%20Bajak%22%2C%22name%22%3A%22Uber%20says%20services%20are%20operational%20following%20data%20breach%22%2C%22item%22%3A%2210419761002%22%2C%22category%22%3A%22tech%22%2C%22item_type%22%3A%22story%20pages%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Ftech%2F2022%2F09%2F18%2Fuber-data-breach-hacked-phishing%2F10419761002%2F%22%7D%5D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]=&us_privacy=[CCPA]&redirectUri=cf74e5be-4fbf-4459-8380-1a2b0150b2f3
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Message:
The resource https://www.usatoday.com/global-q1a2z3u1EuDuIBXGXnOmbqtWCTVvNO2Xs.min.json was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Message:
The resource https://hlsmedia.gannett-cdn.com/authoring/video-renditions/acdaa0e2-46de-4532-a457-f882f64f05ab/7aa7f1b0-988e-4d71-a586-8062369bd120/1080p_30fps,720p_30fps,480p_30fps,master.m3u8?subtitles=8764973002 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Message:
The resource https://platform.twitter.com/widgets.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.usatoday.com/story/tech/2022/09/18/uber-data-breach-hacked-phishing/10419761002/
Message:
The resource https://hlsmedia.gannett-cdn.com/_captions/8764973002.webvtt.m3u8 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10870841.collect.igodigital.com
67f6879c27bd76a25660c21597c19b82.safeframe.googlesyndication.com
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.yieldmo.com
adservice.google.com
analytics.twitter.com
apex.go.sonobi.com
assoc-na.associates-amazon.com
ats.rlcdn.com
b-code.liadm.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cdn.krxd.net
cdn.parsely.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
cm.usatoday.com
colossusssp.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
consumer.krxd.net
csi.gstatic.com
d.impactradius-event.com
dis.criteo.com
dt.adsafeprotected.com
e1.emxdgt.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
gannett-d.openx.net
gannett.sjv.io
geo.privacymanager.io
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
hlsmedia.gannett-cdn.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprnjmp.taboola.com
insight.adsrvr.org
js-sec.indexww.com
js.adsrvr.org
m.fg8dgt.com
match.adsrvr.org
match.taboola.com
nep.advangelists.com
nova.collect.igodigital.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
prebid-server.rubiconproject.com
r1---sn-quxapm-3c2l.gvt1.com
redirector.gvt1.com
resources.xg4ken.com
retail.googleapis.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.uuidksinc.net
s0.2mdn.net
sb.scorecardresearch.com
sc-static.net
search.spotxchange.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sli.usatoday.com
sofia.trustx.org
static.ads-twitter.com
static.adsafeprotected.com
static.scroll.com
stats.g.doubleclick.net
sync-dmp.mobtrakk.com
sync-t1.taboola.com
sync.colossusssp.com
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
t.adx.opera.com
t.co
tlx.3lift.com
tpc.googlesyndication.com
tr.snapchat.com
traxex.gannettdigital.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
us-match.taboola.com
us-trc-events.taboola.com
us-vid-events.taboola.com
user.usatoday.com
vidstat.taboola.com
visitor.omnitagjs.com
widget.perfectmarket.com
www.facebook.com
www.gannett-cdn.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ojrq.net
www.usatoday.com
x.bidswitch.net
z-na.associates-amazon.com
104.127.172.242
104.18.18.126
104.244.42.133
104.244.42.3
104.36.115.109
104.36.115.113
107.178.246.49
108.138.113.246
13.224.201.38
13.224.214.111
13.35.96.135
141.226.224.32
141.226.224.48
142.250.65.162
142.251.35.162
143.204.138.162
143.204.150.76
146.75.36.157
15.197.193.217
151.101.1.108
151.101.1.44
151.101.130.133
151.101.193.44
151.101.194.133
151.101.2.62
151.101.65.194
151.101.66.62
162.19.138.116
18.165.83.79
18.67.69.177
184.51.148.226
185.255.84.152
192.35.249.142
198.148.27.140
199.187.193.193
199.232.194.217
199.38.167.130
2001:4860:4802:32::3
209.54.180.72
216.200.232.249
23.200.168.248
23.205.77.192
2600:1f13:800:7781:14d1:10cc:3c25:3c47
2600:1f18:730:b110:e592:4eb7:d27a:33ba
2600:9000:20ed:8800:8:48e:53c0:93a1
2600:9000:20ed:f200:8:8845:1500:93a1
2602:803:c002:200::52
2606:2800:220:de:468:2285:c1:4a3
2607:f8b0:4004:c06::9d
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200a
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:817::2002
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2006
2607:f8b0:4006:820::200e
2607:f8b0:4006:823::2001
2607:f8b0:4006:824::2004
2607:f8b0:4006:824::2008
2607:f8b0:4006:824::200a
2620:100:a001::c
2a00:1588:d802::c
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f13a:83:face:b00c:0:25de
2a04:4e42:400::300
3.135.132.32
3.212.75.214
3.230.217.116
3.82.84.88
31.220.27.155
34.149.193.192
34.227.236.203
34.95.127.121
34.98.64.218
35.186.249.72
35.190.43.134
35.207.24.140
35.211.141.197
35.211.165.199
35.211.168.6
35.211.178.172
35.227.211.136
35.71.139.29
44.193.114.255
44.209.207.157
50.16.108.1
50.16.87.208
50.57.31.206
52.1.29.33
52.44.4.81
52.46.130.91
52.7.56.125
54.144.144.142
54.152.100.45
54.235.171.148
63.251.114.182
68.67.160.132
69.166.1.10
69.166.1.15
72.21.195.65
74.119.119.129
74.119.119.150
8.2.111.121
8.2.111.122
8.28.7.99
8.43.72.97
82.145.213.8
99.84.37.59
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
046eebfce83fef685e783dcb3eea2c43b4ef13781c6ec84154b3215f4588a374
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d9d0a3c574548100590f52b50b6c93e176208fbe0a15082c838c78ca8c09179
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b
139ed1e4e05d314894b9ac6d42f352b8c81de7785bda5d0a0a554410d56513cc
13c244d25ba042da4e5a8e3d83a0e539ac13050a7ba44ec0aeb461c2e0b80215
1612b60f989de0a97671f56dd902f2c588750f09e2918c22f2f39791ff560d6d
16fe769b2edcb8b600e58c0907b8275182c09fc886c265681b94d50a56adb5ad
205921d4b8c37e9533528462950ba51ce45191e5ca94e7af31fb341e1592503c
208d4d3247c0b03ec9ef551ced347e1daf0ce627c391567940e2894212a24df7
220619d699ccee01b954d2fa6d8177c30b111baf8ee815c889bd4ff06b27f6bb
22a1e454ab88130ab3e742afb5eb58bbf6f496a64f659372c0f0fdd850e31682
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
27e83793f50bb31fc8e9fd687a90b7472f979f925993f597db551450c423487a
28170d61d3a7b7c26262346c2c0ff85fb7f2b72b88af6d633708f894adac8f1f
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b2d1aaba2e2af0f1c90a944d1ead670fde436bee36976e8c2337d506d46f830
2bc9b19a38265e8a3c73f64cffad19cbad903baab9c573226aca9f53159e60cf
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2f36fa0a282c376f2979a7958b50bf9dec790f9d18ad9071f99401b6abeabb81
2f69e78584888f6169761ee7c96cd73d26b6b72127b4f8fea25763d6bf35232e
3167e516e4093b233cb2095a7e5039e3f86bd461b39ac59976b51e5906d2f3c6
330f3220f2ea2bfd2c5a8c1556c7287e647d6f16cefd00e30155a132a685892a
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3de6ca902e365219c2ffd5ff7a1e7aeff4c58adc609b9a03c2e11c8f6ee1bbd0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40a3b348ffce5e680fa64715fd255db4f2aca4c828ab4c9ba1b92862c3a2d891
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
4418c65239351eb99c41a5c0725a6eecd036b65147e3c51e3f995f136a6aafd1
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
4a084add8cb108c8515d020c223e1dc39a90231a210739adaaccf1103a4290f2
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6
4ded5a9d3ea2eacd97b37069e260066b57f26edd9e64b7e93b242fe5fbb271f8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
502af79ead083bcf7fae91be9a59238a6fc99a45626a6645ef30cb1a779e904c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56bd20c7592caa35f56a3f8bca3517937a0537b3ab1884aa4b05a028ad26695c
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5a479b211f35206e9f4d8eb83aa63aaa7c76f00f86c30d589631b32c3fc42042
5c0e8032448feed73a00d6ded147a500990327e7391ec952b96586bd1f5cd32e
5e0b8168c8f161da80b731b5602cb3752c3505182c171dfe5336850075880e2d
5e0f3e088896d15c5b2d1a0396fe84159eeee608a535c6f4e62992c927e8434f
6044b69e50a69e4a8a00da98b9f5fab8166b5c691e2696cf5a79b978fb085e7e
60fe545b3bf07b8dd89fe466a0cf2bc3bcc60508ef6c6d2e3544b490c8cdd2ae
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e
66d804a1bf1e9a9d5b2f423a246a65f57a6236f07fd0ef7f4d23c8b995eab7f2
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6954e335e3fcfdf60110467b3feebe861d7d192bebd3ad5ddae64c979e81cfee
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6e8a6be1ddac59b849eb4bb2650b704fb768f1a99ff0292673432479ba48d99a
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
71a127d0a084e582a0b49104772f77ac88995258224862a8b2b8603894e1f028
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7475c05506be64a3776f01a8983debdb2776e64807042516043ca861986cad40
74e9e614a8d5225d1321c13d97810c603ab72a89173b76e1152f34349fbfb5f7
7668c9941b80176513e853cc25b61b81a81f80417d52b4c2016deee3935b2b05
779b0059a240e5469de2570137656965100874f8390f21b3a40af3f693217ab8
794afd020d65d819e404ec6e59d3ca4ce8850c36821ddd79fb53f37d184f395a
7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d
7f462305b0fa1cf6b138314840673fc57278fe4a22a4c041f7c7002e507fd8e9
811f2e3d49494c1b9efce2da51082d3c79da94db5d80b8dc55504ff332aa3e46
826eb6fd89cc9a145bf795ebd2492ce310c0c6ee452883b2797e91e2983f69dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842c379cf6c7045e068c129e66893f841042bee3c65818afe7906484fbd1ede9
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bb52308d8aa4a8e7c29119995908151ad846738b7913f624912af64b679721b
8c97302ec51a0d6a168a6f974565bea551b90c4157b110e6929a569be67a05ae
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fcb1ffb144ba9e09992fcc0ffd1323fdac65f3f1f22c741a95b42d5f3def2bc
8fe42b160b909de72a6feaa46639efb0ecc5cdf3cdf6172a2b9bfa1d9e078c1e
907b15777c4dd1794477502ff3c294f6f7320717829adfc88748c00e8ffecb1e
91739907e524daae5f172f4ce3567e7102c0312c12bd230a18b512d10e7d6b2a
9256207262db320310e9e194b9174e6e26c21b6e474fc1b22ebcce71526c08a0
92f452014c4bd081f4e3395e0423c9f5088e12f20b456f60c8b0d6b51a118127
979ef8feb93971f5f98de4b8000357c9cd8e56ecf8c0471480adbf990687a9cc
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
97e6939bd37c94f8532ab3151190b0ba154c1932437b3ad86cde2e5e9c6439ce
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d66f4c1ff156a284b56712f7b5ec43354455fcd74876ff14f8866a08ee15aa
9a38337a742ad80010c78eb2953df0a4c06b1d617548e69fa86e92e216f915e2
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9d6ba6e6cbb253a4892d8d92c679cae1575a58ecebc0898657e46a779647e0a6
9efb51af16021c2c2818c91225e5e954c3a11b7affd7e2935b9ef7d9053e4e22
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3fdf333d2e97c0f0dfc85a5b2d93216ce560fd3e973165219c624532249b38b
a43ff0e96c0242a0b50e599b52ea05c810cabcb0290e41b5f21f3eed2fbb0b3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b4318b593211376d1911f208751f1c90ce53c0121c46202de0a79bebce959e
a6ab3d025d76e18b3c5b3eaf86c8c64151f1ce4348244650c9a229d45316a9b3
a737e3f66a346ee9e475bb77fbec472b519714c9c8c3b544435af89782a0edaf
a85fa5244e84ece9c3d45e3786ca80ef5c3946a7770b83e87468c2bd68c957d1
aa9b87754876c84c8ecece31f925be4edc7e5471e1dfdee655eec9525ea3bc59
ab3eb0cc4af553940c3126bca328d001e51651098b3bec670395a2c879091706
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
affaee7bb4715b12f1c6173dcf4d53ecc36dd1cfd56f83265996c9f0c78d1482
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d2edfd67a8599f69483fd29240eaab4266233e8dff0767890a82dc0777b6a7
b50f84aca1780fbed04fba6f2fa8f40c3958469dcdb72aeb3158a48df50376bd
b89b190864a00a703d811ad74ed1d90d9f853d7fa1adfc96b1969d4734f747bd
ba390a736698135d0c3c8dc84b37c04887ad263fbc5ade658888ca74b9cb59e5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bee20447aa0e1293049d65c522a290c718d0d93ba582f9aabb391ad2e1187ac0
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c59f335948580c2407c807b846a1d30b81e98441287090b4c5063b95846831d2
ca2e9669d0cc6319cbefa68c880fbf59f06141c190fb30b1922ee88a11e4f64a
ceba4d461c9ed764d77585e64ab6d5776577854523e21a1422a0c4701e7a3b69
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d80606064b258039cd2f53d874ac46d3657f4694a9d34b61d8738a40eabb5c2a
d9388fce1bf912dc0112652f55af062d03acb2c93886725982e18d9c6e34d983
db13f1da48f02ff19f07c1031a73680330885d93ad15ee5b95fd4b500e7090d7
dc76b265befcb5c01a86ce1456c5007e55b0c7a0ffb630085df35d427a300ab2
df01c813a1afc16c8570d18db67c216942ebac119a2339bc84eb28cc0a72df39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f83ec3e9006b337d5cd6732ad19c4267b6bf9f7040ff6de3a39c6a23d130a2
eb27d5196cca3fe422ace69d7a4d4b0f4f5d38cab34d75a3cb66eb3edd1fef85
ebb6c50cb9844218a00fa4978bbf426284ce5be59dc100d817decce4a443aa31
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
ec7fb38dc02cbe463429e410e7dc633ce5ab60c62c0315a39402594fbea4bf39
eca0b35ce30602407ca710d5bec01e6ea5f7bb1e29ee111c4663d0c98a412fff
ece6bb68f58dc2e38e1995e2d34566679c5126ea21d40dba61308655c7e4e7e3
ed0499617748787c0fb58fb40273cb17b7c723cc0e411bbe0b12a922a7b3f509
ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a0264f0dbec6232658dd0ffb9e44c69c8f6f173de038ee99020cc672dba9b1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f9313f065cd0bad46c49c3dd21e37a3f85849523a50add419a4215c93a3dcfb8
fca848faee8095a7b1dcc41981d0cd0ebd285e3f06c5ed4e7b1c9d4b17f2d157
fcbab4467c7a6a5ee2cd09a6acba33d7992f8e995c103f8dfc751660086e6aef