urlscan.io logo urlscan.io
SecurityTrails logo

techcrunch.com Open in urlscan Pro
2001:4998:124:1704::5000  Public Scan

Go To Rescan Add Verdict Report
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Submission: On February 16 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 66 IPs in 5 countries across 73 domains to perform 233 HTTP transactions. The main IP is 2001:4998:124:1704::5000, located in Lockport, United States and belongs to YAHOO-BF1, US. The main domain is techcrunch.com. The Cisco Umbrella rank of the primary domain is 29391.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on November 5th 2021. Valid for: 5 months.
This is the only time techcrunch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
40 2001:4998:124... 26101 (YAHOO-BF1)
12 2001:4998:14:... 14777 (YAHOO)
1 2606:2800:121... 15133 (EDGECAST)
16 2001:4998:14:... 14777 (YAHOO)
8 2607:f8b0:400... 15169 (GOOGLE)
1 54.230.244.8 16509 (AMAZON-02)
10 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 192.0.76.3 2635 (AUTOMATTIC)
1 52.202.229.46 14618 (AMAZON-AES)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
9 2606:4700::68... 13335 (CLOUDFLAR...)
4 2001:4998:58:... 26101 (YAHOO-BF1)
2 2606:2800:220... 15133 (EDGECAST)
1 34.196.168.57 14618 (AMAZON-AES)
1 54.144.144.142 14618 (AMAZON-AES)
2 76.13.32.146 26101 (YAHOO-BF1)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 52.85.61.28 16509 (AMAZON-02)
4 2600:141b:700... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.251.40.130 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 104.244.42.136 13414 (TWITTER)
1 86.109.7.56 54825 (PACKET)
1 13.225.230.28 16509 (AMAZON-02)
4 2606:2800:21f... 15133 (EDGECAST)
2 2606:2800:21f... 15133 (EDGECAST)
1 13.33.46.91 16509 (AMAZON-02)
4 52.85.61.100 16509 (AMAZON-02)
3 145.40.89.32 54825 (PACKET)
1 54.208.81.2 14618 (AMAZON-AES)
14 23.221.201.161 16625 (AKAMAI-AS)
5 13.226.31.55 16509 (AMAZON-02)
1 107.23.223.65 14618 (AMAZON-AES)
1 152.199.24.48 15133 (EDGECAST)
3 2607:f8b0:400... 15169 (GOOGLE)
1 152.195.14.41 15133 (EDGECAST)
5 8 76.13.32.147 26101 (YAHOO-BF1)
11 11 3.229.12.133 14618 (AMAZON-AES)
8 15 54.175.87.114 14618 (AMAZON-AES)
1 173.223.56.123 16625 (AKAMAI-AS)
1 2 54.227.88.83 14618 (AMAZON-AES)
1 1 156.154.202.36 19907 (NEUSTAR-AS6)
1 52.85.61.52 16509 (AMAZON-02)
2 52.85.61.16 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 23.221.203.12 16625 (AKAMAI-AS)
3 3 68.67.160.24 29990 (ASN-APPNEX)
4 23.227.139.243 55081 (24SHELLS)
2 2 192.35.249.127 11742 (SPOTX-IAD)
1 2 34.107.140.17 15169 (GOOGLE)
1 35.174.142.166 14618 (AMAZON-AES)
8 9 142.251.40.194 15169 (GOOGLE)
1 3 2600:1f18:4e9... 14618 (AMAZON-AES)
5 5 35.71.131.137 16509 (AMAZON-02)
3 4 76.223.111.18 16509 (AMAZON-02)
1 104.36.115.113 62713 (AS-PUBMATIC)
2 3 185.167.164.39 198622 (ADFORM)
2 2 151.101.130.49 54113 (FASTLY)
3 24 8.28.7.83 62713 (AS-PUBMATIC)
2 2 103.229.206.241 30419 (MEDIAMATH...)
6 6 54.175.156.64 14618 (AMAZON-AES)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 199.187.193.192 47043 (SMARTADSE...)
1 1 129.159.70.95 31898 (ORACLE-BM...)
1 1 8.28.7.82 62713 (AS-PUBMATIC)
1 3 104.36.113.24 62713 (AS-PUBMATIC)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
1 38.91.45.7 398989 (DEEPINTENT)
1 1 54.166.244.71 14618 (AMAZON-AES)
1 2 52.200.205.250 14618 (AMAZON-AES)
2 2 173.231.178.117 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 54.81.225.10 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
4 4 199.127.204.142 26120 (RHYTHMONE)
2 2 23.46.249.89 16625 (AKAMAI-AS)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 2 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
1 1 108.168.159.145 36351 (SOFTLAYER)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
2 2 2606:ae80:145... 25751 (VALUECLICK)
1 1 54.210.154.62 14618 (AMAZON-AES)
1 52.86.198.120 14618 (AMAZON-AES)
1 1 2620:116:800b... 14618 (AMAZON-AES)
2 2 207.198.113.171 13768 (COGECO-PEER1)
1 2 4.78.226.233 3356 (LEVEL3)
3 3 35.211.178.172 15169 (GOOGLE)
1 1 199.38.167.128 54312 (ROCKETFUEL)
1 8.28.7.84 62713 (AS-PUBMATIC)
233 66
40    2001:4998:124:1704::5000 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
techcrunch.com
12    2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)
s.yimg.com
25.at.atwola.com
1    2606:2800:121:46:19e1:1c79:eea:1135 (United States)

ASN15133 (EDGECAST, US)
consent.cmp.oath.com
16    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
cdn.vidible.tv
jill.fc.yahoo.com
jac.yahoosandbox.com
8    2607:f8b0:4006:821::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    54.230.244.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-244-8.ewr53.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
10    2600:141b:13::17d7:82cb (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
p.typekit.net
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    52.202.229.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-229-46.compute-1.amazonaws.com
guce.techcrunch.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4006:80d::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tinypass.com
buy.tinypass.com
4    2001:4998:58:207::6000 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
3p-geo.yahoo.com
3p-udc.yahoo.com
2    2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    34.196.168.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-168-57.compute-1.amazonaws.com
organizer.bizzabo.com
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
2    76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com
sp.analytics.yahoo.com
2    2607:f8b0:4006:809::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    52.85.61.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-28.ewr53.r.cloudfront.net
sb.scorecardresearch.com
4    2600:141b:7000:1b7::268b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
1    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
1    142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
partner.googleadservices.com
1    2607:f8b0:4006:806::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    2607:f8b0:4006:81e::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    86.109.7.56 (Ashburn, United States)

ASN54825 (PACKET, US)
api.cxense.com
1    13.225.230.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-28.jfk51.r.cloudfront.net
launcher.spot.im
4    2606:2800:21f:3d5b:386b:a42c:93aa:d404 (United States)

ASN15133 (EDGECAST, US)
aka-cdn.adtechus.com
2    2606:2800:21f:16d2:d9:26d7:10a3:cf1 (United States)

ASN15133 (EDGECAST, US)
o.aolcdn.com
1    13.33.46.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-91.ewr52.r.cloudfront.net
direct-events-collector.spot.im
4    52.85.61.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-100.ewr53.r.cloudfront.net
static-cdn.spot.im
3    145.40.89.32 (Ashburn, United States)

ASN54825 (PACKET, US)
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
1    54.208.81.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-81-2.compute-1.amazonaws.com
geo.moatads.com
14    23.221.201.161 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-201-161.deploy.static.akamaitechnologies.com
apx.moatads.com
5    13.226.31.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-55.ewr53.r.cloudfront.net
api-2-0.spot.im
1    107.23.223.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-223-65.compute-1.amazonaws.com
seo.spot.im
1    152.199.24.48 (United States)

ASN15133 (EDGECAST, US)
opus.analytics.yahoo.com
3    2607:f8b0:4006:80c::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    152.195.14.41 (United States)

ASN15133 (EDGECAST, US)
tag.idsync.analytics.yahoo.com
8    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
11    3.229.12.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-12-133.compute-1.amazonaws.com
pixel.advertising.com
15    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
service.idsync.analytics.yahoo.com
1    173.223.56.123 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-123.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    54.227.88.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-88-83.compute-1.amazonaws.com
dpm.demdex.net
1    156.154.202.36 (United States)

ASN19907 (NEUSTAR-AS6, US)
aa.agkn.com
1    52.85.61.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-52.ewr53.r.cloudfront.net
audex.userreport.com
2    52.85.61.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-16.ewr53.r.cloudfront.net
publisher-assets.spot.im
1    2607:f8b0:4006:823::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    23.221.203.12 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-203-12.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    68.67.160.24 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
4    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.spotim.market
2    192.35.249.127 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
2    34.107.140.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.140.107.34.bc.googleusercontent.com
di.rlcdn.com
1    35.174.142.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-142-166.compute-1.amazonaws.com
onevideosync.uplynk.com
9    142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
cm.g.doubleclick.net
3    2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
24    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    54.175.156.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-156-64.compute-1.amazonaws.com
match.prod.bidr.io
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    199.187.193.192 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    104.36.113.24 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    54.166.244.71 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-244-71.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    52.200.205.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-205-250.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    173.231.178.117 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: lga-delivery-9.sys.adgear.com
cm.adgrx.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    54.81.225.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-225-10.compute-1.amazonaws.com
pm.w55c.net
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
4    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    23.46.249.89 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-249-89.deploy.static.akamaitechnologies.com
px.owneriq.net
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
2    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
1    108.168.159.145 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 91.9f.a86c.ip4.static.sl-reverse.com
um.simpli.fi
1    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    2606:ae80:1451:21::410 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
1    54.210.154.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-154-62.compute-1.amazonaws.com
sync.ipredictive.com
1    52.86.198.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-198-120.compute-1.amazonaws.com
rtb.adentifi.com
1    2620:116:800b:21:44af:4f54:8af4:5563 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
2    207.198.113.171 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    4.78.226.233 (Mobile, United States)

ASN3356 (LEVEL3, US)
pmp.mxptint.net
3    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    199.38.167.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
42 yahoo.com
3p-geo.yahoo.com — Cisco Umbrella Rank: 5020
3p-udc.yahoo.com — Cisco Umbrella Rank: 5775
jill.fc.yahoo.com — Cisco Umbrella Rank: 2297
sp.analytics.yahoo.com — Cisco Umbrella Rank: 796
opus.analytics.yahoo.com — Cisco Umbrella Rank: 4692
tag.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 2140
cms.analytics.yahoo.com — Cisco Umbrella Rank: 855
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
service.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 744
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
32 KB
41 techcrunch.com
techcrunch.com — Cisco Umbrella Rank: 29391
guce.techcrunch.com — Cisco Umbrella Rank: 78527
2 MB
32 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 429
image6.pubmatic.com — Cisco Umbrella Rank: 582
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image2.pubmatic.com — Cisco Umbrella Rank: 752
image8.pubmatic.com — Cisco Umbrella Rank: 543
image4.pubmatic.com — Cisco Umbrella Rank: 738
simage4.pubmatic.com — Cisco Umbrella Rank: 1024
36 KB
15 moatads.com
geo.moatads.com — Cisco Umbrella Rank: 588
apx.moatads.com — Cisco Umbrella Rank: 3511
4 KB
14 spot.im
launcher.spot.im — Cisco Umbrella Rank: 3787
direct-events-collector.spot.im — Cisco Umbrella Rank: 3961
static-cdn.spot.im — Cisco Umbrella Rank: 3828
api-2-0.spot.im — Cisco Umbrella Rank: 3728
seo.spot.im — Cisco Umbrella Rank: 38512
publisher-assets.spot.im — Cisco Umbrella Rank: 5334
154 KB
11 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
4 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
7 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
192 KB
10 typekit.net
use.typekit.net — Cisco Umbrella Rank: 399
p.typekit.net — Cisco Umbrella Rank: 510
213 KB
9 tinypass.com
cdn.tinypass.com — Cisco Umbrella Rank: 4567
buy.tinypass.com — Cisco Umbrella Rank: 3969
822 KB
8 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 4660
api.cxense.com — Cisco Umbrella Rank: 6479
p1cluster.cxense.com — Cisco Umbrella Rank: 6557
comcluster.cxense.com — Cisco Umbrella Rank: 4318
id.cxense.com — Cisco Umbrella Rank: 8288
58 KB
8 yimg.com
s.yimg.com — Cisco Umbrella Rank: 372
55 KB
7 yahoosandbox.com
jac.yahoosandbox.com — Cisco Umbrella Rank: 3653
237 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 444
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
2 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 356
2 KB
4 rlcdn.com
di.rlcdn.com — Cisco Umbrella Rank: 2030
idsync.rlcdn.com — Cisco Umbrella Rank: 283
1 KB
4 spotim.market
sync.spotim.market — Cisco Umbrella Rank: 1958
2 KB
4 atwola.com
25.at.atwola.com — Cisco Umbrella Rank: 3515
406 B
4 adtechus.com
aka-cdn.adtechus.com — Cisco Umbrella Rank: 5937
581 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 480
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 529
1 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
3 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 591
syndication.twitter.com — Cisco Umbrella Rank: 840
133 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 3763
965 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
946 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2481
741 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 692
849 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 789
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 704
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 683
s.tribalfusion.com — Cisco Umbrella Rank: 1640
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1259
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1174
571 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 619
widget.us.criteo.com — Cisco Umbrella Rank: 20189
720 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
742 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 469
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 387 Failed
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 187
2 KB
2 aolcdn.com
o.aolcdn.com — Cisco Umbrella Rank: 7399
3 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 129
911 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
113 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2460
pixel.wp.com — Cisco Umbrella Rank: 2394
3 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 615
783 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 374
541 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 931
88 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 882
522 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
518 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 691
656 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3850
360 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3011
346 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 821
650 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 946
674 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 768
615 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 807
223 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1041
801 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 535
763 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 516
800 B
1 uplynk.com
onevideosync.uplynk.com — Cisco Umbrella Rank: 1980
225 B
1 userreport.com
audex.userreport.com — Cisco Umbrella Rank: 3194
433 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 388
746 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 425
615 B
1 google.ca
adservice.google.ca — Cisco Umbrella Rank: 12901
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 741
646 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 3966
7 KB
1 parsely.com
p1.parsely.com — Cisco Umbrella Rank: 1996
260 B
1 bizzabo.com
organizer.bizzabo.com — Cisco Umbrella Rank: 85577
159 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
21 KB
1 vidible.tv
cdn.vidible.tv — Cisco Umbrella Rank: 17102
95 KB
1 oath.com
consent.cmp.oath.com — Cisco Umbrella Rank: 6031
19 KB
0 playground.xyz Failed
ads.playground.xyz Failed
233 73
Domain Requested by
40 techcrunch.com techcrunch.com
16 simage2.pubmatic.com 2 redirects ads.pubmatic.com
14 ups.analytics.yahoo.com 8 redirects
14 apx.moatads.com techcrunch.com
11 pixel.advertising.com 11 redirects
9 cm.g.doubleclick.net 8 redirects
9 use.typekit.net techcrunch.com
8 image2.pubmatic.com 1 redirects ads.pubmatic.com
8 cms.analytics.yahoo.com 5 redirects
8 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
8 jill.fc.yahoo.com techcrunch.com
jac.yahoosandbox.com
8 pagead2.googlesyndication.com techcrunch.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 s.yimg.com techcrunch.com
s.yimg.com
7 jac.yahoosandbox.com jill.fc.yahoo.com
jac.yahoosandbox.com
6 match.prod.bidr.io 6 redirects
5 match.adsrvr.org 5 redirects
5 api-2-0.spot.im launcher.spot.im
static-cdn.spot.im
4 eb2.3lift.com 3 redirects
4 sync.spotim.market ads.pubmatic.com
4 static-cdn.spot.im launcher.spot.im
techcrunch.com
4 25.at.atwola.com techcrunch.com
4 aka-cdn.adtechus.com techcrunch.com
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
3 x.bidswitch.net 3 redirects
3 sync.1rx.io 3 redirects
3 image4.pubmatic.com 1 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
3 ib.adnxs.com 3 redirects
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 3p-geo.yahoo.com s.yimg.com
2 pmp.mxptint.net 1 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pippio.com 2 redirects
2 idsync.rlcdn.com 1 redirects
2 px.owneriq.net 2 redirects
2 pm.w55c.net 2 redirects
2 cm.adgrx.com 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 sync-tm.everesttech.net 2 redirects
2 di.rlcdn.com 1 redirects
2 sync.search.spotxchange.com 2 redirects
2 sync.mathtag.com
2 ads.pubmatic.com static-cdn.spot.im
2 publisher-assets.spot.im static-cdn.spot.im
2 dpm.demdex.net 1 redirects
2 o.aolcdn.com techcrunch.com
2 sb.scorecardresearch.com 1 redirects techcrunch.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 sp.analytics.yahoo.com techcrunch.com
2 platform.twitter.com techcrunch.com
platform.twitter.com
2 connect.facebook.net techcrunch.com
connect.facebook.net
1 simage4.pubmatic.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 rtb.adentifi.com
1 sync.ipredictive.com 1 redirects
1 ad.turn.com 1 redirects
1 um.simpli.fi 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 widget.us.criteo.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 image8.pubmatic.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 onevideosync.uplynk.com
1 service.idsync.analytics.yahoo.com tag.idsync.analytics.yahoo.com
1 www.google.com tpc.googlesyndication.com
1 audex.userreport.com
1 aa.agkn.com 1 redirects
1 tags.bluekai.com
1 tag.idsync.analytics.yahoo.com opus.analytics.yahoo.com
1 opus.analytics.yahoo.com jac.yahoosandbox.com
1 seo.spot.im launcher.spot.im
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 geo.moatads.com aka-cdn.adtechus.com
1 p1cluster.cxense.com cdn.cxense.com
1 direct-events-collector.spot.im launcher.spot.im
1 launcher.spot.im jac.yahoosandbox.com
1 api.cxense.com cdn.cxense.com
1 syndication.twitter.com platform.twitter.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.ca pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 c2.piano.io cdn.tinypass.com
1 p.typekit.net techcrunch.com
1 pixel.wp.com techcrunch.com
1 p1.parsely.com techcrunch.com
1 organizer.bizzabo.com techcrunch.com
1 3p-udc.yahoo.com s.yimg.com
1 cdn.tinypass.com techcrunch.com
1 www.google-analytics.com techcrunch.com
1 guce.techcrunch.com consent.cmp.oath.com
1 stats.wp.com techcrunch.com
1 d1z2jf7jlzjs58.cloudfront.net techcrunch.com
1 cdn.vidible.tv techcrunch.com
1 consent.cmp.oath.com techcrunch.com
0 ads.playground.xyz Failed
233 109
Subject Issuer Validity Valid
n.main.welcomescreen.aol.com
DigiCert SHA2 High Assurance Server CA		 2021-11-05 -
2022-04-20		 5 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-31 -
2022-03-23		 2 months crt.sh
service.cmp.oath.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-09 -
2023-02-24		 a year crt.sh
cdn-ycs.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-06		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
guce.oath.com
DigiCert SHA2 High Assurance Server CA		 2021-11-23 -
2022-05-18		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-26 -
2022-02-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-19 -
2022-09-18		 a year crt.sh
analytics.query.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-12-28 -
2022-06-22		 6 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.bizzabo.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-12 -
2022-12-19		 a year crt.sh
secure.ace.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-12-08 -
2022-05-25		 6 months crt.sh
*.parsely.com
R3		 2022-01-16 -
2022-04-16		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-02-07 -
2022-03-30		 2 months crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA		 2021-05-21 -
2022-05-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-16 -
2022-07-15		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-24 -
2022-03-23		 a year crt.sh
*.spot.im
Amazon		 2021-11-04 -
2022-12-02		 a year crt.sh
aka-cdn.adtechus.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-02		 a year crt.sh
jp.techcrunch.com
DigiCert SHA2 High Assurance Server CA		 2022-01-12 -
2022-04-13		 3 months crt.sh
o.aolcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-02		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
opus.analytics.yahoo.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.idsync.analytics.yahoo.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-02		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-09		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2021-04-28 -
2022-05-27		 a year crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2022-01-29 -
2022-04-29		 3 months crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh

This page contains 37 frames:

Primary Page: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Frame ID: B0B3A97C03E7755A07928C4AB4CB7E96
Requests: 114 HTTP requests in this frame

Frame: https://techcrunch.com/2022/02/08/ottawa-trucker-freedom-convoy-exposed-donation/embed/
Frame ID: 834B21A15483C5AA6DC337624EACD772
Requests: 6 HTTP requests in this frame

Frame: https://techcrunch.com/2022/02/08/ottawa-trucker-freedom-convoy-exposed-donation/embed/
Frame ID: 158E01C80DF3A22DC917E77A5B46F65E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20190131/zrt_lookup.html
Frame ID: DA710EB987D8AD49BDC3282E1C7A510C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Ftechcrunch.com
Frame ID: 86DACA0016CC2A93640944C83F94A159
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2508481855317367&output=html&adk=1812271804&adf=3025194257&lmt=1645034064&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645034064428&bpp=3&bdt=1025&idt=398&shv=r20220214&mjsv=m202202090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8108629751974&frm=20&pv=2&ga_vid=775134820.1645034065&ga_sid=1645034065&ga_hid=204180430&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064037%2C31064857%2C31063247%2C31064019&oid=2&pvsid=1075796570593092&pem=681&tmod=2119363519&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=419
Frame ID: 29D3D63562785B2D2A8FF575088C9889
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=Fy7FpgyUxA&templateId=OTOB0H38YGQ3&templateVariantId=OTVQW6JN8FQDT&offerId=fakeOfferId&experienceId=EXC78P3VUPI4&iframeId=offer_c1f94cb00441a37ae829-0&displayMode=inline&widget=template&url=https%3A%2F%2Ftechcrunch.com
Frame ID: 5861C423BE091334BDB96EC4C00D6CBC
Requests: 9 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.14.0/safeframe.html
Frame ID: 62EF26B67645F838EF937968B28B28A0
Requests: 19 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.14.0/jac.js
Frame ID: 091D4F0FC85B06A13E8394943701A3D0
Requests: 4 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.14.0/jac.js
Frame ID: B51BC1B18DD5AF66F69FC4D8C51979C5
Requests: 2 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.14.0/jac.js
Frame ID: 1BAECD68F57399038917026E54D44819
Requests: 6 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.14.0/jac.js
Frame ID: 10E42CAB7BBFEE2E9B195B009AD497D8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 426B2451E95E5BF010E6A5A26276F9E2
Requests: 4 HTTP requests in this frame

Frame: https://opus.analytics.yahoo.com/tag/opus-frame.html?referrer=
Frame ID: 12A1F736031F5454C897941D92DEB874
Requests: 2 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A//opus.analytics.yahoo.com/tag/opus-frame.html%3Freferrer%3D
Frame ID: A9BF7869DDF47BB61DFFB752BB5F1D93
Requests: 2 HTTP requests in this frame

Frame: https://cms.analytics.yahoo.com/cms?partner_id=AOL&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767&_redirect=false
Frame ID: 86BE6167174FEC622FBBF24E27505996
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/19505?id=y-2R9r2wtE2pKP6VvvC51PkoYswGDXmvgQ2ZY-~A
Frame ID: FF04C9A8CE8B63A35F6A9F814B792DD3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CBDFA1BDE08485D1FF712A0ABED2352F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF73A45D822EEA0F93A0371218A83BAE
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: BE016FA3252658529F1CD332F64E458C
Requests: 22 HTTP requests in this frame

Frame: https://onevideosync.uplynk.com/usync?key=onevideo&comboId=y-6zgDItRE2uF7QdMZK5L5djv70qXaVG9c~A~UP7b505ddf-8f51-11ec-8386-0ea96657d767&gdpr=0&gdpr_consent=
Frame ID: FE9F4BCD88023406FE96FF91A0E1F8D8
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2B7EF811-381C-497E-969B-C1174DA7D8C4
Frame ID: D8DD0C2FDB8AE2003D75584B81C4F96B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg06UgAGttKFygBH&gdpr=0&gdpr_consent=&_test=Yg06UgAGttKFygBH
Frame ID: 217F0D2E343EFD5932CD46A4DC37B566
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7263620d-3a53-4a00-9940-6e5e48a50b86&gdpr=0&gdpr_consent=
Frame ID: 5186308F7657A1C6812BE6312C1C2B7F
Requests: 1 HTTP requests in this frame

Frame: https://pr-bh.ybp.yahoo.com/sync/pubmatic/2B7EF811-381C-497E-969B-C1174DA7D8C4&gdpr=0&gdpr_consent=
Frame ID: E4AF31409003005849C04B6F053400E1
Requests: 1 HTTP requests in this frame

Frame: https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 82750E9D47FCCDA896283A2EA07C7E4B
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 559B1E8A064D2262B6CDCE6B100CE5E2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tc5JAMXVSoFCfiViZpYGipU4mbM
Frame ID: ADBBC5884524D5B4E02AC41DFB9C80B3
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2B7EF811-381C-497E-969B-C1174DA7D8C4
Frame ID: A51FF8D6B66738D5F52F1073FEBFE11D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7b72c028-8f51-11ec-9371-a0350199f618
Frame ID: 7A2EC5AB47DDED2C892CFCDA955B34EB
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 12C3F8EFD096CC5704A62C186AA496C0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPxQjtlF1Nkovw5&gdpr=0&gdpr_consent=
Frame ID: 1C1E95DE3C556834DA8A2AF834ACF138
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=647612703894
Frame ID: 6A209A1133315A1D4EB2FA555619B75F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b2254f04-171e-4577-9938-73b14ab1abc4-005
Frame ID: 6C86964864D5232D8B3B54694B4CC530
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6983204661699776467
Frame ID: 4B6BC7C645689A8D8A67AF4723195DE2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=727ce0de-a1cc-4ea8-a6a4-c82b9aa96ca5
Frame ID: BE196083DFDAF89E8E36F7310F084B0B
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=2B7EF811-381C-497E-969B-C1174DA7D8C4
Frame ID: D88816B18AD64EBE58252E71B247CE6B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hackers leak names of ‘Freedom Convoy’ donors after GiveSendGo breach | TechCrunchTechCrunchsearchClose ScreencommentcameraclosefacebooktwitterlinkedinmailCopy Share LinkCopy Share LinkcheckmarkTechCrunchplus-boldFacebookTwitterYouTubeInstagramLinkedIn

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

233
Requests

83 %
HTTPS

26 %
IPv6

73
Domains

109
Subdomains

66
IPs

5
Countries

5520 kB
Transfer

11787 kB
Size

138
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://sb.scorecardresearch.com/p?c1=2&c2=1000009&gdpr=0&gdpr_consent=&cs_ucfr=1&c7=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&c8=Hackers%20leak%20names%20of%20%E2%80%98Freedom%20Convoy%E2%80%99%20donors%20after%20GiveSendGo%20breach%20%7C%20TechCrunch&c9=&ns_c=UTF-8&ns__t=1645034064468 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=1000009&gdpr=0&gdpr_consent=&cs_ucfr=1&c7=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&c8=Hackers%20leak%20names%20of%20%E2%80%98Freedom%20Convoy%E2%80%99%20donors%20after%20GiveSendGo%20breach%20%7C%20TechCrunch&c9=&ns_c=UTF-8&ns__t=1645034064468
Request Chain 158
  • https://cms.analytics.yahoo.com/cms?partner_id=AOL&orig=ono&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55357/sync?_origin=0&redir=true&uid=y-Fg0SKGlE2pF93nE0n8qfukFZ8RGldZuS~A HTTP 302
  • https://pixel.advertising.com/ups/55357/sync?_origin=0&redir=true&uid=y-Fg0SKGlE2pF93nE0n8qfukFZ8RGldZuS~A&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55357/sync?_origin=0&redir=true&uid=y-Fg0SKGlE2pF93nE0n8qfukFZ8RGldZuS~A&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767 HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=AOL&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767&_redirect=false
Request Chain 160
  • https://cms.analytics.yahoo.com/cms?partner_id=BLKAI&orig=ono HTTP 302
  • https://tags.bluekai.com/site/19505?id=y-2R9r2wtE2pKP6VvvC51PkoYswGDXmvgQ2ZY-~A
Request Chain 161
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&orig=ono HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-J0EmjltE2pEMWhPkfURlk6L7h9kKDNkGCHk-~A&redir=https%3A%2F%2Fcms.analytics.yahoo.com%2Fcms%2F%3Fpartner_id%3DADOBE%26_origin%3Dfalse%26_redirect%3Dfalse%26_hosted_id%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30646
Request Chain 163
  • https://cms.analytics.yahoo.com/cms?partner_id=NEUAR&orig=ono HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9202214988&yho=y-w3JbDa9E2p4_m_yfZ5eMc7.hI_kD7k6m7bc-~A HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=NEUAR&_origin=false&_redirect=false&_hosted_id=164060404064009491460&gdpr=&gdpr_consent=
Request Chain 164
  • https://cms.analytics.yahoo.com/cms?partner_id=AUDPR&orig=ono HTTP 302
  • https://audex.userreport.com/sync/put/yho?yhoid=y-82E9qIZE2pH6sg9YqXkyExW7gSuqfIbh0xQ-~A
Request Chain 174
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=8541061122262657890
Request Chain 175
  • https://sync.search.spotxchange.com/partner?source=211945 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=7b5b3b64-8f51-11ec-885c-1966130c0103 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESENYhABNdI2VXv2GXOzsuu-U&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7028&uid=07c027c8-1f84-497f-a8db-fe36b11bd367&img=1 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=&_test=Yg06UgAGtzyGrgBH HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yg06UgAGtzyGrgBH&img=1&gdpr=0&gdpr_consent=&_test=Yg06UgAGtzyGrgBH HTTP 302
  • https://match.prod.bidr.io/cookie-sync/sx?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sx?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://sync.search.spotxchange.com/partner?adv_id=8304&uid=AAFDSE7EGnUAAHePDzunQw&gdpr=0 HTTP 302
  • https://sync.springserve.com/usersync?redirect_url=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D8876%26uid%3DSS_UUID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8876&uid=7c4b4fb0-09e9-4204-a9aa-8c0a42943245 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=44&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dfcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341%26partner_url%3Dhttps%253A%252F%252Fsync.search.spotxchange.com%252Fpartner%253Fadv_id%253D7308%2526uid%253Dfcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dfcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341%26partner_url%3Dhttps%253A%252F%252Fsync.search.spotxchange.com%252Fpartner%253Fadv_id%253D7308%2526uid%253Dfcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341&xl8blockcheck=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341&partner_url=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D7308%26uid%3Dfcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341&partner_url=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D7308%26uid%3Dfcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7308&uid=fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
Request Chain 176
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-53NyM8NE2uHJsxkpJNWYPsGAUTkw_4yX~A~UP7b505ddf-8f51-11ec-8386-0ea96657d767
Request Chain 177
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=7b5b2db1-8f51-11ec-9f79-1704892e0303 HTTP 302
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=7b5b3afd-8f51-11ec-885c-1966130c0103
Request Chain 178
  • https://di.rlcdn.com/710530.gif HTTP 307
  • https://di.rlcdn.com/api/segment?pid=710530&redirect=1
Request Chain 180
  • https://pixel.advertising.com/ups/57989/sync?_origin=1&redir=true&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://ups.analytics.yahoo.com/ups/57989/sync?_origin=1&redir=true&gdpr=0&gdpr_consent=undefined&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767 HTTP 302
  • https://onevideosync.uplynk.com/usync?key=onevideo&comboId=y-6zgDItRE2uF7QdMZK5L5djv70qXaVG9c~A~UP7b505ddf-8f51-11ec-8386-0ea96657d767&gdpr=0&gdpr_consent=
Request Chain 181
  • https://pixel.advertising.com/ups/57304/sync?_origin=0&gdpr=0&gdpr_consent=undefined&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?_origin=0&gdpr=0&gdpr_consent=undefined&redir=true&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA3YjUwNWRkZi04ZjUxLTExZWMtODM4Ni0wZWE5NjY1N2Q3Njc%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEHpRUASO25eopMACAILqgLM&gdpr=0&gdpr_consent=&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHpRUASO25eopMACAILqgLM&gdpr=0&gdpr_consent=&google_cver=1&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
Request Chain 182
  • https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=undefined&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/UP7b505ddf-8f51-11ec-8386-0ea96657d767?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-JfprZqlE2p4.ngpDbRMIzrITDJTKr29VaFVf~A&_origin=0&nsync=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-JfprZqlE2p4.ngpDbRMIzrITDJTKr29VaFVf~A&_origin=0&nsync=0&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
Request Chain 183
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=07c027c8-1f84-497f-a8db-fe36b11bd367&_origin=1&gdpr=0&gdpr_consent=
Request Chain 184
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=undefined&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-IpS9vRVE2uVDnw0DGN_P77l3XUjV19uq~A%26gdpr%3d0%26gdpr_consent%3dundefined%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fpixel.advertising.com%252Fups%252F58292%252Fsync%253F_origin%253D0%2526gdpr%253D0%2526gdpr_consent%253Dundefined%2526uid%253D%2523PMUID%2526redir2%253Dtrue HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=undefined&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-IpS9vRVE2uVDnw0DGN_P77l3XUjV19uq~A%26gdpr%3d0%26gdpr_consent%3dundefined%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fpixel.advertising.com%252Fups%252F58292%252Fsync%253F_origin%253D0%2526gdpr%253D0%2526gdpr_consent%253Dundefined%2526uid%253D%2523PMUID%2526redir2%253Dtrue&rdf=1 HTTP 0
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 185
  • https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=undefined HTTP 0
  • https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-rkoYbhNE2uH0kX5FWHjNyLrRxfjryg--~A&gdpr=0&gdpr_consent=
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0xeXlLazVaRTJ1RXhCOENuVTFwYXJkZ1VjQVdZVzg3ZmZnLS1%2BQQ%3D%3D&gdpr=0&gdpr_consent=undefined&_origin=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=undefined&_origin=0&google_hm=2
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=nexage_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=undefined&_origin=0 HTTP 302
  • https://pixel.advertising.com/ups/57769/sync?uid=CAESEEyBBWyvyd6XSMjHhkBi56s&gdpr=0&gdpr_consent=undefined&_origin=0&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57769/sync?uid=CAESEEyBBWyvyd6XSMjHhkBi56s&gdpr=0&gdpr_consent=undefined&_origin=0&google_cver=1&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
Request Chain 189
  • https://eb2.3lift.com/getuid?&gdpr=0&cmp_cs=undefined&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3Dundefined HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=undefined&us_privacy=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3Dundefined HTTP 302
  • https://ups.analytics.yahoo.com/ups/58382/sync?_origin=0&ums2=0&redir=true&uid=3223219275822513178025&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://eb2.3lift.com/sync?px=1&gdpr=0&cmp_cs=&axid=y-pXZcs4pE2uLMI72xDl25xyw4ecnoY7cV~A&ums2=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=07c027c8-1f84-497f-a8db-fe36b11bd367&dongle=0cfd
Request Chain 195
  • https://c1.adform.net/serving/cookie/match?party=14&cid=2B7EF811-381C-497E-969B-C1174DA7D8C4 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2B7EF811-381C-497E-969B-C1174DA7D8C4
Request Chain 196
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yg06UgAGttKFygBH HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg06UgAGttKFygBH&gdpr=0&gdpr_consent=&_test=Yg06UgAGttKFygBH
Request Chain 197
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7263620d-3a53-4a00-9940-6e5e48a50b86&gdpr=0&gdpr_consent=
Request Chain 198
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGRFNFN0VHblVBQUhlUER6dW5Rdw&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFDSE7EGnUAAHePDzunQw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFDSE7EGnUAAHePDzunQw&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFDSE7EGnUAAHePDzunQw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8056379446578827850 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAFDSE7EGnUAAHePDzunQw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D8056379446578827850%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?userid=8056379446578827850&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFDSE7EGnUAAHePDzunQw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IpS9vRVE2uVDnw0DGN_P77l3XUjV19uq~A&gdpr=0&gdpr_consent=undefined&pmc=1&pr=https%3A%2F%2Fpixel.advertising.com%2Fups%2F58292%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D2B7EF811-381C-497E-969B-C1174DA7D8C4%26redir2%3Dtrue HTTP 302
  • https://pixel.advertising.com/ups/58292/sync?_origin=0&gdpr=0&gdpr_consent=undefined&uid=2B7EF811-381C-497E-969B-C1174DA7D8C4&redir2=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=0&gdpr=0&gdpr_consent=undefined&uid=2B7EF811-381C-497E-969B-C1174DA7D8C4&redir2=true&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/2B7EF811-381C-497E-969B-C1174DA7D8C4&gdpr=0&gdpr_consent=
Request Chain 199
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Request Chain 201
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tc5JAMXVSoFCfiViZpYGipU4mbM
Request Chain 202
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=c7d333dd-71be-42fa-b73f-d76c4c4a4ccf&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2B7EF811-381C-497E-969B-C1174DA7D8C4
Request Chain 203
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7b72c028-8f51-11ec-9371-a0350199f618
Request Chain 204
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 205
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPxQjtlF1Nkovw5&gdpr=0&gdpr_consent=
Request Chain 206
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=647612703894
Request Chain 207
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1645034066892 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3336142250 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/07c027c8-1f84-497f-a8db-fe36b11bd367 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b2254f04-171e-4577-9938-73b14ab1abc4-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-b2254f04-171e-4577-9938-73b14ab1abc4-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b2254f04-171e-4577-9938-73b14ab1abc4-005
Request Chain 208
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ6983204661699776467&uid=Q6983204661699776467&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6983204661699776467
Request Chain 209
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=727ce0de-a1cc-4ea8-a6a4-c82b9aa96ca5
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K374ETgcSX6Wm8EXTafYxA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 212
  • https://idsync.rlcdn.com/420486.gif?partner_uid=2B7EF811-381C-497E-969B-C1174DA7D8C4 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=88d778cb067c1afb4599d8c0fb20b7317182c0e20c13ea3c4efebe41f2baceaf791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4OGQ3NzhjYjA2N2MxYWZiNDU5OWQ4YzBmYjIwYjczMTcxODJjMGUyMGMxM2VhM2M0ZWZlYmU0MWYyYmFjZWFmNzkxNDI2YjU0MTdkY2UyMRAAGgwI0vS0kAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4OGQ3NzhjYjA2N2MxYWZiNDU5OWQ4YzBmYjIwYjczMTcxODJjMGUyMGMxM2VhM2M0ZWZlYmU0MWYyYmFjZWFmNzkxNDI2YjU0MTdkY2UyMRAAGgwI0vS0kAYSBAgCEABCAEoA&google_gid=CAESECpDV6hBJcTwCIAvFP91XZA&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=b4ffb5d1-760e-48cc-962d-16d25d44b673
Request Chain 213
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8051620d-3a53-4b00-9140-85a3da4bec1b
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkI3RUY4MTEtMzgxQy00OTdFLTk2OUItQzExNzREQTdEOEM0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGrc9Wk9TnG2zB3kCGnbYOc&google_cver=1
Request Chain 216
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B08800FF6EA34F5BB5E6633CFD9D1824
Request Chain 217
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7053038009852845648&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 218
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=07c027c8-1f84-497f-a8db-fe36b11bd367
Request Chain 220
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2B7EF811-381C-497E-969B-C1174DA7D8C4&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AynMUptE2uXXXeV_H.KtNDFu9ibQVi8-~A&gdpr=0&gdpr_consent=
Request Chain 221
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2B7EF811-381C-497E-969B-C1174DA7D8C4&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=a4739400cb31224&is_secure=true&networkId=17100&version=1&nuid=2B7EF811-381C-497E-969B-C1174DA7D8C4&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcecnaMhFAAMF_2ogAAAAAAA&expiration=1645120466&nuid=2B7EF811-381C-497E-969B-C1174DA7D8C4&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 222
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=7b826aa8-8f51-11ec-8681-7f9b9a30e98b&gdpr=0&gdpr_consent=
Request Chain 223
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8541061122262657890&gdpr=0&gdpr_consent=
Request Chain 225
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xedjz8C0ZpnetjWfx7F-nsOwYcne52TNlrdPng_Q
Request Chain 226
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341&gdpr=0&gdpr_consent=
Request Chain 227
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B331_EB648C98_356DB3E1&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 228
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1783777311182772972&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7d77fa25-b79b-4f90-a965-0c766261f90e&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 229
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=37146068162650729

233 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/ 		191 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS / WordPress VIP <https://wpvip.com>
Resource Hash
1e948b5e167eac6e8582c21c0f929cc6c716982ff4f2350dc252525c08eff62c
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: https:; object-src 'none'; connect-src https: wss:; script-src 'unsafe-inline' https: 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; media-src 'self' blob: data: https:; font-src 'self' data: https://use.typekit.net https://cdn.vidible.tv https://cdnjs.cloudflare.com ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

server
ATS
date
Wed, 16 Feb 2022 17:54:23 GMT
content-type
text/html; charset=UTF-8
content-length
35860
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
host-header
a9130478a60e5f9135f765b23f26593b
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: https:; object-src 'none'; connect-src https: wss:; script-src 'unsafe-inline' https: 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; media-src 'self' blob: data: https:; font-src 'self' data: https://use.typekit.net https://cdn.vidible.tv https://cdnjs.cloudflare.com ;
referrer-policy
no-referrer-when-downgrade
link
<https://techcrunch.com/wp-json/>; rel="https://api.w.org/" <https://techcrunch.com/wp-json/wp/v2/posts/2271673>; rel="alternate"; type="application/json" <https://techcrunch.com/?p=2271673>; rel=shortlink
x-rq
yyz2 0 2 9980
cache-control
max-age=300, must-revalidate
content-encoding
gzip
age
1251
x-cache
hit
vary
Accept-Encoding
accept-ranges
bytes
strict-transport-security
max-age=31536000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
perf-vitals_2.0.0.js
s.yimg.com/aaq/pv/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/aaq/pv/perf-vitals_2.0.0.js
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
1b6f60b0715e162c4f3ca6c4b54b64a1e8edfa8b5ad1859982d990c9258abf3d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435216
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
1961
x-amz-id-2
FMNEsDi1uM6jpB4Ed2Wb9k/8YonS3T9RY5TadvJSj9WCP6fXrBT/uXTy8ereVvqd1yriO9or280=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Jun 2021 17:37:15 GMT
server
ATS
etag
"d7ad6697dbb2a4183385280b757c754c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
8D12RSWRSRV3YDR7
x-xss-protection
1; mode=block
cache-control
public,max-age=31536000
x-amz-version-id
i8xt9OcqDpTrjuB5A6JEVonaKht9cf5M
accept-ranges
bytes
content-type
application/javascript
/
techcrunch.com/_static/ 		92 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://techcrunch.com/_static/??-eJyNy0EOQDAQheELqVFEbMRZqp3IMC3pVKS3ZyNhZ/nnvQ/OXVGwfDgUsCLgSBJMvNlVMU3RxAySMmPpKZT3oYC3WAQ8OjLI6DGkT+xsMkbFOBub//F7e/eDRj/orm10q+u+ugCHZkGf
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
8e315a135b277af2ea1b9c4f7969c1cd1f3b96afff683df914a4b3e5bbf35adb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
956
x-cache
hit
vary
Accept-Encoding
content-length
13871
x-xss-protection
1; mode=block
x-rq
yyz2 0 2 9980
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jan 2022 20:08:00 GMT
server
ATS
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
/
techcrunch.com/_static/ 		353 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://techcrunch.com/_static/??/wp-content/plugins/wp-parsely/wp-parsely.css,/wp-content/themes/techcrunch-2017/build/ec/css/main.css?m=1644866395
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
d58b25a373c2d322f847023d9d36a45cec17cd4ec9506037232adb457079e545
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
952
x-cache
hit
vary
Accept-Encoding
content-length
54114
x-xss-protection
1; mode=block
x-rq
yyz1 0 2 9980
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 17:35:49 GMT
server
ATS
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
consent.js
s.yimg.com/oa/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/oa/consent.js?tc_ver=220216
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
69aa54076ccf59896ad12b8235523db29db7ba08beebe496e4a6a1a9dcafdcd9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:49:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
14746
x-amz-id-2
kA8s2MvsbZrNlnBkwehHda3ooxSp5KCLzeYc6zLKYCVA5vGCaJLRUeV69Ol2fS8qIT1QTOfJL7I=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 02 Dec 2021 19:12:56 GMT
server
ATS
etag
"67962c428f312c1d71facfc3849192c5-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
J4NB9ATN1J4XA073
x-xss-protection
1; mode=block
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript
rapid3.js
s.yimg.com/ss/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ss/rapid3.js?ver=20220216
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
caacab0deaf67e97531afe3f0fc53378c98fb836991729e958eb93b1d5559240
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:53:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
x-amz-request-id
R04YB312B8PXNHG5
x-amz-id-2
HyHb1p8rQPd/HRf6f18Cf6L/oHcZZeivIlyUz9pcfpvL1zxMWWrNY/IUpkUAUv5Hc9dF+i4J96E=
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 Feb 2022 20:08:07 GMT
server
ATS
etag
"1c8e404f94ccf929904cabd718cb6feb-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-version-id
iGWY99arSNRAfM7OZY1iixtMhuxTuAal
x-xss-protection
1; mode=block
cache-control
max-age=600
accept-ranges
bytes
content-type
application/javascript
cmp.js
consent.cmp.oath.com/ 		77 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cmp.oath.com/cmp.js?ver=20220216
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:121:46:19e1:1c79:eea:1135 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (nya/79BE) /
Resource Hash
708e0c4f5f39d21d0fa3573ab1fc90d187913b6d077e858ed53ae0918050d416

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
content-encoding
gzip
last-modified
Sat, 27 Feb 2021 14:09:04 GMT
server
ECD (nya/79BE)
age
3257
etag
"1a5d01ca6cad944552408a585b0a1a4b+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=3600
x-amz-request-id
32NQBNQAXWEHARTB
content-length
19512
x-amz-id-2
QowntxbatXZ+v49oxDzw5nLFQJJZi3er5MwEcHDNJQ90MrrqFEa3tePnaJt4Ws2H9z9vk1uR6tU=
expires
Wed, 16 Feb 2022 18:54:23 GMT
acookie_0.0.15.js
s.yimg.com/aaq/acookie/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/aaq/acookie/acookie_0.0.15.js?ver=20220216
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
fcfd64d61b127e1024d67e2c7fdf39105a8ce22900608a9416c316200c9d32da
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 00:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64463
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
x-amz-request-id
NQRBF5DAWD2P6R16
x-amz-id-2
1Ny/ONj8vKxoEhD5ztXdJwoE/OMxKeUGfToMuDgigPiBwuYsesMWMDI/dF9XfGAorTEPBpVGDmQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 20 Mar 2021 03:09:02 GMT
server
ATS
etag
"1842e2915bf5e3090a432d35e3777cb8-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-version-id
3St3_VIz09h.fuBoBPQSi80WB30g5Fkg
x-xss-protection
1; mode=block
cache-control
public,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
desktop-v1.0.70.js
s.yimg.com/pv/static/assistjs/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/pv/static/assistjs/desktop-v1.0.70.js?ver=20220216
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
8ea1ccbe7836c16fca632c2adc594d18c7693e15b8203b44dcb6b500e0d1cb8d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 00:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64463
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
x-amz-request-id
NQR1YBJH9YG6QNCA
x-amz-id-2
GJvjHRWnmaOwaqxZMrTc4sncer2VXvBnetrY2c9K+yOAW+dZLtgV38vsb1KRe1Pg7+fDIcKgZ7w=
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 05 Aug 2019 20:06:24 GMT
server
ATS
etag
"30d9ce3cecc685401da1f1cc6ab45e74-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
public,max-age=315360000
accept-ranges
bytes
vidible-min.js
cdn.vidible.tv/prod/player/js/latest/ 		281 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vidible.tv/prod/player/js/latest/vidible-min.js?ver=20220216
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
898b3b0d1198cb947a851de1fa2b27f1851813dfb396f47bfdc287238bc3e39f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8973
x-amz-server-side-encryption
AES256
x-amz-meta-cache-control
public, must-revalidate, proxy-revalidate, max-age=2419200
x-amz-storage-class
STANDARD_IA
vary
Accept-Encoding
x-amz-request-id
DQTKJ1QAVY9YC579
x-amz-id-2
XEd2D6894wp7sJ5EeaaN3XOjCKvJVbEbyPgk3GyJ9fOMwKJmfAgCi/ZjRLTUDJNB0osmWW/HKmw=
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 30 Aug 2021 22:43:52 GMT
server
ATS
etag
"11a1efff466d5a9ffaf8dcfdc0501f73-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-version-id
null
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f1088469da33e99180e0ba9320ddd95be2a4905e58a886fa030235cd809a420
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53620
x-xss-protection
0
server
cafe
etag
12556162047683803258
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 17:54:23 GMT
GettyImages-1238425069.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/GettyImages-1238425069.jpg?w=600
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
f85d2f99360b499dee9582d6eb85a812efbf4b8db567dc76bc4bab175d09e7cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
141778
x-xss-protection
1; mode=block
x-rq
yyz2 89 30 443
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 Feb 2022 23:38:21 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"7b4292c53fa0f066"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 23:38:21 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/keys/techcrunch.com/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/keys/techcrunch.com/p.js?tc_ver=20220216
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.244.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-244-8.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
5d71e020776bd9760fcba78876a3a725095e041b8ca6b76cd26008aafe95e1ef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:14:02 GMT
Content-Encoding
gzip
Age
74421
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
Last-Modified
Tue, 19 Oct 2021 22:00:17 GMT
Server
nginx
ETag
W/"616f3ff1-e20e"
Content-Type
application/javascript
Via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
EWR53-P1
X-Amz-Cf-Id
Al-E5z0MbeyhAFo79deQ2XdzdELHqBKZssCzp67cHGwOF6M2cAMoSg==
Expires
Wed, 16 Feb 2022 21:14:02 GMT
svv7knm.js
use.typekit.net/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/svv7knm.js?ver=20220216
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82cb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
778f7d76b157fb3ac9fd835d6d1251275f449b01bd41016ffea49314d8080084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Wed, 16 Feb 2022 17:54:23 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6986
check_login
techcrunch.com/wp-json/tc/v1/users/ 		140 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://techcrunch.com/wp-json/tc/v1/users/check_login
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
d77fc177e529814719b32eed97c67034e85522c10d18e536b48fdd3a5c2c0021
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
pass
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow
POST
content-length
130
x-xss-protection
1; mode=block
x-rq
yyz1 0 2 9980
referrer-policy
no-referrer-when-downgrade
server
ATS
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://techcrunch.com
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
access-control-allow-credentials
true
x-robots-tag
noindex
link
<https://techcrunch.com/wp-json/>; rel="https://api.w.org/"
wp-emoji-release.min.js
techcrunch.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techcrunch.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1028043
x-cache
hit
vary
Accept-Encoding
content-length
4926
x-xss-protection
1; mode=block
x-rq
yyz1 0 2 9980
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jan 2022 20:08:00 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
W/"61f058a0-4705"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 17:54:23 GMT
/
techcrunch.com/_static/ 		2 MB
499 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techcrunch.com/_static/??/wp-content/themes/techcrunch-2017/build/ec/js/main.js,/wp-includes/js/wp-embed.min.js?m=1644866395j
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
a71aa670b0a5f2c7a4657c4f5e52d3057e6231606e234bd0e11bff28ee6fbcac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
956
x-cache
hit
vary
Accept-Encoding
content-length
510441
x-xss-protection
1; mode=block
x-rq
yyz1 0 2 9980
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 17:35:49 GMT
server
ATS
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
e-202207.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202207.js
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc
HIT yyz
date
Wed, 16 Feb 2022 17:54:23 GMT
content-encoding
br
server
nginx
etag
W/"61beb1e6-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 06 Feb 2023 05:00:26 GMT
consentRecord
guce.techcrunch.com/v1/ 		79 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://guce.techcrunch.com/v1/consentRecord?consentTypes=iab
Requested by
Host: consent.cmp.oath.com
URL: https://consent.cmp.oath.com/cmp.js?ver=20220216
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-229-46.compute-1.amazonaws.com
Software
guce /
Resource Hash
22c6e1ec3778b739f5b541e03557d5b3404ad1677d41d0f786bf597afd786d7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 17:54:23 GMT
Content-Encoding
gzip
Server
guce
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
HEAD, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://techcrunch.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, User-Agent, X-Forwarded-For, X-Oath-Gcrumb
Content-Length
86
/
techcrunch.com/2022/02/08/ottawa-trucker-freedom-convoy-exposed-donation/embed/ Frame 834B 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://techcrunch.com/2022/02/08/ottawa-trucker-freedom-convoy-exposed-donation/embed/
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS / WordPress VIP <https://wpvip.com>
Resource Hash
510aada1862bed9b809b45f850cf157fe7113b1c005d9d9a1c1188067f41f4a3
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: https:; object-src 'none'; connect-src https: wss:; script-src 'unsafe-inline' https: 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; media-src 'self' blob: data: https:; font-src 'self' data: https://use.typekit.net https://cdn.vidible.tv https://cdnjs.cloudflare.com ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/

Response headers

server
ATS
date
Wed, 16 Feb 2022 17:54:23 GMT
content-type
text/html; charset=UTF-8
content-length
6472
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
host-header
a9130478a60e5f9135f765b23f26593b
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: https:; object-src 'none'; connect-src https: wss:; script-src 'unsafe-inline' https: 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; media-src 'self' blob: data: https:; font-src 'self' data: https://use.typekit.net https://cdn.vidible.tv https://cdnjs.cloudflare.com ;
referrer-policy
no-referrer-when-downgrade
link
<https://techcrunch.com/wp-json/>; rel="https://api.w.org/" <https://techcrunch.com/wp-json/wp/v2/posts/2268225>; rel="alternate"; type="application/json" <https://techcrunch.com/?p=2268225>; rel=shortlink
x-wp-embed
true
x-rq
yyz1 0 2 9980
cache-control
max-age=300, must-revalidate
content-encoding
gzip
age
1072
x-cache
hit
vary
Accept-Encoding
accept-ranges
bytes
strict-transport-security
max-age=31536000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 16 Feb 2022 17:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2911
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5748
x-amz-id-2
051e9UszIiwaHmNWrljvmOdu9RTjgXUL6+DiKCkdirunis7Ix4Z5MhHh+F8SiUbzDQC8DG7rJjk=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 17 Jan 2022 12:00:39 GMT
server
ATS
etag
"13a189bb8f25228852b3279db3659c28-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
ERY8RNHPZQ9AKG10
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges
bytes
content-type
application/javascript
l
use.typekit.net/af/affdf5/00000000000000003b9b0328/27/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/affdf5/00000000000000003b9b0328/27/l?primer=c4e4cd189e2a02025a5d541854cf6393365473590ae827c14608e929984783f1&fvd=n4&v=3
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82cb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0f45a591b60aead8a9ef49a3831ba6ef2366250e78ec1b6d22dc5de323db5494

Request headers

Referer
https://techcrunch.com/
Origin
https://techcrunch.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
server
nginx
etag
"a3906be36882032b84708257b32fbbe63baa9ef5"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26136
l
use.typekit.net/af/90ce96/00000000000000003b9b0329/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/90ce96/00000000000000003b9b0329/27/l?primer=c4e4cd189e2a02025a5d541854cf6393365473590ae827c14608e929984783f1&fvd=i4&v=3
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82cb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a75f265a8dbb53d405e546cabb0bdfaf610e0a192509739cc80538092dd9b81b

Request headers

Referer
https://techcrunch.com/
Origin
https://techcrunch.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
server
nginx
etag
"d8f0db6a3121b6849a3ac006d9d17faed6328da0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24504
l
use.typekit.net/af/b5ce2a/00000000000000003b9b032d/27/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/b5ce2a/00000000000000003b9b032d/27/l?primer=c4e4cd189e2a02025a5d541854cf6393365473590ae827c14608e929984783f1&fvd=n7&v=3
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82cb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
873da1d00e5934492edfc089492acedc263c72c5820410869cd5942a9d6264da

Request headers

Referer
https://techcrunch.com/
Origin
https://techcrunch.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
server
nginx
etag
"0902afe12a91a471b18f7fea859a30187af48bf9"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26360
l
use.typekit.net/af/3e6f7f/00000000000000003b9b032c/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3e6f7f/00000000000000003b9b032c/27/l?primer=c4e4cd189e2a02025a5d541854cf6393365473590ae827c14608e929984783f1&fvd=i7&v=3
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82cb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e8c417a6b1d077bf702eb52ba1bba456552b4640daf4b3be0c65662b1ddb86f6

Request headers

Referer
https://techcrunch.com/
Origin
https://techcrunch.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
server
nginx
etag
"e8a252d1ed4e27bb7adac2a1beda4c7c79f05691"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24560
l
use.typekit.net/af/2223ac/00000000000000003b9b0326/27/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2223ac/00000000000000003b9b0326/27/l?primer=c4e4cd189e2a02025a5d541854cf6393365473590ae827c14608e929984783f1&fvd=n3&v=3
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82cb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
23d98a0ee47915c2ca68398ab6231740174c59edf1be75de3f8b15d48e54fda3

Request headers

Referer
https://techcrunch.com/
Origin
https://techcrunch.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
server
nginx
etag
"7af4d05c36b553e26abb528ba1848ddfff99f1de"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26708
l
use.typekit.net/af/6c4330/00000000000000003b9b0327/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6c4330/00000000000000003b9b0327/27/l?primer=c4e4cd189e2a02025a5d541854cf6393365473590ae827c14608e929984783f1&fvd=i3&v=3
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82cb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e5e10e59eb5bd501f3249b914ad302001b4717e538e053bfde9c83788b2b9395

Request headers

Referer
https://techcrunch.com/
Origin
https://techcrunch.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
server
nginx
etag
"9bcfd8e5c055082d9b5949adf4cf7715661c4741"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24668
l
use.typekit.net/af/97f831/000000000000000000017875/27/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/97f831/000000000000000000017875/27/l?primer=c4e4cd189e2a02025a5d541854cf6393365473590ae827c14608e929984783f1&fvd=n8&v=3
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82cb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9719de30a3b058098c8af2f75524da2e413613ac05f04fac4d46c7366402483f

Request headers

Referer
https://techcrunch.com/
Origin
https://techcrunch.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
server
nginx
etag
"2eb144035ee9718e6537b6c2eebfeb75b5279de4"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27540
l
use.typekit.net/af/291eea/000000000000000000017876/27/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/291eea/000000000000000000017876/27/l?primer=c4e4cd189e2a02025a5d541854cf6393365473590ae827c14608e929984783f1&fvd=i8&v=3
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82cb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b7da68088510b16745f1d6ddbf8b83134f7aef35986a2c293a96aaa84c649832

Request headers

Referer
https://techcrunch.com/
Origin
https://techcrunch.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:23 GMT
server
nginx
etag
"7cc725d544129a076e2f29fcba63ad91c253adbc"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27880
cropped-cropped-favicon-gradient.png
techcrunch.com/wp-content/uploads/2015/02/ Frame 834B 		0
0
wp-emoji-release.min.js
techcrunch.com/wp-includes/js/ Frame 834B 		0
0
428726.json
s.yimg.com/wi/config/ 		44 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/428726.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
b69c2c9b650280c60eda7e10d544a5bd6aa4cc082088c90fe94282fbf757e71d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 16 Feb 2022 15:07:04 GMT
x-content-type-options
nosniff
age
10040
x-amz-server-side-encryption
AES256
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
S9GMB753REG96J4V
x-amz-id-2
PCdpedj8WIhyfYMPiJjng8OVxIPg36r+3F2gOIzlaqSsb7BYUTgrzVrMadA2J5ujR/544hjGb0U=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sun, 13 Mar 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Fri, 05 Feb 2021 19:30:39 GMT
server
ATS
etag
"910ced7c37874621e8795fb6c30dcbe9"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-version-id
knun0EgeHS5lPXmRDT7gKg8A72P755rg
access-control-allow-origin
*
x-xss-protection
1; mode=block
content-length
44
content-type
application/octet-stream
truncated
/ Frame 834B 		196 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eab8de27de645e5b26b6cbd48545a6997f72956e40401714a0be09b2e2fa8d58

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 834B 		397 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 834B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
cs.js
s.yimg.com/cx/vzm/ 		1017 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cx/vzm/cs.js
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/_static/??/wp-content/themes/techcrunch-2017/build/ec/js/main.js,/wp-includes/js/wp-embed.min.js?m=1644866395j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
263f3c06eba4f4b57903b66aadabadc3da9e57715dac5b3418c65220c0f5564b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:48:39 GMT
x-content-type-options
nosniff
age
345
x-amz-server-side-encryption
AES256
vary
Origin
content-length
1017
x-amz-id-2
cVF1FM6N5aOwrzdWaeY/nKL4ml8vbOa2ADep5i5DX9K2IRXZyXybFl2afeO3PZLEbZFq00FfScs=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Mar 2021 17:06:45 GMT
server
ATS
etag
"c25112b42c65d45c9cdc56b5caaeb8dd"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
D7XWCPN2V1RTX0B5
x-xss-protection
1; mode=block
cache-control
public, max-age=600
accept-ranges
bytes
content-type
application/javascript
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/_static/??/wp-content/themes/techcrunch-2017/build/ec/js/main.js,/wp-includes/js/wp-embed.min.js?m=1644866395j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
prMev3EBhJazrkoTGZEpxNFRzm/N7FIkLRFlrKoHPSIkVpQ0cFxRkkCOyCY2Lnswr2nuIUX/IT0CVHQ/B+ZWDQ==
x-fb-trip-id
1512268381
x-frame-options
DENY
date
Wed, 16 Feb 2022 17:54:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/_static/??/wp-content/themes/techcrunch-2017/build/ec/js/main.js,/wp-includes/js/wp-embed.min.js?m=1644866395j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5408
date
Wed, 16 Feb 2022 16:24:16 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 16 Feb 2022 18:24:16 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		275 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/_static/??/wp-content/themes/techcrunch-2017/build/ec/js/main.js,/wp-includes/js/wp-embed.min.js?m=1644866395j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91c990564273d784a8df001580e9e1eccef85200c4b6d26fedaee31529c11a33
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
6106
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-91-183
last-modified
Wed, 16 Feb 2022 07:52:37 GMT
server
cloudflare
etag
W/"281522-1644997957000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.000
cache-control
public, max-age=7200
cf-ray
6de8a413fe017142-YUL
expires
Wed, 16 Feb 2022 19:54:24 GMT
/
techcrunch.com/2022/02/08/ottawa-trucker-freedom-convoy-exposed-donation/embed/ Frame 158E 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://techcrunch.com/2022/02/08/ottawa-trucker-freedom-convoy-exposed-donation/embed/
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/_static/??/wp-content/themes/techcrunch-2017/build/ec/js/main.js,/wp-includes/js/wp-embed.min.js?m=1644866395j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS / WordPress VIP <https://wpvip.com>
Resource Hash
510aada1862bed9b809b45f850cf157fe7113b1c005d9d9a1c1188067f41f4a3
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: https:; object-src 'none'; connect-src https: wss:; script-src 'unsafe-inline' https: 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; media-src 'self' blob: data: https:; font-src 'self' data: https://use.typekit.net https://cdn.vidible.tv https://cdnjs.cloudflare.com ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/

Response headers

server
ATS
date
Wed, 16 Feb 2022 17:54:24 GMT
content-type
text/html; charset=UTF-8
content-length
6472
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
host-header
a9130478a60e5f9135f765b23f26593b
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: https:; object-src 'none'; connect-src https: wss:; script-src 'unsafe-inline' https: 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; media-src 'self' blob: data: https:; font-src 'self' data: https://use.typekit.net https://cdn.vidible.tv https://cdnjs.cloudflare.com ;
referrer-policy
no-referrer-when-downgrade
link
<https://techcrunch.com/wp-json/>; rel="https://api.w.org/" <https://techcrunch.com/wp-json/wp/v2/posts/2268225>; rel="alternate"; type="application/json" <https://techcrunch.com/?p=2268225>; rel=shortlink
x-wp-embed
true
x-rq
yyz1 0 2 9980
cache-control
max-age=300, must-revalidate
content-encoding
gzip
age
1073
x-cache
hit
vary
Accept-Encoding
accept-ranges
bytes
strict-transport-security
max-age=31536000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
types
techcrunch.com/wp-json/tc/v1/newsletters/ 		915 B
355 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://techcrunch.com/wp-json/tc/v1/newsletters/types?premium=0
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/_static/??/wp-content/themes/techcrunch-2017/build/ec/js/main.js,/wp-includes/js/wp-embed.min.js?m=1644866395j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
b00f2089d0ec18d6d9e5e7719bb66e19d6cb8f40cf5737944292d6da6f567d26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Accept-Language
en-CA,en;q=0.9
X-TC-EC-Auth-Token
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-TC-UUID
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56
x-cache
hit
allow
GET
content-length
270
x-xss-protection
1; mode=block
x-rq
yyz1 0 2 9980
referrer-policy
no-referrer-when-downgrade
server
ATS
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
application/json; charset=UTF-8
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
vary
Accept-Encoding, Origin
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex
link
<https://techcrunch.com/wp-json/>; rel="https://api.w.org/"
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
p
3p-geo.yahoo.com/ 		43 B
698 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://3p-geo.yahoo.com/p?s=1197802919&t=lcvnqqxcca4lmEfM,0.23605105666499582&_I=&_AO=0&_NOL=1&_R=&_P=3.53.32%05bx%032co1endh0qeif%26b%3D3%26s%3Dec%04_guc%03AQEBAQFiDotiF0IfLgSq%04_a1s%03d%3DAQABBE86DWICEGrlhMKzzWZTTNUlNbsuYCYFEgEBAQGLDmIXYgAAAAAA_eMAAAcITzoNYrsuYCY%26S%3DAQAAAicU1raOQQTJXWpgFrYj1EE%26j%3DWORLD%04_pl%031%04A_v%033.53.32%04A_cn%03EVERGREEN-PROD%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04A_sid%03LvxTAoBSTeyR8rS9%04_w%03techcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F%04expn%03server%04navtype%03server%04st_sec%03us.tchcr%04ver%03wordpress-vip%04etag%03dwell%2Cstop%04usergenf%031%04A_prets%031645034063%04A_prems%03960%04_E%03dwell%04_ts%031645034064%04_ms%03192%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid3.js?ver=20220216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:24 GMT
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
1
content-type
image/gif
content-length
43
yql
3p-udc.yahoo.com/v2/public/ 		0
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3p-udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=1197802919&yhlCT=2&yhlBTMS=1645034064198&yhlClientVer=3.53.32&yhlRnd=5hOODEpJybCBYvKM&yhlCompressed=0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid3.js?ver=20220216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:22 GMT
server
ATS
age
2
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
p3p
policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin
https://techcrunch.com
cache-control
no-store, no-cache, private, max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
strict-transport-security
max-age=31536000
expires
-1
magazine
techcrunch.com/wp-json/tc/v1/ 		527 KB
87 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://techcrunch.com/wp-json/tc/v1/magazine?page=1&_embed=true&cachePrevention=0
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/_static/??/wp-content/themes/techcrunch-2017/build/ec/js/main.js,/wp-includes/js/wp-embed.min.js?m=1644866395j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
1633bb3b7682fc5b89b4d91bf07adc7a3511a312593321ca3a2274d5a282e6a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Accept-Language
en-CA,en;q=0.9
X-TC-EC-Auth-Token
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-TC-UUID
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9
x-cache
hit
allow
GET
vary
Accept-Encoding, Origin
content-length
89310
x-xss-protection
1; mode=block
x-rq
yyz1 0 2 9980
referrer-policy
no-referrer-when-downgrade
server
ATS
x-wp-totalpages
11187
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
application/json; charset=UTF-8
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=60
x-wp-total
223729
accept-ranges
bytes
x-robots-tag
noindex
link
<https://techcrunch.com/wp-json/>; rel="https://api.w.org/"
do_not_sell_link
techcrunch.com/wp-json/tc/v1/ccpa/ 		99 B
165 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://techcrunch.com/wp-json/tc/v1/ccpa/do_not_sell_link?cachePrevention=1645034064200.6vl44t1hidw8vfqio443
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/_static/??/wp-content/themes/techcrunch-2017/build/ec/js/main.js,/wp-includes/js/wp-embed.min.js?m=1644866395j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
34def6a771d89740567287b5050a9188bd1b604d796cb2b024104d718efd2911
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Accept-Language
en-CA,en;q=0.9
X-TC-EC-Auth-Token
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-TC-UUID
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
miss
allow
GET
x-xss-protection
1; mode=block
x-rq
yyz1 0 2 9980
referrer-policy
no-referrer-when-downgrade
server
ATS
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
application/json; charset=UTF-8
link
<https://techcrunch.com/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding, Origin
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/_static/??/wp-content/themes/techcrunch-2017/build/ec/js/main.js,/wp-includes/js/wp-embed.min.js?m=1644866395j
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D18) /
Resource Hash
1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 17:54:24 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
622
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29179
x-tw-cdn
VZ
Last-Modified
Tue, 01 Feb 2022 20:03:56 GMT
Server
ECS (nyb/1D18)
Etag
"94840c3a0697481258cd2b28513e7509+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
tickets.js
organizer.bizzabo.com/widgets/tickets/ 		159 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://organizer.bizzabo.com/widgets/tickets/tickets.js
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/_static/??/wp-content/themes/techcrunch-2017/build/ec/js/main.js,/wp-includes/js/wp-embed.min.js?m=1644866395j
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.168.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-168-57.compute-1.amazonaws.com
Software
nginx /
Resource Hash
97e7c49b532fcdb24f32a1f72c2a8b0e248e19f0d688acffcb2d3bdead1c2198

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
last-modified
Thu, 30 Dec 2021 07:21:16 GMT
server
nginx
accept-ranges
bytes
etag
"61cd5dec-27b1b"
content-length
162587
content-type
application/javascript
js
jill.fc.yahoo.com/v1/client/ 		245 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v1/client/js
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/_static/??/wp-content/themes/techcrunch-2017/build/ec/js/main.js,/wp-includes/js/wp-embed.min.js?m=1644866395j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
4d95a498cb323fe637b8bd1b65792d4788c46d8df065f21838bc46d69fa6b310
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:46:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447
vary
Accept-Encoding
content-length
191
x-xss-protection
1; mode=block
x-request-id
2858307399fb52e7702396f2a2e67ab9011852
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=900
x-robots-tag
noindex, noarchive, nosnippet, nofollow
GettyImages-1238425069.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		547 KB
547 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/GettyImages-1238425069.jpg?w=1390&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
0d0885974c27951b15c27a69a8d53ed6156fe44066f370f50c3fd7c5ce1502d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
559862
x-xss-protection
1; mode=block
x-rq
yyz2 89 30 443
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 Feb 2022 23:38:22 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"fbdde5e311ca2dfa"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 23:38:22 GMT
GettyImages-1238425069.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/GettyImages-1238425069.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
a1865b0d2f40b489949f2e4e22e7280035c3b678d7c9963c7ae6bb96dd1f016a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
68828
x-xss-protection
1; mode=block
x-rq
yyz1 89 30 443
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 Feb 2022 23:38:22 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"e540c4fb1e12e046"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 23:38:22 GMT
/
p1.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1645034064189&plid=81909517&idsite=techcrunch.com&url=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&sref=&sts=1645034063731&slts=0&title=Hackers+leak+names+of+%E2%80%98Freedom+Convoy%E2%80%99+donors+after+GiveSendGo+breach+%7C+TechCrunch&date=Wed+Feb+16+2022+17%3A54%3A24+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=90558139&u=pid%3D7eb1efdd3557bfdc7eedb4e278878e37
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 17:54:24 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 16-Feb-2022 17:54:24 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.6&blog=136296444&post=2271673&tz=-8&srv=techcrunch.com&host=techcrunch.com&ref=&fcp=379&rand=0.3184925694755043
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 16 Feb 2022 17:54:24 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
p
3p-geo.yahoo.com/ 		43 B
78 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://3p-geo.yahoo.com/p?s=1197802919&t=Ranpc3iEjQMFKbI0,0.3776593429155146&_I=&_AO=0&_NOL=1&_R=&_P=3.53.32%05bx%032co1endh0qeif%26b%3D3%26s%3Dec%04_guc%03AQEBAQFiDotiF0IfLgSq%04_a1s%03d%3DAQABBE86DWICEGrlhMKzzWZTTNUlNbsuYCYFEgEBAQGLDmIXYgAAAAAA_eMAAAcITzoNYrsuYCY%26S%3DAQAAAicU1raOQQTJXWpgFrYj1EE%26j%3DWORLD%04_pl%031%04A_v%033.53.32%04A_cn%03EVERGREEN-PROD%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04_w%03techcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F%04A_sid%03LvxTAoBSTeyR8rS9%04expn%03server%04navtype%03server%04paid%03techcrunch_350%3Dtcr%3A2271673%04pct%03story%04pt%03content%04st_sec%03us.tchcr%04ver%03wordpress-vip%04pl1%03%04A_utm%03%7B%22perf_ttfb%22%3A67%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031645034064%04_ms%03290%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid3.js?ver=20220216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:24 GMT
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-type
image/gif
content-length
43
p
3p-geo.yahoo.com/ 		43 B
75 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://3p-geo.yahoo.com/p?s=1197802919&t=Y4YB0tzbRFsYcofj,0.4814602643831123&_I=&_AO=0&_NOL=1&_R=&_P=3.53.32%05bx%03%04_guc%03%04_a1s%03%04_pl%031%04A_v%033.53.32%04A_cn%03EVERGREEN-PROD%04_bt%03rapid%04A_pr%03https%04A_tzoff%030%04_w%03techcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F%04A_sid%03LvxTAoBSTeyR8rS9%04expn%03server%04navtype%03server%04paid%03techcrunch_350%3Dtcr%3A2271673%04pct%03story%04pt%03content%04st_sec%03us.tchcr%04ver%03wordpress-vip%04pl1%03%04A_utm%03%7B%22perf_fcp%22%3A379%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031645034064%04_ms%03293%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid3.js?ver=20220216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:24 GMT
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
1
content-type
image/gif
content-length
43
sp.pl
sp.analytics.yahoo.com/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2016%20Feb%202022%2017%3A54%3A24%20GMT&n=0&b=Hackers%20leak%20names%20of%20%E2%80%98Freedom%20Convoy%E2%80%99%20donors%20after%20GiveSendGo%20breach%20%7C%20TechCrunch&.yp=428726&f=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&enc=UTF-8&gdpr=0&isOathFirstParty=1&us_privacy=1---&yv=1.12.0&et=custom&ea=page%20view&product_id=%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&site=techcrunch
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spdc.pbp.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Wed, 16 Feb 2022 17:54:24 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Hackers%20leak%20names%20of%20%E2%80%98Freedom%20Convoy%E2%80%99%20donors%20after%20GiveSendGo%20breach%20%7C%20TechCrunch&.yp=428726&f=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&enc=UTF-8&gdpr=0&isOathFirstParty=1&us_privacy=1---&yv=1.12.0&et=custom&ea=page%20view&product_id=%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&site=techcrunch
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spdc.pbp.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Wed, 16 Feb 2022 17:54:24 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/ 		290 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dca8d3f9f5e78c0559e5f3a091165875b6ce61aeaf38c64155e89d2056c64584
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106758
x-xss-protection
0
server
cafe
etag
10104061773811327588
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 17:54:24 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220214/r20190131/ Frame DA71 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220214/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Tue, 15 Feb 2022 21:40:44 GMT
expires
Tue, 01 Mar 2022 21:40:44 GMT
cache-control
public, max-age=1209600
age
72820
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p.gif
p.typekit.net/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=svv7knm&ht=tk&h=techcrunch.com&f=14032.14033.14034.14035.14036.14037.21510.21511&a=7373072&js=1.20.0&app=typekit&e=js&_=1645034064444
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82cb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
last-modified
Fri, 06 Nov 2020 18:49:22 GMT
server
nginx
etag
"5fa59ab2-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=1000009&gdpr=0&gdpr_consent=&cs_ucfr=1&c7=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&c8=Hackers%20leak%20name...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=1000009&gdpr=0&gdpr_consent=&cs_ucfr=1&c7=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&c8=Hackers%20leak%20nam...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=1000009&gdpr=0&gdpr_consent=&cs_ucfr=1&c7=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&c8=Hackers%20leak%20names%20of%20%E2%80%98Freedom%20Convoy%E2%80%99%20donors%20after%20GiveSendGo%20breach%20%7C%20TechCrunch&c9=&ns_c=UTF-8&ns__t=1645034064468
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Server
52.85.61.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-28.ewr53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
via
1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
1KFIRhSB4y1o97669rm7SplCw9vsdkP71xweXTwR-A203TNU0av4Qg==

Redirect headers

date
Wed, 16 Feb 2022 17:54:24 GMT
via
1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/p2?c1=2&c2=1000009&gdpr=0&gdpr_consent=&cs_ucfr=1&c7=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&c8=Hackers%20leak%20names%20of%20%E2%80%98Freedom%20Convoy%E2%80%99%20donors%20after%20GiveSendGo%20breach%20%7C%20TechCrunch&c9=&ns_c=UTF-8&ns__t=1645034064468
content-length
356
x-amz-cf-id
kasoTqi96gDEpaFbcB_7iyilCvmxP3ru2-MZ1hltMnGWieJ6TFJBvA==
cropped-cropped-favicon-gradient.png
techcrunch.com/wp-content/uploads/2015/02/ Frame 158E 		978 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2015/02/cropped-cropped-favicon-gradient.png?w=32
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/08/ottawa-trucker-freedom-convoy-exposed-donation/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
630156a17471251f8d11ddebb87508d5e9d84492270672da83eec5d7eca0a01e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
978
x-xss-protection
1; mode=block
x-rq
yyz1 85 87 443
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Nov 2021 11:04:21 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"d5ce6dcde23bcd7a"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 11:04:21 GMT
wp-emoji-release.min.js
techcrunch.com/wp-includes/js/ Frame 158E 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techcrunch.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/08/ottawa-trucker-freedom-convoy-exposed-donation/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1028044
x-cache
hit
vary
Accept-Encoding
content-length
4926
x-xss-protection
1; mode=block
x-rq
yyz1 0 2 9980
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jan 2022 20:08:00 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
W/"61f058a0-4705"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 17:54:24 GMT
1447508128842484
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1447508128842484?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17bc49d54c8c2999dab2ffeb65363e9937616f57d75f63e8b52e9d030abe97e6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89291
x-xss-protection
0
pragma
public
x-fb-debug
6xjh5fDQpAH7HBTIDpnxk74Zph3dAlOoRuOg9VKFc6uihJ/TIeMjD2/coxX4bQ8r5cbxiZPONGTfsVJ/nL8h2A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 16 Feb 2022 17:54:24 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
jac.js
jac.yahoosandbox.com/0.14.0/ 		153 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.14.0/jac.js
Requested by
Host: jill.fc.yahoo.com
URL: https://jill.fc.yahoo.com/v1/client/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 00:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
496211
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
40241
x-amz-id-2
/vAC7903CDLUkT/HtPEevmzuLWyisfyupYMpIQPyHL9kFJ+jFgUoxlvIT00TCQmUECgQo+hbBSA=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 09:58:30 GMT
server
ATS
etag
"aa505988e9b89104864232dd5ae7e916-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, OPTIONS
x-amz-request-id
5941GJWXKG9GHXQK
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
truncated
/ Frame 158E 		196 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eab8de27de645e5b26b6cbd48545a6997f72956e40401714a0be09b2e2fa8d58

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 158E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 158E 		397 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
widget_iframe.4e067713e19d4fff483536ddc4df18b9.html
platform.twitter.com/widgets/ Frame 86DA 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Ftechcrunch.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1E) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
686746
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Feb 2022 17:54:24 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Tue, 01 Feb 2022 20:00:09 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D1E)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
get.js
buy.tinypass.com/api/v3/anon/captcha/ 		153 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=Fy7FpgyUxA
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b987d94ed8d762772220d579788eb1ddeeeae304e3046dc08dd108d3f8c2aec
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
264
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
C50se7r9OpX
pragma
wn
prod-dash-10-0-130-145
last-modified
Wed, 16 Feb 2022 17:45:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.004
cache-control
public, max-age=1200
cf-ray
6de8a417ab267142-YUL
expires
Wed, 16 Feb 2022 18:14:24 GMT
cx.cce.js
cdn.cxense.com/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:7000:1b7::268b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
53223cc800efd65753dec3ab9c1099a86c6eb0f37a044c45e64b4cd8469a5181

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 17:54:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Feb 2022 15:01:18 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5939
Expires
Wed, 16 Feb 2022 18:54:24 GMT
execute
c2.piano.io/xbuilder/experience/ 		52 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=Fy7FpgyUxA
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c159f1aa46a041641d855f1776f76a46866a9b2dcf63cdf693994aad2e6567e1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
vyhy2s7h32
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://techcrunch.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
6de8a417ef7d7150-YUL
FLvBWViXsAQPHhE.jpeg
techcrunch.com/wp-content/uploads/2022/02/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/FLvBWViXsAQPHhE.jpeg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
4fdc3d93d3a5601cddd91190f4d69ccbfed0f53d603617a1995cdeb63f2a5a28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
20240
x-xss-protection
1; mode=block
x-rq
yyz2 88 47 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 17:35:52 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"761eddb5ec275237"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 17:35:52 GMT
GettyImages-1143927987.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/GettyImages-1143927987.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
47053498fb3acd91194938d6b153683b4b6232bee4b2a29f46b8dce2e99d8f95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
127880
x-xss-protection
1; mode=block
x-rq
yyz1 85 143 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 17:28:10 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"48e34cadc6f679b6"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 17:28:10 GMT
GettyImages-1235580715.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/GettyImages-1235580715.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
968dff73000c5cad9bcb147e022cad42c0df017924f3baff8c99d53f78e5905b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
18792
x-xss-protection
1; mode=block
x-rq
yyz1 91 95 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 17:25:57 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"5b6e676d7cf48198"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 17:25:57 GMT
Rubi-labs-founders-Neeka-R-Leila-L.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/Rubi-labs-founders-Neeka-R-Leila-L.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
227aa7d9685c3643048b4dd7e0bdbed5f11b48a89780c6ddb60b1747b7b661c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
98812
x-xss-protection
1; mode=block
x-rq
yyz1 85 143 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 17:03:40 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"c01b39d82df078aa"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 17:03:40 GMT
okay_screenshot.png
techcrunch.com/wp-content/uploads/2022/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/okay_screenshot.png?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
3e03de2259a78803ce3ccd706072878f713d865a58fe7e50d0f33bc8a18b5288
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
14094
x-xss-protection
1; mode=block
x-rq
yyz2 91 95 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 17:00:50 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"cc4e110acf20b70c"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 17:00:50 GMT
SPOKE-TEAM-1.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/SPOKE-TEAM-1.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
1f0cbb02bbae34e9d62e4fc7e0e40a69a04f5cd798c1ce56bc195cf207a377f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
142486
x-xss-protection
1; mode=block
x-rq
yyz1 91 151 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 16:49:19 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"8ac9a9ab9f8c4b4e"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 16:49:19 GMT
paramount.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/paramount.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
0afd9861cfb70fe36a459d7f60383585f8164c713584cb8421eb7412fb97b797
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
19758
x-xss-protection
1; mode=block
x-rq
yyz1 91 219 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 16:43:43 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"ff7aa2606e3f01e8"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 16:43:43 GMT
early-stage-burns.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/early-stage-burns.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
f543a3d3b2872e9c51de9ea7157f31abe80735b2500299038d13dcc8b34f08e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
10072
x-xss-protection
1; mode=block
x-rq
yyz2 91 52 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 16:10:11 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"c6250c0760ac1951"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 16:10:11 GMT
GettyImages-494389644.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/GettyImages-494389644.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
58652fccc788bc872fd608c8b9d56a6fb82bb4b6e4ca487beecdddc7f1020b2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
17720
x-xss-protection
1; mode=block
x-rq
yyz1 91 151 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 16:01:04 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"5eaaf685491c4e4f"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 16:01:04 GMT
GettyImages-613683936-1.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/GettyImages-613683936-1.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
66a94072ad1b15f2e73365d0971fd8e71fc79a912b1ef67df121276b1aa35cfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
15652
x-xss-protection
1; mode=block
x-rq
yyz1 91 52 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 16:40:07 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"cd2bb8c47cbee379"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 16:40:07 GMT
Nomad_Founders-3-e1644973823514.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/Nomad_Founders-3-e1644973823514.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
175c0f9cb869c40821273eeac5a24c4e2f3ac68c7afde345434b0973e079823a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
17410
x-xss-protection
1; mode=block
x-rq
yyz2 91 95 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 15:02:56 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"3880c13e6b549bdb"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 15:02:56 GMT
equity-podcast.jpeg
techcrunch.com/wp-content/uploads/2022/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/equity-podcast.jpeg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
ea14a15b393e66ecf153e01f45ce2c03c6c819754f1deb4a1563f5ac81f7b4ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
11432
x-xss-protection
1; mode=block
x-rq
yyz1 91 151 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 15:00:26 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"9e1f1aed0825e477"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 15:00:26 GMT
NSussman_Techcrunch_Exchange_v3_RD.jpg
techcrunch.com/wp-content/uploads/2020/05/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2020/05/NSussman_Techcrunch_Exchange_v3_RD.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
724e07c7b16bd3357ff82418323d6122bbb0b292035463add0403db1016ff582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
49342
x-xss-protection
1; mode=block
x-rq
yyz1 85 87 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 14:53:50 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"8246e891c4e68dce"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 14:53:50 GMT
01.png
techcrunch.com/wp-content/uploads/2022/02/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/01.png?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
b5142c18467770afa78d87b96a60e5635a3275733eb2a3007c17465c65f22b77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
62952
x-xss-protection
1; mode=block
x-rq
yyz2 91 219 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 14:42:44 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"daafc8b990ec584e"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 14:42:44 GMT
TCL-2022-february-16-1.jpg
techcrunch.com/wp-content/uploads/2022/01/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/01/TCL-2022-february-16-1.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
b7163fba8c15e32a144ef096abce6359fe8402a7403716a216f9bcb581e5abc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
14482
x-xss-protection
1; mode=block
x-rq
yyz2 89 30 443
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jan 2022 17:01:13 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"88516a0d22d460bd"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 17:01:13 GMT
Vanillavida67of149.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/Vanillavida67of149.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
2e800bf69de415a9c073ef4bd5351fb14d75861b587cc8a96eeec0849dac817e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
40390
x-xss-protection
1; mode=block
x-rq
yyz1 91 219 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 14:30:53 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"e4033e3ee8121488"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 14:30:53 GMT
Spotter-Yellow.jpeg
techcrunch.com/wp-content/uploads/2022/02/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/Spotter-Yellow.jpeg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
4e9f78ab7fd3ba8308cef70f9b187aa8354da49c5fe54fc96a1796ce85fd7952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
9338
x-xss-protection
1; mode=block
x-rq
yyz2 82 84 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 14:02:09 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"8a11d9c4d1293432"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 14:02:09 GMT
PXL_20220209_165303119.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/PXL_20220209_165303119.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
f33fa76dfa8b789f28f418fda80c1f84192c25088bfb0ead1e76044047729b00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
21018
x-xss-protection
1; mode=block
x-rq
yyz2 82 84 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 14:01:47 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"ab37b62b2275bfa2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 14:01:47 GMT
GettyImages-1296946133.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/GettyImages-1296946133.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
2248ec78737c73554aac2f777ef47e835df59b59e506613b44d773d889335349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
61950
x-xss-protection
1; mode=block
x-rq
yyz1 91 219 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 14:00:52 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"b89dbd6ed5f3b274"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 14:00:52 GMT
Zavvy-_-Founders-II.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/Zavvy-_-Founders-II.jpg?w=430&h=230&crop=1
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
db7b15e87fd538a618f7e72f2be084b430943d8bd469dd78a57669db7d0d5ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
39058
x-xss-protection
1; mode=block
x-rq
yyz1 85 87 443
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Feb 2022 14:00:23 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"68114315af125b77"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 14:00:23 GMT
cookie.js
partner.googleadservices.com/gampad/ 		218 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=techcrunch.com&callback=_gfp_s_&client=ca-pub-2508481855317367
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
84cdc3aed853248e434823fc8f7cbed565c453069b8808eaf0a25ce3fd5595c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=techcrunch.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 17:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=techcrunch.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 17:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&tn=DIV&cls=desktop-nav&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&tn=DIV&cls=desktop-nav&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 29D3 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-2508481855317367&output=html&adk=1812271804&adf=3025194257&lmt=1645034064&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645034064428&bpp=3&bdt=1025&idt=398&shv=r20220214&mjsv=m202202090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8108629751974&frm=20&pv=2&ga_vid=775134820.1645034065&ga_sid=1645034065&ga_hid=204180430&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064037%2C31064857%2C31063247%2C31064019&oid=2&pvsid=1075796570593092&pem=681&tmod=2119363519&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=419
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Feb 2022 17:54:24 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Feb 2022 17:54:24 GMT
cache-control
private
GettyImages-1238278201-1.jpg
techcrunch.com/wp-content/uploads/2022/02/ Frame 158E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/GettyImages-1238278201-1.jpg?resize=150,100
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/08/ottawa-trucker-freedom-convoy-exposed-donation/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
fad53d8c09f270d8e145e54163788f3dcc21e77ce92b74e906a5857dd5cb0337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
10106
x-xss-protection
1; mode=block
x-rq
yyz1 88 47 443
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 Feb 2022 15:09:04 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"fbfb362ba6272b2c"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 15:09:04 GMT
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		586 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=Fy7FpgyUxA
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
589c4ce3ccd4584ac0e60e7fadf4565e96f2c257add8259634085b31df79b11a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Coese7rjXop
pragma
no-cache
wn
prod-dash-10-0-114-146
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-time
0.004
cf-ray
6de8a419b9244bca-YUL
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 5861 		736 KB
547 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=Fy7FpgyUxA&templateId=OTOB0H38YGQ3&templateVariantId=OTVQW6JN8FQDT&offerId=fakeOfferId&experienceId=EXC78P3VUPI4&iframeId=offer_c1f94cb00441a37ae829-0&displayMode=inline&widget=template&url=https%3A%2F%2Ftechcrunch.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac94b68b625c3a385b391317f5ea9ab7234025bdf48b1b8b507a6981c1c19b4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/

Response headers

date
Wed, 16 Feb 2022 17:54:24 GMT
content-type
text/html;charset=UTF-8
access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
cache-control
public, max-age=1200
expires
Wed, 16 Feb 2022 18:14:24 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server-time
0.008
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-135-103
x-forwarded-https
on
x-request-id
Cdxie7r3Nqt
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 14:29:37 GMT
cf-cache-status
HIT
age
9759
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6de8a419ca35ecfe-YUL
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cx.js
cdn.cxense.com/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:7000:1b7::268b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 17:54:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Feb 2022 13:47:07 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21887
Expires
Wed, 16 Feb 2022 18:54:24 GMT
safeframe.html
jac.yahoosandbox.com/0.14.0/ Frame 62EF 		414 B
620 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.14.0/safeframe.html
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
84d650f8817b192592459e5188f4db49a48d1fce84f1c76a0c2ffb7777bef813
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/

Response headers

x-amz-id-2
XiTpwBTcF8sixRNV+Du30Y3Km9HH6ZtD57VpOuKIP6be+2XfiO5/kfjvJlC5PjNLLdjVOULYukI=
x-amz-request-id
10N49HF8DX8XSKFQ
date
Wed, 09 Feb 2022 11:13:19 GMT
last-modified
Wed, 09 Feb 2022 09:58:30 GMT
etag
"2791a749a7136a0e23af289d02603b58"
x-amz-server-side-encryption
AES256
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
text/html
server
ATS
content-length
414
referrer-policy
no-referrer-when-downgrade
age
628867
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
js
jill.fc.yahoo.com/v2/ads/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.14.0&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22region%22%3A%22US%22%7D%7D%2C%22positions%22%3A%7B%22leaderboard-article-2271673%22%3A%7B%22params%22%3A%7B%22entryid%22%3A%222271673%22%2C%22cmsid%22%3A%22tcr%3A2271673%22%7D%2C%22alias%22%3A%2293484975%22%2C%22sizes%22%3A%22LB%22%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22Techcrunch%22%2C%22pageSessionId%22%3A%22c88179f9d%22%2C%22spaceId%22%3A1197802919%2C%22url%22%3A%22https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A5%2C%22applies%22%3A0%7D%2C%22ccpa%22%3A%7B%22apiStatus%22%3A5%2C%22usPrivacy%22%3A%221---%22%7D%7D%7D%2C%22requestId%22%3A1%2C%22metrics%22%3Atrue%7D
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
b49577d8ee0a7c4bfd674dd37eb4713ff1d465bd554bb2b35711f0063721cc5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, no-cache, no-store
strict-transport-security
max-age=15552000
x-robots-tag
noindex, noarchive, nosnippet, nofollow
x-content-type-options
nosniff
x-request-id
278dfbefae97186ff7fa8d9f3d119ddf572528
js
jill.fc.yahoo.com/v2/ads/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.14.0&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22region%22%3A%22US%22%7D%7D%2C%22positions%22%3A%7B%22mid-article-2271673%22%3A%7B%22params%22%3A%7B%22entryid%22%3A%222271673%22%2C%22cmsid%22%3A%22tcr%3A2271673%22%2C%22position%22%3A%22nativemidarticle%22%7D%2C%22alias%22%3A%22963922183%22%2C%22sizes%22%3A%5B%226x2%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22Techcrunch%22%2C%22pageSessionId%22%3A%22c88179f9d%22%2C%22spaceId%22%3A1197802919%2C%22url%22%3A%22https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A5%2C%22applies%22%3A0%7D%2C%22ccpa%22%3A%7B%22apiStatus%22%3A5%2C%22usPrivacy%22%3A%221---%22%7D%7D%7D%2C%22requestId%22%3A2%2C%22metrics%22%3Atrue%7D
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
f047e57ca31c7b9b7f0034818363956624c6815ab631b7c2ff73703d59a9f5c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, no-cache, no-store
strict-transport-security
max-age=15552000
x-robots-tag
noindex, noarchive, nosnippet, nofollow
x-content-type-options
nosniff
x-request-id
2777651946743e5995019f06466d7ed8062570
js
jill.fc.yahoo.com/v2/ads/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.14.0&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22region%22%3A%22US%22%7D%7D%2C%22positions%22%3A%7B%22rightrail-article-native-2271673%22%3A%7B%22params%22%3A%7B%22entryid%22%3A%222271673%22%2C%22cmsid%22%3A%22tcr%3A2271673%22%2C%22position%22%3A%22nativerr%22%7D%2C%22alias%22%3A%22963912090%22%2C%22sizes%22%3A%5B%226x2%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22Techcrunch%22%2C%22pageSessionId%22%3A%22c88179f9d%22%2C%22spaceId%22%3A1197802919%2C%22url%22%3A%22https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A5%2C%22applies%22%3A0%7D%2C%22ccpa%22%3A%7B%22apiStatus%22%3A5%2C%22usPrivacy%22%3A%221---%22%7D%7D%7D%2C%22requestId%22%3A3%2C%22metrics%22%3Atrue%7D
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
1c2ce7f3d6651ad28636addf4a66370a39bd4f1ca7fbad632d461492a682250e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, no-cache, no-store
strict-transport-security
max-age=15552000
x-robots-tag
noindex, noarchive, nosnippet, nofollow
x-content-type-options
nosniff
x-request-id
28b90731b73c9edb87f3be0e0b9565bf3f2575
js
jill.fc.yahoo.com/v2/ads/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.14.0&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22region%22%3A%22US%22%7D%7D%2C%22positions%22%3A%7B%22rightrail-article-2271673%22%3A%7B%22params%22%3A%7B%22entryid%22%3A%222271673%22%2C%22cmsid%22%3A%22tcr%3A2271673%22%7D%2C%22alias%22%3A%2293484976%22%2C%22sizes%22%3A%22RR%22%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22Techcrunch%22%2C%22pageSessionId%22%3A%22c88179f9d%22%2C%22spaceId%22%3A1197802919%2C%22url%22%3A%22https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A5%2C%22applies%22%3A0%7D%2C%22ccpa%22%3A%7B%22apiStatus%22%3A5%2C%22usPrivacy%22%3A%221---%22%7D%7D%7D%2C%22requestId%22%3A4%2C%22metrics%22%3Atrue%7D
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
aa3c6b2a9c2524876d8933551e3294c60e5e14679597573de531edc89ef6bebf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, no-cache, no-store
strict-transport-security
max-age=15552000
x-robots-tag
noindex, noarchive, nosnippet, nofollow
x-content-type-options
nosniff
x-request-id
2897967b953717fbd747d54437a6ddc08b2526
js
jill.fc.yahoo.com/v2/ads/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.14.0&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22region%22%3A%22US%22%7D%7D%2C%22positions%22%3A%7B%22rightrail-article-native2-2271673%22%3A%7B%22params%22%3A%7B%22entryid%22%3A%222271673%22%2C%22cmsid%22%3A%22tcr%3A2271673%22%2C%22position%22%3A%22nativerr%22%7D%2C%22alias%22%3A%22963913332%22%2C%22sizes%22%3A%5B%226x2%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22Techcrunch%22%2C%22pageSessionId%22%3A%22c88179f9d%22%2C%22spaceId%22%3A1197802919%2C%22url%22%3A%22https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A5%2C%22applies%22%3A0%7D%2C%22ccpa%22%3A%7B%22apiStatus%22%3A5%2C%22usPrivacy%22%3A%221---%22%7D%7D%7D%2C%22requestId%22%3A5%2C%22metrics%22%3Atrue%7D
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
5ceb8d57b2629cff3c0d744a95ddcf6b91afb756aefa92dd0c55a5a0548b834a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, no-cache, no-store
strict-transport-security
max-age=15552000
x-robots-tag
noindex, noarchive, nosnippet, nofollow
x-content-type-options
nosniff
x-request-id
277a1e8090c7b790cd3b24568450dc7ab92576
js
jill.fc.yahoo.com/v2/ads/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.14.0&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22region%22%3A%22US%22%7D%7D%2C%22positions%22%3A%7B%22rightrail2-article-2271673%22%3A%7B%22params%22%3A%7B%22entryid%22%3A%222271673%22%2C%22cmsid%22%3A%22tcr%3A2271673%22%7D%2C%22alias%22%3A%22963913913%22%2C%22sizes%22%3A%22RR%22%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22Techcrunch%22%2C%22pageSessionId%22%3A%22c88179f9d%22%2C%22spaceId%22%3A1197802919%2C%22url%22%3A%22https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A5%2C%22applies%22%3A0%7D%2C%22ccpa%22%3A%7B%22apiStatus%22%3A5%2C%22usPrivacy%22%3A%221---%22%7D%7D%7D%2C%22requestId%22%3A6%2C%22metrics%22%3Atrue%7D
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
3cfc040cbb8778b4e7f499ac9b75a40e4169bdb66ee3f455cf0822782fe0da5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, no-cache, no-store
strict-transport-security
max-age=15552000
x-robots-tag
noindex, noarchive, nosnippet, nofollow
x-content-type-options
nosniff
x-request-id
27fc38d29e55a19a6d2ffc851c604d3ac02528
js
jill.fc.yahoo.com/v2/ads/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.14.0&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22region%22%3A%22US%22%7D%7D%2C%22positions%22%3A%7B%22footer-article-2271673%22%3A%7B%22params%22%3A%7B%22entryid%22%3A%222271673%22%2C%22cmsid%22%3A%22tcr%3A2271673%22%7D%2C%22alias%22%3A%22963908972%22%2C%22sizes%22%3A%22LB%22%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22Techcrunch%22%2C%22pageSessionId%22%3A%22c88179f9d%22%2C%22spaceId%22%3A1197802919%2C%22url%22%3A%22https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A5%2C%22applies%22%3A0%7D%2C%22ccpa%22%3A%7B%22apiStatus%22%3A5%2C%22usPrivacy%22%3A%221---%22%7D%7D%7D%2C%22requestId%22%3A7%2C%22metrics%22%3Atrue%7D
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
f191efb0e7d96a6d0dac16f55ab188a1da3013d2fd43743d109f52e2c9e993ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, no-cache, no-store
strict-transport-security
max-age=15552000
x-robots-tag
noindex, noarchive, nosnippet, nofollow
x-content-type-options
nosniff
x-request-id
27c633943127817b7cfc477494f692e8602524
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 5861 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=Fy7FpgyUxA&templateId=OTOB0H38YGQ3&templateVariantId=OTVQW6JN8FQDT&offerId=fakeOfferId&experienceId=EXC78P3VUPI4&iframeId=offer_c1f94cb00441a37ae829-0&displayMode=inline&widget=template&url=https%3A%2F%2Ftechcrunch.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=Fy7FpgyUxA&templateId=OTOB0H38YGQ3&templateVariantId=OTVQW6JN8FQDT&offerId=fakeOfferId&experienceId=EXC78P3VUPI4&iframeId=offer_c1f94cb00441a37ae829-0&displayMode=inline&widget=template&url=https%3A%2F%2Ftechcrunch.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
6102
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-80-8
last-modified
Mon, 14 Feb 2022 13:52:46 GMT
server
cloudflare
etag
W/"33843-1644846766000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/css
server-time
0.000
cache-control
public, max-age=7200
cf-ray
6de8a41b7be4ecfe-YUL
expires
Wed, 16 Feb 2022 19:54:25 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 5861 		80 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=Fy7FpgyUxA&version=1548246034000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=Fy7FpgyUxA&templateId=OTOB0H38YGQ3&templateVariantId=OTVQW6JN8FQDT&offerId=fakeOfferId&experienceId=EXC78P3VUPI4&iframeId=offer_c1f94cb00441a37ae829-0&displayMode=inline&widget=template&url=https%3A%2F%2Ftechcrunch.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a556bcc4e872322c770e889c66f311ecef9f26a73c765777bf3695c6dd8448
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=Fy7FpgyUxA&templateId=OTOB0H38YGQ3&templateVariantId=OTVQW6JN8FQDT&offerId=fakeOfferId&experienceId=EXC78P3VUPI4&iframeId=offer_c1f94cb00441a37ae829-0&displayMode=inline&widget=template&url=https%3A%2F%2Ftechcrunch.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Cpese7rI7Ci
pragma
wn
prod-dash-10-0-130-145
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=UTF-8
server-time
0.004
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
6de8a41b7be5ecfe-YUL
expires
Thu, 17 Feb 2022 12:54:25 EST
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 5861 		59 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=14.86.1
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=Fy7FpgyUxA&templateId=OTOB0H38YGQ3&templateVariantId=OTVQW6JN8FQDT&offerId=fakeOfferId&experienceId=EXC78P3VUPI4&iframeId=offer_c1f94cb00441a37ae829-0&displayMode=inline&widget=template&url=https%3A%2F%2Ftechcrunch.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
446ddb7dc616e94753169f8df79f7bbb35ef2c905fc2623dc6cb79a590c730ba
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=Fy7FpgyUxA&templateId=OTOB0H38YGQ3&templateVariantId=OTVQW6JN8FQDT&offerId=fakeOfferId&experienceId=EXC78P3VUPI4&iframeId=offer_c1f94cb00441a37ae829-0&displayMode=inline&widget=template&url=https%3A%2F%2Ftechcrunch.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
34906
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-138-23
last-modified
Wed, 16 Feb 2022 12:19:04 GMT
server
cloudflare
etag
W/"60765-1645013944000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=UTF-8
server-time
0.000
cache-control
public, max-age=86400
cf-ray
6de8a41b7be7ecfe-YUL
expires
Thu, 17 Feb 2022 17:54:25 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 5861 		519 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=14.86.1
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=Fy7FpgyUxA&templateId=OTOB0H38YGQ3&templateVariantId=OTVQW6JN8FQDT&offerId=fakeOfferId&experienceId=EXC78P3VUPI4&iframeId=offer_c1f94cb00441a37ae829-0&displayMode=inline&widget=template&url=https%3A%2F%2Ftechcrunch.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c5dcb03ef2ed2ab24222408b878863a65198f23b048caff75bf9fcc9ca31548
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=Fy7FpgyUxA&templateId=OTOB0H38YGQ3&templateVariantId=OTVQW6JN8FQDT&offerId=fakeOfferId&experienceId=EXC78P3VUPI4&iframeId=offer_c1f94cb00441a37ae829-0&displayMode=inline&widget=template&url=https%3A%2F%2Ftechcrunch.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2490
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-200-132-125
last-modified
Mon, 14 Feb 2022 13:52:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/javascript
server-time
0.005
cache-control
public, max-age=602301
x-optimized-by
_sam
cf-ray
6de8a41b7be8ecfe-YUL
expires
Wed, 23 Feb 2022 17:12:46 GMT
jac.js
jac.yahoosandbox.com/0.14.0/ Frame 62EF 		153 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.14.0/jac.js
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/safeframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 00:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
496212
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
40241
x-amz-id-2
/vAC7903CDLUkT/HtPEevmzuLWyisfyupYMpIQPyHL9kFJ+jFgUoxlvIT00TCQmUECgQo+hbBSA=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 09:58:30 GMT
server
ATS
etag
"aa505988e9b89104864232dd5ae7e916-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, OPTIONS
x-amz-request-id
5941GJWXKG9GHXQK
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
settings
syndication.twitter.com/ Frame 86DA 		295 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=7101c617f5502221d0cba1a27f007ed2c82fe040
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Ftechcrunch.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
5cd47de00d8c1fe3cf68abf6f0835fd573be437a131e343076455ff95a63b6ca
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time
8
date
Wed, 16 Feb 2022 17:54:24 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 17:54:25 GMT
server
tsa_b
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
2c0b85639ec23930c2f2138aa74f9d737b560969a6a4ac94f5ce1acaf51f3a41
content-length
191
jac.js
jac.yahoosandbox.com/0.14.0/ Frame 091D 		153 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.14.0/jac.js
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 00:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
496212
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
40241
x-amz-id-2
/vAC7903CDLUkT/HtPEevmzuLWyisfyupYMpIQPyHL9kFJ+jFgUoxlvIT00TCQmUECgQo+hbBSA=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 09:58:30 GMT
server
ATS
etag
"aa505988e9b89104864232dd5ae7e916-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, OPTIONS
x-amz-request-id
5941GJWXKG9GHXQK
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
jac.js
jac.yahoosandbox.com/0.14.0/ Frame B51B 		153 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.14.0/jac.js
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 00:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
496212
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
40241
x-amz-id-2
/vAC7903CDLUkT/HtPEevmzuLWyisfyupYMpIQPyHL9kFJ+jFgUoxlvIT00TCQmUECgQo+hbBSA=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 09:58:30 GMT
server
ATS
etag
"aa505988e9b89104864232dd5ae7e916-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, OPTIONS
x-amz-request-id
5941GJWXKG9GHXQK
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
jac.js
jac.yahoosandbox.com/0.14.0/ Frame 1BAE 		153 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.14.0/jac.js
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 00:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
496212
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
40241
x-amz-id-2
/vAC7903CDLUkT/HtPEevmzuLWyisfyupYMpIQPyHL9kFJ+jFgUoxlvIT00TCQmUECgQo+hbBSA=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 09:58:30 GMT
server
ATS
etag
"aa505988e9b89104864232dd5ae7e916-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, OPTIONS
x-amz-request-id
5941GJWXKG9GHXQK
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
jac.js
jac.yahoosandbox.com/0.14.0/ Frame 10E4 		153 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.14.0/jac.js
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 00:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
496212
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
40241
x-amz-id-2
/vAC7903CDLUkT/HtPEevmzuLWyisfyupYMpIQPyHL9kFJ+jFgUoxlvIT00TCQmUECgQo+hbBSA=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 09:58:30 GMT
server
ATS
etag
"aa505988e9b89104864232dd5ae7e916-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, OPTIONS
x-amz-request-id
5941GJWXKG9GHXQK
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
sp1.html
cdn.cxense.com/ Frame 426B 		684 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:7000:1b7::268b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/

Response headers

Accept-Ranges
bytes
Last-Modified
Tue, 11 Jan 2022 07:21:04 GMT
Server
AkamaiNetStorage
Content-Length
379
Cache-Control
max-age=864000
Expires
Sat, 26 Feb 2022 17:54:25 GMT
Date
Wed, 16 Feb 2022 17:54:25 GMT
Connection
keep-alive
Content-Type
text/html
Content-Encoding
gzip
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
data
api.cxense.com/public/widget/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22testgroup%22%3A%2221%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22userState%22%2C%22value%22%3A%22anon%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2221%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F%22%7D%2C%22widgetId%22%3A%226e0303d080416bd516083a20bfda8e454c624792%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22kzput3uendqckbcz%22%7D%7D%2C%22prnd%22%3A%22kzput3uh2iqsvshf%22%7D&media=javascript&sid=1138587180028561571&widgetId=6e0303d080416bd516083a20bfda8e454c624792&resizeToContentSize=true&useSecureUrls=true&usi=kzput3uendqckbcz&rnd=290342929&prnd=kzput3uh2iqsvshf&tzo=0&callback=cXJsonpCBkzput4ohx2brcqgs
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
68bd0d8dd6c8f4300250c8799251f2c1b3059254847423ce68716d02a02d360f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
5514
expires
Mon, 26 Jul 1997 05:00:00 GMT
sp_It0mQWOO
launcher.spot.im/spot/ Frame 62EF 		264 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_It0mQWOO
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-28.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c22f24b495a329bd23c63495f5d37df3bb01b46e6d06223038d5f0d54602340

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
br
last-modified
Wed, 16 Feb 2022 15:59:15 GMT
server
AmazonS3
age
1
etag
"46964ba89c130d7226650d884928f5ff"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
65433
x-amz-cf-id
7Qlj8cqVlWxL7LLLn7k2UekB04MgsBEKUHHQBquuS0g_FGEdP0ER7Q==
moatad.js
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame 091D 		318 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:3d5b:386b:a42c:93aa:d404 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/471D) /
Resource Hash
8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
gzip
etag
"aa62c7ba3a7a6ecebca3f300865bf8d6+gzip"
last-modified
Wed, 15 Jul 2020 12:58:13 GMT
server
ECAcc (nyb/471D)
age
2296
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
x-amz-request-id
N4JC8K4J4BHCW97V
content-length
108947
x-amz-id-2
aL3ZCCGtr3YQhrscx+/2IDa29eVXbUiM3U2ToW+Ld8NV0EqKzCXEursGRc6fBv4XNRi7JeBYOxw=
Ad0St1Sz2466Sq0V0Id26844414.jpg
aka-cdn.adtechus.com/images/254/ Frame 091D 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aka-cdn.adtechus.com/images/254/Ad0St1Sz2466Sq0V0Id26844414.jpg
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:3d5b:386b:a42c:93aa:d404 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/4737) /
Resource Hash
8a6549e0b8027fc0c8da2fc94088a68a4484a019fd3ff1d4233d262da23ad411

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
etag
"ebc15e0529b879b94fa964c8369ae960"
last-modified
Wed, 09 Feb 2022 18:58:23 GMT
server
ECAcc (nyb/4737)
age
599386
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
image/jpeg
x-amz-request-id
CGJBXR92MTFZAB6A
accept-ranges
bytes
content-length
171958
x-amz-id-2
1gtpByB7r2oU0UTbdHVjfGT1Bg7bktn6nvfxaUOYNhIKc3ePq5hAg9XaVCqjPnvlHTiHe8z6nw8=
adcount%7C2.0%7C5113.1%7C3739766%7C0%7C2466%7CAdId=11164227;BnId=2;ct=1461124934;st=5974;adcid=1;itime=34065125;reqtype=5;guid=7sdeha9h0qeig&b=3&s=e2;;impref=16450340653401604997;imprefseq=12809924...
25.at.atwola.com/ Frame 091D 		1 B
33 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://25.at.atwola.com/adcount%7C2.0%7C5113.1%7C3739766%7C0%7C2466%7CAdId=11164227;BnId=2;ct=1461124934;st=5974;adcid=1;itime=34065125;reqtype=5;guid=7sdeha9h0qeig&b=3&s=e2;;impref=16450340653401604997;imprefseq=128099242429387519;imprefts=1645034065;spaceid=1197802919;pvid=c88179f9d;kvgrp=c88179f9d;kvsecure=true;kvcmsid=tcr:2271673;kventryid=2271673;kvmn=93484975;kvpg=techcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo;gdpr=0;us_privacy=1---;
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:25 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
no-store, no-cache
content-length
1
x-content-type-options
nosniff
expires
Mon, 15 Jun 1998 00:00:00 GMT
moatad.js
aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/ Frame 1BAE 		318 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:3d5b:386b:a42c:93aa:d404 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/471D) /
Resource Hash
8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
content-encoding
gzip
etag
"aa62c7ba3a7a6ecebca3f300865bf8d6+gzip"
last-modified
Wed, 15 Jul 2020 12:58:13 GMT
server
ECAcc (nyb/471D)
age
2296
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
x-amz-request-id
N4JC8K4J4BHCW97V
content-length
108947
x-amz-id-2
aL3ZCCGtr3YQhrscx+/2IDa29eVXbUiM3U2ToW+Ld8NV0EqKzCXEursGRc6fBv4XNRi7JeBYOxw=
adchoicesi.png
o.aolcdn.com/ads/ Frame 1BAE 		565 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.aolcdn.com/ads/adchoicesi.png
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:16d2:d9:26d7:10a3:cf1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/475F) /
Resource Hash
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
nel
{"report_to": "default", "max_age": 604800, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age
78620
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-request-id
PYPN77ERMM985MQV
x-amz-id-2
PWsdc1wHmJxlIE1rAmMJ9kuT8XXomvCyRQGsNyJQX1EeaOe6Vmdlcbps0FB7ABvsJMlfagIzi1M=
accept-ranges
bytes
x-amz-expiration
expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Fri, 19 Apr 2019 19:06:05 GMT
server
ECAcc (nyb/475F)
etag
"349bad1100a940608cb9109eb2b166a2"
report-to
{"group": "default", "max_age":604800, "endpoints":[{"url":"https://report.edgecast.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
x-amz-version-id
null
cache-control
public,max-age=86400
content-length
565
content-type
image/png
adchoices.png
o.aolcdn.com/ads/ Frame 1BAE 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.aolcdn.com/ads/adchoices.png
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:16d2:d9:26d7:10a3:cf1 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/46A2) /
Resource Hash
98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
nel
{"report_to": "default", "max_age": 604800, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age
59675
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-request-id
YTN37C18VF1A2RQN
x-amz-id-2
EIqKlT8OviChO526hm9uY6qkEimme6hnUK2hLGbz25820N3hz40m8vHhF4spcgLbBHwujBBZdS8=
accept-ranges
bytes
x-amz-expiration
expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Fri, 19 Apr 2019 19:06:05 GMT
server
ECAcc (nyb/46A2)
etag
"eec84c9335d53d358f4b61c925c376e9"
report-to
{"group": "default", "max_age":604800, "endpoints":[{"url":"https://report.edgecast.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
x-amz-version-id
null
cache-control
public,max-age=86400
content-length
1308
content-type
image/png
Ad0St1Sz529Sq0V0Id26844413.jpg
aka-cdn.adtechus.com/images/253/ Frame 1BAE 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aka-cdn.adtechus.com/images/253/Ad0St1Sz529Sq0V0Id26844413.jpg
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:3d5b:386b:a42c:93aa:d404 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/4790) /
Resource Hash
72a2fe18367bc541725b2d08b9d66ca98f7a8f613a7bdfb3727b1b1a79d48d87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
etag
"96e071e7fdc9ea8f021f6aec9b077348"
last-modified
Wed, 09 Feb 2022 18:58:23 GMT
server
ECAcc (nyb/4790)
age
599840
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
image/jpeg
x-amz-request-id
ZY766VJMAQC93MVH
accept-ranges
bytes
content-length
203640
x-amz-id-2
o+pT50EaTxw8Y7aLNOdcNCMATGI78XHqBfdk4MKq1qLm4g+QkmiDTrCUefgKVJFTDbK4EJmfgC4=
adcount%7C2.0%7C5113.1%7C3739767%7C0%7C529%7CAdId=11164227;BnId=3;ct=1461159380;st=7281;adcid=1;itime=34065231;reqtype=5;guid=7sdeha9h0qeig&b=3&s=e2;;impref=16450340653292551589;imprefseq=243222452...
25.at.atwola.com/ Frame 1BAE 		1 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://25.at.atwola.com/adcount%7C2.0%7C5113.1%7C3739767%7C0%7C529%7CAdId=11164227;BnId=3;ct=1461159380;st=7281;adcid=1;itime=34065231;reqtype=5;guid=7sdeha9h0qeig&b=3&s=e2;;impref=16450340653292551589;imprefseq=243222452069470951;imprefts=1645034065;spaceid=1197802919;pvid=c88179f9d;kvgrp=c88179f9d;kvsecure=true;kvcmsid=tcr:2271673;kventryid=2271673;kvmn=93484976;kvpg=techcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo;gdpr=0;us_privacy=1---;
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:25 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
no-store, no-cache
content-length
1
x-content-type-options
nosniff
expires
Mon, 15 Jun 1998 00:00:00 GMT
adcount%7C2.0%7C5113.1%7C5266037%7C0%7C1945%7CAdId=5208247;BnId=1;ct=1461153292;st=5311;adcid=1;itime=34065213;reqtype=5;guid=7sdeha9h0qeig&b=3&s=e2;;impref=16450340653309327007;imprefseq=582934009...
25.at.atwola.com/ Frame B51B 		1 B
33 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://25.at.atwola.com/adcount%7C2.0%7C5113.1%7C5266037%7C0%7C1945%7CAdId=5208247;BnId=1;ct=1461153292;st=5311;adcid=1;itime=34065213;reqtype=5;guid=7sdeha9h0qeig&b=3&s=e2;;impref=16450340653309327007;imprefseq=58293400960504636;imprefts=1645034065;spaceid=1197802919;pvid=c88179f9d;kvgrp=c88179f9d;kvsecure=true;kvpg=techcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo;kvmn=963912090;kvposition=nativerr;kvcmsid=tcr:2271673;kventryid=2271673;gdpr=0;us_privacy=1---;
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:25 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
no-store, no-cache
content-length
1
x-content-type-options
nosniff
expires
Mon, 15 Jun 1998 00:00:00 GMT
adcount%7C2.0%7C5113.1%7C5268513%7C0%7C1945%7CAdId=5208247;BnId=1;ct=1461165926;st=5322;adcid=1;itime=34065250;reqtype=5;guid=7sdeha9h0qeig&b=3&s=e2;;impref=16450340653116395601;imprefseq=338049792...
25.at.atwola.com/ Frame 10E4 		1 B
33 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://25.at.atwola.com/adcount%7C2.0%7C5113.1%7C5268513%7C0%7C1945%7CAdId=5208247;BnId=1;ct=1461165926;st=5322;adcid=1;itime=34065250;reqtype=5;guid=7sdeha9h0qeig&b=3&s=e2;;impref=16450340653116395601;imprefseq=33804979202429601;imprefts=1645034065;spaceid=1197802919;pvid=c88179f9d;kvgrp=c88179f9d;kvsecure=true;kvpg=techcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo;kvmn=963913332;kvposition=nativerr;kvcmsid=tcr:2271673;kventryid=2271673;gdpr=0;us_privacy=1---;
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:25 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
no-store, no-cache
content-length
1
x-content-type-options
nosniff
expires
Mon, 15 Jun 1998 00:00:00 GMT
cx.js
cdn.cxense.com/ Frame 426B 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:7000:1b7::268b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 17:54:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Feb 2022 13:47:07 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21887
Expires
Wed, 16 Feb 2022 18:54:25 GMT
GettyImages-1238278201-1.jpg
techcrunch.com/wp-content/uploads/2022/02/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/02/GettyImages-1238278201-1.jpg?w=600
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
30db497779a0966205a5444b00224525b23cd803e0ccec2d3a447995a16dd2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
76012
x-xss-protection
1; mode=block
x-rq
yyz1 88 47 443
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 20:50:36 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"7843b852493d78ef"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 20:50:36 GMT
GettyImages-458050736.jpg
techcrunch.com/wp-content/uploads/2022/01/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2022/01/GettyImages-458050736.jpg?w=596
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
036fd6bed98c9770a40c936d97bef1b0be8520e63115a5a7855e2105a417a5a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
55314
x-xss-protection
1; mode=block
x-rq
yyz1 88 47 443
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 20 Jan 2022 15:58:15 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"8123c914adc8ce4b"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 15:58:15 GMT
Dreamforce_2018_Bret_Taylor.jpg
techcrunch.com/wp-content/uploads/2019/12/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2019/12/Dreamforce_2018_Bret_Taylor.jpg?w=600
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:124:1704::5000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
07f16185a125828aeb99720a290d83c00d922eedf7014b9e5f205d04e8ee67b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
x-content-type-options
nosniff
age
0
x-cache
HIT
vary
Accept
content-length
58400
x-xss-protection
1; mode=block
x-rq
yyz2 85 143 443
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 03 Dec 2021 02:34:05 GMT
server
ATS
x-frame-options
SAMEORIGIN
etag
"bb6d20210ea1b703"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 02:34:05 GMT
events
direct-events-collector.spot.im/api/v2/ Frame 62EF 		0
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_It0mQWOO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-91.ewr52.r.cloudfront.net
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
via
1.1 bc6981f82440e44448ee5dd3577bf4f4.cloudfront.net (CloudFront)
server
fasthttp
x-amz-cf-pop
EWR52-C1
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://jac.yahoosandbox.com
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
x-amz-cf-id
EkP02TrCUxzi6szQqzvyadUHDFa2PJCJYB7YV0vkN_ZVYj-rahGQFg==
safe-frame-handler-bundle.js
static-cdn.spot.im/production/launcher/tags/v2.71.8/launcher/ Frame 62EF 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v2.71.8/launcher/safe-frame-handler-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_It0mQWOO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-100.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8463e34733b0c084ce562cf93dec869fe8199084f7332691d51669f97f810090

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:58:27 GMT
content-encoding
br
age
6959
x-cache
Hit from cloudfront
content-length
3265
last-modified
Wed, 16 Feb 2022 08:25:18 GMT
server
AmazonS3
etag
"7def419d9e334e46953d6a9e74c808f9"
vary
Origin
x-amz-version-id
0z5Ra.JxaHoDlEt4fhQLS8rRHeqTvm8v
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
tLik2BwYhKa6QxhoVN2RIJ1hmhBgWnsV6L7tEMtU1ZzEsR9kXbwqGQ==
p1.js
p1cluster.cxense.com/ Frame 426B 		47 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
9108c97fd79a9c52f825a7b17a40903b308dba450ca88ce8617f6380326953b9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
last-modified
Mon, 16 Aug 2021 17:54:25 GMT
server
Jetty(9.4.28.v20200408)
etag
303om56bpr0rj2qxti8zc1h70j
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
private, proxy-revalidate
content-type
text/javascript;charset=utf-8
content-length
47
expires
Thu, 16 Feb 2023 17:54:25 GMT
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 5861 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
cf-cache-status
HIT
age
6101
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2177
wn
prod-dash-10-0-114-118
last-modified
Wed, 16 Feb 2022 12:30:50 GMT
server
cloudflare
etag
W/"2177-1645014650000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6de8a42018e2ecfe-YUL
expires
Wed, 16 Feb 2022 19:54:25 GMT
truncated
/ Frame 5861 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b333a5434d43b106cef9028a3eb82c58b2ec53d036a5952e85865584b8f9506

Request headers

Referer
Origin
https://buy.tinypass.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ Frame 5861 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdc70cef973465de611ee913219b5fab1c020430681ad6e16c766ad74ff59e21

Request headers

Referer
Origin
https://buy.tinypass.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ Frame 5861 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
328b1b063a08d0bf0dd7f19dd944c6b0263e8106e55b86e00b4b08c8c53b94ae

Request headers

Referer
Origin
https://buy.tinypass.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
n.js
geo.moatads.com/ 		84 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%40UWf5%2Bd%3BrR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ADTECHBRANDS1&hp=1&wf=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1645034065947&de=778550687969&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=2&cb=0&ym=0&cu=1645034065947&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=11162627%3A11164227%3A26844414%3A-&zMoatBannerInfo=496735468&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739766&zMoatAlias=93484975&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A379%3A379%3A0%3A947&fs=182630&na=608057333&cs=0&callback=DOMlessLLDcallback_14660081
Requested by
Host: aka-cdn.adtechus.com
URL: https://aka-cdn.adtechus.com/media/moat/adtechbrands092348fjlsmdhlwsl239fh3df/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.81.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-81-2.compute-1.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
8f528bfec27c52159a668c585f5d35fcae1b8b4af3f2fd4cef6aa802b89db9a8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"30ca415df25bb7a322b77be742a7747a8133e9f2"
content-length
84
content-type
text/html; charset=UTF-8
pixel.gif
apx.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apx.moatads.com/pixel.gif?e=17&i=ADTECHBRANDS1&hp=1&wf=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1645034065947&de=778550687969&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=3&cb=0&ym=0&cu=1645034065947&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=11162627%3A11164227%3A26844414%3A-&zMoatBannerInfo=496735468&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739766&zMoatAlias=93484975&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A379%3A379%3A0%3A947&fs=182630&na=1781933232&cs=0
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-201-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 16 Feb 2022 17:54:26 GMT
device-load
api-2-0.spot.im/v1.0.0/ Frame 62EF 		36 B
913 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_It0mQWOO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-55.ewr53.r.cloudfront.net
Software
fasthttp /
Resource Hash
2ccef1b129ed6450fdb43ca07cbadafc2be4626eee1ad9c4c63bb45d951bec39

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
via
1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
x-spotim-device-uuid
120e5fe7-e5f9-4ea6-b842-2bbbd0391c08
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
content-length
36
x-guid
120e5fe7-e5f9-4ea6-b842-2bbbd0391c08
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://jac.yahoosandbox.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
x-amz-cf-id
mcCYAKPsDFPBxxBfHrskqcBxdJpClGUi04UnbWGZh_33FxOHjiCbRg==
rep.gif
comcluster.cxense.com/Repo/ Frame 426B 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.3.1&typ=pgv&rnd=kzput3uh2iqsvshf&sid=1138587180028561571&loc=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&new=0&arf=0&ltm=1645034065187&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kzput4o8ey6ppw1e&ckp=kzput3uendqckbcz&glb=&cp_userState=anon&cst=303om56bpr0rj2qxti8zc1h70j
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		117 B
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22kzput3uendqckbcz%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%22303om56bpr0rj2qxti8zc1h70j%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%22303om56bpr0rj2qxti8zc1h70j%22%7D%5D%2C%22siteId%22%3A%221138587180028561571%22%2C%22location%22%3A%22https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F%22%7D&callback=cXJsonpCBkzput533os4x8jaj
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
cd4e3402d3d2ed084e5e62cd0abb106641cc446487409c2da82d140119e89644
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
117
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel.gif
apx.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apx.moatads.com/pixel.gif?e=17&i=ADTECHBRANDS1&hp=1&wf=1&vb=-1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1645034066129&de=662366360845&m=0&ar=da8ed23e15-clean&iw=7e8212f&q=7&cb=0&ym=0&cu=1645034066129&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=11162627%3A11164227%3A26844413%3A-&zMoatBannerInfo=496735466&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739767&zMoatAlias=93484976&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A379%3A379%3A0%3A947&fs=182630&na=1634448395&cs=0
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-201-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 16 Feb 2022 17:54:26 GMT
sprite.svg
static-cdn.spot.im/production/icons/sprites/ Frame 62EF 		22 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_It0mQWOO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-100.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c61f16ac3df810ae126b54c4b84242d0187a98d19d4e4616b9174e9d8965f93c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
AiKnsTsFHz7U3Wk9XyxOhsSaQMioKS03
content-encoding
br
last-modified
Wed, 26 Jan 2022 15:03:56 GMT
server
AmazonS3
age
31548
etag
W/"8b33c2b916af5efbd2d48928befbf760"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
date
Wed, 16 Feb 2022 09:08:43 GMT
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
YZMlvUdU-yEnoIlnxPuv9nzHaxs1DarG8OaDoes1z4Kuc96IzHViqg==
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
2271673
seo.spot.im/v2/article//sp_It0mQWOO/ Frame 62EF 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://seo.spot.im/v2/article//sp_It0mQWOO/2271673?json=true
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_It0mQWOO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.223.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-223-65.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
877ff3ef7decafbe11071ad9eeb8a2a93a2b5190061a59f491651cbc3793e7e6

Request headers

Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
content-encoding
gzip
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://jac.yahoosandbox.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode
2271673
api-2-0.spot.im/v1.0.0/config/ab_test/sp_It0mQWOO/ Frame 62EF 		117 B
855 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_It0mQWOO/2271673
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_It0mQWOO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-55.ewr53.r.cloudfront.net
Software
fasthttp /
Resource Hash
1f0d72c4ea18787359759b5834c8091bd40150f5b79ff6e13d9dc2a11d0ced7b

Request headers

Accept
application/json
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
x-spotim-page-view-id
c5b379d7-9a4f-4a59-b061-0016d41da95b
Accept-Language
en-CA,en;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-spotim-device-uuid
120e5fe7-e5f9-4ea6-b842-2bbbd0391c08

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
via
1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
server
fasthttp
x-amz-cf-pop
EWR53-C2
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://jac.yahoosandbox.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
content-length
117
x-amz-cf-id
SZV6atFERRgen-pTmLYtKZBwwGk9gBypK1zAqId_Mp26kb0ip-vF5Q==
x-request-id
7b31153e-8f51-11ec-b4a4-6eae4238c7b2
ec24cb303220fcfc94f8.svg
static-cdn.spot.im/production/launcher/tags/v2.71.8/launcher/ Frame 62EF 		3 KB
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.spot.im/production/launcher/tags/v2.71.8/launcher/ec24cb303220fcfc94f8.svg
Requested by
Host: techcrunch.com
URL: https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-100.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 08:48:27 GMT
content-encoding
br
age
32760
x-cache
Hit from cloudfront
content-length
549
last-modified
Wed, 16 Feb 2022 08:25:18 GMT
server
AmazonS3
etag
"2fb4c511e325b1064ff9babf599fbcee"
vary
Origin
x-amz-version-id
XjS74HFLxHul10lRHYoZPbH5ZIRZB.jD
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/svg+xml
x-amz-cf-id
R7K9IxMymZd4KZKJ-DOHQwyaoT7nK-aqzpj9UAakBCTvUBK1-e4etg==
2271673
api-2-0.spot.im/v1.0.0/config/ab_test/sp_It0mQWOO/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_It0mQWOO/2271673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-55.ewr53.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Origin
https://jac.yahoosandbox.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Wed, 16 Feb 2022 17:54:26 GMT
server
fasthttp
access-control-allow-origin
https://jac.yahoosandbox.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
x-cache
Miss from cloudfront
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
JseiPzEsO0h07BfzelsE8K1A7vjoYSWAmhW4SyXGZMwtmLqaMM58GQ==
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220214&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7d03f9cded0bf6b1011629938dea3b5ea4e4280abf4ad792fc35f07d1587709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 17:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9971
x-xss-protection
0
opus-frame.html
opus.analytics.yahoo.com/tag/ Frame 12A1 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://opus.analytics.yahoo.com/tag/opus-frame.html?referrer=
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.24.48 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/4772) /
Resource Hash
9401d45b15dac98d3adc3803a52be3bae9777cfc6f2e5565115bf2d0d02eefc2
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/

Response headers

content-encoding
gzip
age
319780
content-security-policy
default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
content-type
text/html
date
Wed, 16 Feb 2022 17:54:26 GMT
etag
"b159463bfd2d3b755e89e683e21cd266+gzip"
last-modified
Wed, 18 Aug 2021 13:30:04 GMT
server
ECAcc (nyb/4772)
vary
Accept-Encoding
x-amz-id-2
KdhcAVJS3HDHjCLnjtbkZPK6xzk6kKdAFfkkIOfsya6zkqcEJSdJeb1qE1lhVH9ozI4MMJUsdLU=
x-amz-request-id
4RV9HH9X00BJZQW3
x-cache
HIT
content-length
3427
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 17:54:26 GMT
ads.js
static-cdn.spot.im/production/ads/tags/v18.6.0-4/ads/ Frame 62EF 		236 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v18.6.0-4/ads/ads.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_It0mQWOO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-100.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b3fc86e1776ea74bf5716728ab8add261fd32267abc1b0beeebb888be100427

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
taFpDW2w9iUg3ZW9VZ1L.ZAw0Cafh0IX
content-encoding
br
last-modified
Wed, 09 Feb 2022 08:41:28 GMT
server
AmazonS3
age
68120
etag
W/"d1c0dfbe32fabd59a1d996f61e5a4ff0"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
date
Tue, 15 Feb 2022 22:59:07 GMT
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
tqOBBpi5MEaeWiOSHiwYkgpcExXAsEJssNnAR13Dopr_yrw7SAlwrw==
sp-frame.html
tag.idsync.analytics.yahoo.com/ Frame A9BF 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A//opus.analytics.yahoo.com/tag/opus-frame.html%3Freferrer%3D
Requested by
Host: opus.analytics.yahoo.com
URL: https://opus.analytics.yahoo.com/tag/opus-frame.html?referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.14.41 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D2D) /
Resource Hash
e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://opus.analytics.yahoo.com/

Response headers

content-encoding
gzip
age
165
content-type
text/html
date
Wed, 16 Feb 2022 17:54:26 GMT
etag
"324f9bb044d7d71fa083c18b96aa4662+gzip"
last-modified
Wed, 18 Aug 2021 13:17:52 GMT
server
ECS (nyb/1D2D)
vary
Accept-Encoding
x-amz-id-2
4IAMp1e+OFBLsBSIk3qb3JJN8pRlU2C4J1M+INi7AClvSaHjuiwAAMZ/V410rh3xIZcoaZs3bmI=
x-amz-request-id
9ECZJRGEZRSAVDCF
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3220
cms
cms.analytics.yahoo.com/ Frame 86BE
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=AOL&orig=ono&redir=true
  • https://pixel.advertising.com/ups/55357/sync?_origin=0&redir=true&uid=y-Fg0SKGlE2pF93nE0n8qfukFZ8RGldZuS~A
  • https://pixel.advertising.com/ups/55357/sync?_origin=0&redir=true&uid=y-Fg0SKGlE2pF93nE0n8qfukFZ8RGldZuS~A&verify=true
  • https://ups.analytics.yahoo.com/ups/55357/sync?_origin=0&redir=true&uid=y-Fg0SKGlE2pF93nE0n8qfukFZ8RGldZuS~A&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
  • https://cms.analytics.yahoo.com/cms?partner_id=AOL&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767&_redirect=false
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=AOL&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767&_redirect=false
Protocol
H2
Server
76.13.32.147 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spcms.pbp.vip.bf1.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

location
https://cms.analytics.yahoo.com/cms?partner_id=AOL&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767&_redirect=false
date
Wed, 16 Feb 2022 17:54:26 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
log
ups.analytics.yahoo.com/ups/ Frame 12A1 		0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/log?pixelId55357=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://opus.analytics.yahoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
19505
tags.bluekai.com/site/ Frame FF04
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=BLKAI&orig=ono
  • https://tags.bluekai.com/site/19505?id=y-2R9r2wtE2pKP6VvvC51PkoYswGDXmvgQ2ZY-~A
62 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/19505?id=y-2R9r2wtE2pKP6VvvC51PkoYswGDXmvgQ2ZY-~A
Protocol
HTTP/1.1
Server
173.223.56.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 17:54:26 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

date
Wed, 16 Feb 2022 17:54:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://tags.bluekai.com/site/19505?id=y-2R9r2wtE2pKP6VvvC51PkoYswGDXmvgQ2ZY-~A
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
demconf.jpg
dpm.demdex.net/ Frame FF04
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&orig=ono
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-J0EmjltE2pEMWhPkfURlk6L7h9kKDNkGCHk-~A&redir=https%3A%2F%2Fcms.analytics.yahoo.com%2Fcms%2F%3Fpartner_id%3DADOBE%26_origin%3Dfalse%26_redirect%3Dfalse...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30646
42 B
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30646
Protocol
HTTP/1.1
Server
54.227.88.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-88-83.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v028-02f2021a7.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
300
X-TID
pBPT0/gASi0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-2-v028-09c0a8c89.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
HOFa6UOfRjo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30646
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
vzn
cms.analytics.yahoo.com/ Frame FF04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/vzn?partner_id=VISPP&orig=ono
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.13.32.147 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spcms.pbp.vip.bf1.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
cms
cms.analytics.yahoo.com/ Frame FF04
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NEUAR&orig=ono
  • https://aa.agkn.com/adscores/g.pixel?sid=9202214988&yho=y-w3JbDa9E2p4_m_yfZ5eMc7.hI_kD7k6m7bc-~A
  • https://cms.analytics.yahoo.com/cms?partner_id=NEUAR&_origin=false&_redirect=false&_hosted_id=164060404064009491460&gdpr=&gdpr_consent=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=NEUAR&_origin=false&_redirect=false&_hosted_id=164060404064009491460&gdpr=&gdpr_consent=
Protocol
H2
Server
76.13.32.147 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spcms.pbp.vip.bf1.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 17:54:26 GMT
Server
AAWebServer
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Location
https://cms.analytics.yahoo.com/cms?partner_id=NEUAR&_origin=false&_redirect=false&_hosted_id=164060404064009491460&gdpr=&gdpr_consent=
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Access-Control-Allow-Headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
Expires
0
yho
audex.userreport.com/sync/put/ Frame FF04
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=AUDPR&orig=ono
  • https://audex.userreport.com/sync/put/yho?yhoid=y-82E9qIZE2pH6sg9YqXkyExW7gSuqfIbh0xQ-~A
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audex.userreport.com/sync/put/yho?yhoid=y-82E9qIZE2pH6sg9YqXkyExW7gSuqfIbh0xQ-~A
Protocol
HTTP/1.1
Server
52.85.61.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-52.ewr53.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 17:54:26 GMT
Via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.18.0
X-Amz-Cf-Pop
EWR53-P1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
MQHRHF8HB5hECZXBm17hYRhy2dEOFnHck_7o0WCt_kU_KB5bYqRUKg==

Redirect headers

date
Wed, 16 Feb 2022 17:54:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://audex.userreport.com/sync/put/yho?yhoid=y-82E9qIZE2pH6sg9YqXkyExW7gSuqfIbh0xQ-~A
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_It0mQWOO/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_It0mQWOO/v2?platform=Desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-55.ewr53.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Origin
https://jac.yahoosandbox.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Wed, 16 Feb 2022 17:54:26 GMT
server
fasthttp
access-control-allow-origin
https://jac.yahoosandbox.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-expose-headers
access-control-max-age
86400
x-cache
Miss from cloudfront
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
jvgiuasE2iT_ocxbFYtxC-qn8IrTkUer75ApDTC7k61fOvA7lVsfDA==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ Frame 62EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v18.6.0-4/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-16.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 23:17:04 GMT
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
age
67042
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
MaMjuw_obrnlEuA_X95Zs7xcumUvbcV3ZYg4jCRZ_GZ2JZcrPCbafQ==
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_It0mQWOO/ Frame 62EF 		25 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_It0mQWOO/v2?platform=Desktop
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v18.6.0-4/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-55.ewr53.r.cloudfront.net
Software
fasthttp /
Resource Hash
5660d50fc56f6a2e78e802f4f208873fa403dfa2362ab50883b787ab203c9364

Request headers

x-guid
120e5fe7-e5f9-4ea6-b842-2bbbd0391c08
x-post-id
2271673
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-spot-id
sp_It0mQWOO
x-spotim-page-view-id
c5b379d7-9a4f-4a59-b061-0016d41da95b
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
x-access-token
undefined

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
x-request-id
7b48d2b3-8f51-11ec-a3a5-9e9fcfba48fd
access-control-allow-origin
https://jac.yahoosandbox.com
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
via
1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
access-control-expose-headers
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
x-amz-cf-id
x9kftUP-RybtiRTy3R_68dojGhytPzeTPt4GEaqSnAo4ltzm-JRP-A==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ Frame 62EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v18.6.0-4/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-16.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 23:17:04 GMT
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
age
67042
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
H_ssjhHbY02JSMiEIt_GToCzHQ-bDusBUNWqLjJ8EXP1Tr_L8b2tkw==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CBDF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Feb 2022 08:39:37 GMT
expires
Thu, 16 Feb 2023 08:39:37 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
33289
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame EF73 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
845b7be3b207780167043b9c1fd86ccc1599e5d200d0d768dbe31350ee22cdff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pLBttMC5Mx6AF7hw0BE3Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 16 Feb 2022 17:54:26 GMT
date
Wed, 16 Feb 2022 17:54:26 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-pLBttMC5Mx6AF7hw0BE3Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame A9BF 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?gdpr=false&euconsent=undefined&us_privacy=1---&referrer=https%3A%2F%2Fopus.analytics.yahoo.com%2Ftag%2Fopus-frame.html%3Freferrer%3D
Requested by
Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A//opus.analytics.yahoo.com/tag/opus-frame.html%3Freferrer%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
5c771dac13ea6d6cc7f64d98902c8cca8636cee40c0b4082ee698fb1de2456dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tag.idsync.analytics.yahoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://tag.idsync.analytics.yahoo.com
cache-control
no-cache
access-control-allow-credentials
true
3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
pagead2.googlesyndication.com/bg/ Frame CBDF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 22:42:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
328326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13552
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Feb 2023 22:42:20 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BE01 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v18.6.0-4/ads/ads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html

Response headers

server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=80497
expires
Thu, 17 Feb 2022 16:16:03 GMT
date
Wed, 16 Feb 2022 17:54:26 GMT
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 62EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=8541061122262657890
0
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=8541061122262657890
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 17:54:26 GMT
Server
VertaMedia 1.0
Etag
95bdb558f954d4a4
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 17:54:26 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 577.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
6f46f606-e805-4904-995a-fb1224f7fb43
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=8541061122262657890
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
sync.mathtag.com/sync/ Frame 62EF
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=211945
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=7b5b3b64-8f51-11ec-885c-1966130c0103
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESENYhABNdI2VXv2GXOzsuu-U&google_cver=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?adv_id=7028&uid=07c027c8-1f84-497f-a8db-fe36b11bd367&img=1
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=&_test=Yg06UgAGt...
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yg06UgAGtzyGrgBH&img=1&gdpr=0&gdpr_consent=&_test=Yg06UgAGtzyGrgBH
  • https://match.prod.bidr.io/cookie-sync/sx?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sx?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://sync.search.spotxchange.com/partner?adv_id=8304&uid=AAFDSE7EGnUAAHePDzunQw&gdpr=0
  • https://sync.springserve.com/usersync?redirect_url=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D8876%26uid%3DSS_UUID
  • https://sync.search.spotxchange.com/partner?adv_id=8876&uid=7c4b4fb0-09e9-4204-a9aa-8c0a42943245
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=44&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341&partner_url=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341&partner_url=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fa...
  • https://sync.search.spotxchange.com/partner?adv_id=7308&uid=fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341
  • https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
0
0
csync
sync.spotim.market/ Frame 62EF
Redirect Chain
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-53NyM8NE2uHJsxkpJNWYPsGAUTkw_4yX~A~UP7b505ddf-8f51-11ec-8386-0ea96657d767
0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-53NyM8NE2uHJsxkpJNWYPsGAUTkw_4yX~A~UP7b505ddf-8f51-11ec-8386-0ea96657d767
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 17:54:26 GMT
Server
VertaMedia 1.0
Etag
95bdb558f954d4a4
Content-Length
0

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-53NyM8NE2uHJsxkpJNWYPsGAUTkw_4yX~A~UP7b505ddf-8f51-11ec-8386-0ea96657d767
date
Wed, 16 Feb 2022 17:54:26 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.spotim.market/csync/ Frame 62EF
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=7b5b2db1-8f51...
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=7b5b3afd-8f51-11ec-885c-1966130c0103
0
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=7b5b3afd-8f51-11ec-885c-1966130c0103
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 17:54:26 GMT
Server
VertaMedia 1.0
Etag
95bdb558f954d4a4
Content-Length
0

Redirect headers

Date
Wed, 16 Feb 2022 17:54:26 GMT
Server
nginx
Location
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=7b5b3afd-8f51-11ec-885c-1966130c0103
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
64
Connection
keep-alive
Content-Length
0
segment
di.rlcdn.com/api/ Frame 62EF
Redirect Chain
  • https://di.rlcdn.com/710530.gif
  • https://di.rlcdn.com/api/segment?pid=710530&redirect=1
42 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di.rlcdn.com/api/segment?pid=710530&redirect=1
Protocol
H3
Server
34.107.140.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://jac.yahoosandbox.com/0.14.0/safeframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
42

Redirect headers

date
Wed, 16 Feb 2022 17:54:26 GMT
via
1.1 google
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://di.rlcdn.com/api/segment?pid=710530&redirect=1
access-control-allow-credentials
true
content-type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel.gif
apx.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apx.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Faka-cdn.adtechus.com%2Fimages%2F254%2FAd0St1Sz2466Sq0V0Id26844414.jpg&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%40UWf5%2Bd%3BrR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&cm=1&f=0&j=&t=1645034065947&de=778550687969&cu=1645034065947&m=618&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11812&le=1&lf=155&lg=1&lh=64&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A379%3A379%3A0%3A947&as=0&ag=85&an=0&gf=85&gg=0&ix=85&ic=85&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=85&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=169&cd=0&ah=169&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=11162627%3A11164227%3A26844414%3A-&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739766&zMoatAlias=93484975&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=496735468&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1912186788&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-201-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 16 Feb 2022 17:54:26 GMT
usync
onevideosync.uplynk.com/ Frame FE9F
Redirect Chain
  • https://pixel.advertising.com/ups/57989/sync?_origin=1&redir=true&gdpr=0&gdpr_consent=undefined
  • https://ups.analytics.yahoo.com/ups/57989/sync?_origin=1&redir=true&gdpr=0&gdpr_consent=undefined&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
  • https://onevideosync.uplynk.com/usync?key=onevideo&comboId=y-6zgDItRE2uF7QdMZK5L5djv70qXaVG9c~A~UP7b505ddf-8f51-11ec-8386-0ea96657d767&gdpr=0&gdpr_consent=
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onevideosync.uplynk.com/usync?key=onevideo&comboId=y-6zgDItRE2uF7QdMZK5L5djv70qXaVG9c~A~UP7b505ddf-8f51-11ec-8386-0ea96657d767&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.174.142.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-142-166.compute-1.amazonaws.com
Software
ribs2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
server
ribs2.0
content-length
0
content-type
text/plain

Redirect headers

location
https://onevideosync.uplynk.com/usync?key=onevideo&comboId=y-6zgDItRE2uF7QdMZK5L5djv70qXaVG9c~A~UP7b505ddf-8f51-11ec-8386-0ea96657d767&gdpr=0&gdpr_consent=
date
Wed, 16 Feb 2022 17:54:26 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/57304/ Frame FE9F
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?_origin=0&gdpr=0&gdpr_consent=undefined&redir=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?_origin=0&gdpr=0&gdpr_consent=undefined&redir=true&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA3YjUwNWRkZi04ZjUxLTExZWMtODM4Ni0wZWE5NjY1N2Q3Njc%3D&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEHpRUASO25eopMACAILqgLM&gdpr=0&gdpr_consent=&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHpRUASO25eopMACAILqgLM&gdpr=0&gdpr_consent=&google_cver=1&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHpRUASO25eopMACAILqgLM&gdpr=0&gdpr_consent=&google_cver=1&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHpRUASO25eopMACAILqgLM&gdpr=0&gdpr_consent=&google_cver=1&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
date
Wed, 16 Feb 2022 17:54:26 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/56465/ Frame FE9F
Redirect Chain
  • https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=undefined
  • https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=undefined&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
  • https://pr-bh.ybp.yahoo.com/sync/adtech/UP7b505ddf-8f51-11ec-8386-0ea96657d767?gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/56465/sync?uid=y-JfprZqlE2p4.ngpDbRMIzrITDJTKr29VaFVf~A&_origin=0&nsync=0
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-JfprZqlE2p4.ngpDbRMIzrITDJTKr29VaFVf~A&_origin=0&nsync=0&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-JfprZqlE2p4.ngpDbRMIzrITDJTKr29VaFVf~A&_origin=0&nsync=0&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-JfprZqlE2p4.ngpDbRMIzrITDJTKr29VaFVf~A&_origin=0&nsync=0&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
date
Wed, 16 Feb 2022 17:54:26 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/ Frame FE9F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=undefined
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=undefined
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=07c027c8-1f84-497f-a8db-fe36b11bd367&_origin=1&gdpr=0&gdpr_consent=
0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=07c027c8-1f84-497f-a8db-fe36b11bd367&_origin=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=07c027c8-1f84-497f-a8db-fe36b11bd367&_origin=1&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
apn
ads.playground.xyz/usersync/ Frame FE9F
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=undefined&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-IpS9vRVE2uVDnw0DGN_P77l3XUj...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=undefined&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-IpS9vRVE2uVDnw0DGN_P77l3XUj...
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
0
0
setuid
ib.adnxs.com/prebid/ Frame FE9F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=undefined
  • https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-rkoYbhNE2uH0kX5FWHjNyLrRxfjryg--~A&gdpr=0&gdpr_consent=
0
0
sync
ups.analytics.yahoo.com/ups/58281/ Frame FE9F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0xeXlLazVaRTJ1RXhCOENuVTFwYXJkZ1VjQVdZVzg3ZmZnLS1%2BQQ%3D%3D&gdpr=0&gdpr_consent=undefined&_origin=0
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=undefined&_origin=0&google_hm=2
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=undefined&_origin=0&google_hm=2
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=undefined&_origin=0&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
323
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FE9F 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS00QzRhMkNkRTJ1RmpEOFFIbjVGcnlIcXhBYlVoR3h5enF3LS1%2BQQ%3D%3D&gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/57769/ Frame FE9F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=nexage_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=undefined&_origin=0
  • https://pixel.advertising.com/ups/57769/sync?uid=CAESEEyBBWyvyd6XSMjHhkBi56s&gdpr=0&gdpr_consent=undefined&_origin=0&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57769/sync?uid=CAESEEyBBWyvyd6XSMjHhkBi56s&gdpr=0&gdpr_consent=undefined&_origin=0&google_cver=1&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57769/sync?uid=CAESEEyBBWyvyd6XSMjHhkBi56s&gdpr=0&gdpr_consent=undefined&_origin=0&google_cver=1&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57769/sync?uid=CAESEEyBBWyvyd6XSMjHhkBi56s&gdpr=0&gdpr_consent=undefined&_origin=0&google_cver=1&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
date
Wed, 16 Feb 2022 17:54:26 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
xuid
eb2.3lift.com/ Frame FE9F
Redirect Chain
  • https://eb2.3lift.com/getuid?&gdpr=0&cmp_cs=undefined&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_conse...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=undefined&us_privacy=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%...
  • https://ups.analytics.yahoo.com/ups/58382/sync?_origin=0&ums2=0&redir=true&uid=3223219275822513178025&gdpr=0&gdpr_consent=undefined
  • https://eb2.3lift.com/sync?px=1&gdpr=0&cmp_cs=&axid=y-pXZcs4pE2uLMI72xDl25xyw4ecnoY7cV~A&ums2=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=07c027c8-1f84-497f-a8db-fe36b11bd367&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=07c027c8-1f84-497f-a8db-fe36b11bd367&dongle=0cfd
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=07c027c8-1f84-497f-a8db-fe36b11bd367&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
sodar
pagead2.googlesyndication.com/pagead/ Frame EF73 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220214&jk=1075796570593092&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
pixel.gif
apx.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apx.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Faka-cdn.adtechus.com%2Fimages%2F253%2FAd0St1Sz529Sq0V0Id26844413.jpg&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%40UWf5%2Bd%3BrR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&cm=1&f=0&j=&t=1645034066129&de=662366360845&cu=1645034066129&m=517&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11812&le=1&lf=52&lg=1&lh=14&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A379%3A379%3A0%3A947&as=0&ag=56&an=0&gf=56&gg=0&ix=56&ic=56&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=56&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=112&cd=0&ah=112&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=11162627%3A11164227%3A26844413%3A-&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739767&zMoatAlias=93484976&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=496735466&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=2114998537&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-201-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 16 Feb 2022 17:54:26 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame BE01 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21374485&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a0a048b66e9230d29b7a68087012fad0138f4b2e98c3047f0c66ff209c642f29

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generate_204
tpc.googlesyndication.com/ Frame CBDF 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2W1orA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220214&jk=1075796570593092&bg=!8_Cl8LTNAAbAtJCDwLQ7ACkAdvg8WjeJ-F_0-OcW0qPNOvi2TutHitIPKtG0hc7kCpunW15LkZ9b1wIAAAB8UgAAAAJoAQcKAOo_-4Lu8Z8_EBgClTne2w-FFb0sShdkV4sh7fl5SibilvcyAXeqitMIN3dFzxBAkE83g7qT0gPjRa5K_EAvENMNCmHWwUZYie2tBSeNWyGaOUSKgJ1eTthY9sKUt2b0Z-GKn_f9Dm3aknig9G33nVtDW3vD2p_IX4X6_CUUCy1Rk1zJLKPJswjmxmvfLGZJYKf6Fsl0xSlc3LXunYEg6ojO-jeol1d3zURKB1xdJeFb6L2LzE60f3Q-T37-pQWGc0sRd7AF6yWmlHFSf74lijDxNjZSYiwSEtaJLm31buQ1BQh6QYsMc1fCGGSZAqr5bxOJw5sKdOHtB3rjnkjhFtmyZULwn28KRwnO0W5CeQUt82o9VZFFluvYmSBbMk5tx7QYQaHRTqlc2L6nRefERkE_W9X8wyxLwoOfQw5xtAmMbt5yFz0pCfBrZ0uycd4rN9GJp9lTtjo9MnTgFABiM_OhnU_3Tfs0jrw2XFeNcDOgUaGerV0Z7w8_1pjFgak9KBNJe0zqumH_eVvbDX2U2e-27wxKfBMsSio_XtidbfNlNvV08_eOh8u46bJ0CAdlafrQ7XVhi1upfSuydmcmPC6m7AC2Y-4iJGPktv3y6gveQwNVzwaSEmgI5yH2wg9l-IclRvq7q30hshuIsLSTxDXW5y_4yDHE5oJzlrxGoWYY3XHwbEy2znpIQEVD14KixIQ-VFv174xjnaEBf9p9__IpqPWcjvdlqxXBe8C-dZ8Z2AwvYr1bFT88ALvQkGr-M1-Cu4bDa-MjyrbT0AXJMpgV5SPwV_pplpbeWJSn8pKLC-GRqbzS8J8YJkyx-8d8Iy0cyPf3SylHkoO9DQ-iffRHbFmdVu-Sr1h3lUba7X8Eh9mF6o6um67FaYS15qXUWM0W4tB1M6DWdz8XPubgLRsPuE5Yeug3-Kr9oEfHT_oDB5Ud_3ln6PspZv3WJFtbcj9ZQevNANgK5GLOuVJ4JHhcOXvCIvmTaWp9O_8SOgE5cnk3ruinNPnNV8JCxF4i-eQwmnKjRVkjuO8i1p3CYv3umWxqc7a3cE7uyVv4EPIz91PGqV3D2GkEVEpphzFgwnMt2VbVxAm32TwKEu8G0vtxtzbL2eMx4KypJrYYggQLABE2Ip4jhssRMYtBc69Wn3nXIppJVeqKE-RygQl_iExLQ0ThXOG555pKn5ED9ZDLVAFradMDPpBfkH1ShHRLnvNuLP5tiOTx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame D8DD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=2B7EF811-381C-497E-969B-C1174DA7D8C4
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2B7EF811-381C-497E-969B-C1174DA7D8C4
35 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2B7EF811-381C-497E-969B-C1174DA7D8C4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 17:54:26 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Wed, 16 Feb 2022 17:54:26 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2B7EF811-381C-497E-969B-C1174DA7D8C4
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 217F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg06UgAGttKFygBH&gdpr=0&gdpr_consent=&_test=Yg06UgAGttKFygBH
1 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg06UgAGttKFygBH&gdpr=0&gdpr_consent=&_test=Yg06UgAGttKFygBH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 10:35:48 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
va2pug004:0:434
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg06UgAGttKFygBH&gdpr=0&gdpr_consent=&_test=Yg06UgAGttKFygBH
accept-ranges
bytes
date
Wed, 16 Feb 2022 17:54:26 GMT
via
1.1 varnish
x-served-by
cache-yul12820-YUL
x-cache
HIT
x-cache-hits
0
x-timer
S1645034067.829054,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5186
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7263620d-3a53-4a00-9940-6e5e48a50b86&gdpr=0&gdpr_consent=
42 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7263620d-3a53-4a00-9940-6e5e48a50b86&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 17:54:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug015:0:1682
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 16 Feb 2022 17:54:27 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master hkg-pixel-x12 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7263620d-3a53-4a00-9940-6e5e48a50b86&gdpr=0&gdpr_consent=
Expires
Wed, 16 Feb 2022 17:54:26 GMT
2B7EF811-381C-497E-969B-C1174DA7D8C4&gdpr=0&gdpr_consent=
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E4AF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGRFNFN0VHblVBQUhlUER6dW5Rdw&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFDSE7EGnUAAHePDzunQw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partne...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFDSE7EGnUAAHePDzunQw&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFDSE7EGnUAAHePDzunQw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_curr...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8056379446578827850
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAFDSE7EGnUAAHePDzunQw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D8056379446578827850%26bee_sync_partners%3Dpm%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?userid=8056379446578827850&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFDSE7EGnUAAHePDzunQw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IpS9vRVE2uVDnw0DGN_P77l3XUjV19uq~A&gdpr=0&gdpr_consent=undefined&pmc=1&pr=https%3A%2F%2Fpixel.advertising.com%2Fups%2F58292%2Fsync%3...
  • https://pixel.advertising.com/ups/58292/sync?_origin=0&gdpr=0&gdpr_consent=undefined&uid=2B7EF811-381C-497E-969B-C1174DA7D8C4&redir2=true
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=0&gdpr=0&gdpr_consent=undefined&uid=2B7EF811-381C-497E-969B-C1174DA7D8C4&redir2=true&apid=UP7b505ddf-8f51-11ec-8386-0ea96657d767
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/2B7EF811-381C-497E-969B-C1174DA7D8C4&gdpr=0&gdpr_consent=
43 B
989 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2B7EF811-381C-497E-969B-C1174DA7D8C4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 16 Feb 2022 17:54:27 GMT
content-type
image/gif
content-length
43
age
0
strict-transport-security
max-age=31536000
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin

Redirect headers

date
Wed, 16 Feb 2022 17:54:27 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2B7EF811-381C-497E-969B-C1174DA7D8C4&gdpr=0&gdpr_consent=
age
0
server
ATS/9.1.0.33
usersync.aspx
widget.us.criteo.com/dis/ Frame 8275
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...
43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Wed, 16 Feb 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
457810
strict-transport-security
max-age=31536000; preload;

Redirect headers

date
Wed, 16 Feb 2022 17:54:26 GMT
server
Kestrel
content-length
0
location
https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
server-processing-duration-in-ticks
240527
strict-transport-security
max-age=31536000; preload;
141
match.deepintent.com/usersync/ Frame 559B 		0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
content-type
image/gif
content-length
0
date
Wed, 16 Feb 2022 17:54:26 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame ADBB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tc5JAMXVSoFCfiViZpYGipU4mbM
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tc5JAMXVSoFCfiViZpYGipU4mbM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 17:54:26 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug016:0:737
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Wed, 16 Feb 2022 17:54:26 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tc5JAMXVSoFCfiViZpYGipU4mbM
Content-Length
159
Connection
keep-alive
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame A51F
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=c7d333dd-71be-42fa-b73f-d76c4c4a4ccf&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2B7EF811-381C-497E-969B-C1174DA7D8C4
42 B
351 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2B7EF811-381C-497E-969B-C1174DA7D8C4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.205.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-205-250.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
content-type
image/gif
content-length
42
server
Kestrel

Redirect headers

server
nginx
date
Wed, 16 Feb 2022 17:54:26 GMT
x-lat
va1pug012:0:1238
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2B7EF811-381C-497E-969B-C1174DA7D8C4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
Pug
simage2.pubmatic.com/AdServer/ Frame 7A2E
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7b72c028-8f51-11ec-9371-a0350199f618
42 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7b72c028-8f51-11ec-9371-a0350199f618
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 17:54:26 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug001:0:551
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 16 Feb 2022 17:54:26 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
server
Cowboy
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7b72c028-8f51-11ec-9371-a0350199f618
X-RealServer-NX
lga-delivery-9
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 12C3
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6de8a4262eff4bd1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 16 Feb 2022 17:54:26 GMT
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
55
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6de8a4258e204bd1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 1C1E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPxQjtlF1Nkovw5&gdpr=0&gdpr_consent=
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPxQjtlF1Nkovw5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 12:13:42 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va2pug006:0:455
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Wed, 16 Feb 2022 17:54:26 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FPxQjtlF1Nkovw5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-706-g7d26040#rel-ec2-master i-0b4916ae220be84a3@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 6A20
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=647612703894
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=647612703894
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 17:54:26 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
10:0:2104
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Length
0
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=647612703894
Pug
simage2.pubmatic.com/AdServer/ Frame 6C86
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1645034066892
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3336142250
  • https://sync.1rx.io/usersync/tradedesk/07c027c8-1f84-497f-a8db-fe36b11bd367
  • https://sync.targeting.unrulymedia.com/csync/RX-b2254f04-171e-4577-9938-73b14ab1abc4-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b2254f04-171e-4577-9938-73b14ab1abc4-005
42 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b2254f04-171e-4577-9938-73b14ab1abc4-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 10:42:34 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va2pug003:0:540
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Wed, 16 Feb 2022 17:54:27 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b2254f04-171e-4577-9938-73b14ab1abc4-005
ETag
RXb2254f04171e4577993873b14ab1abc4005
Pug
simage2.pubmatic.com/AdServer/ Frame 4B6B
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ6983204661699776467&uid=Q698320466169977...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6983204661699776467
42 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6983204661699776467
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 17:54:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug014:0:1191
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Apache/2.2.15 (CentOS)
Content-Length
154
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6983204661699776467
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary
Accept-Encoding
Cache-Control
max-age=62650
Date
Wed, 16 Feb 2022 17:54:26 GMT
Connection
keep-alive
Pug
image2.pubmatic.com/AdServer/ Frame BE19
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=727ce0de-a1cc-4ea8-a6a4-c82b9aa96ca5
1 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=727ce0de-a1cc-4ea8-a6a4-c82b9aa96ca5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 12:13:42 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
va2pug006:0:451
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Wed, 16 Feb 2022 17:54:26 GMT
content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=727ce0de-a1cc-4ea8-a6a4-c82b9aa96ca5
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
csync
sync.spotim.market/ Frame D888 		0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=2B7EF811-381C-497E-969B-C1174DA7D8C4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
VertaMedia 1.0
Date
Wed, 16 Feb 2022 17:54:26 GMT
Content-Length
0
Etag
95bdb558f954d4a4
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BE01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K374ETgcSX6Wm8EXTafYxA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=80497
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Thu, 17 Feb 2022 16:16:03 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame BE01
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=2B7EF811-381C-497E-969B-C1174DA7D8C4
  • https://pippio.com/api/sync?pid=5324&it=1&iv=88d778cb067c1afb4599d8c0fb20b7317182c0e20c13ea3c4efebe41f2baceaf791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4OGQ3NzhjYjA2N2MxYWZiNDU5OWQ4YzBmYjIwYjczMTcxODJjMGUyMGMxM2VhM2M0ZWZlYmU0MWYyYmFjZWFmNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4OGQ3NzhjYjA2N2MxYWZiNDU5OWQ4YzBmYjIwYjczMTcxODJjMGUyMGMxM2VhM2M0ZWZlYmU0MWYyYmFjZWFmNzkxNDI2YjU0MTdkY2UyMRAAGgwI0vS0kAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=b4ffb5d1-760e-48cc-962d-16d25d44b673
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=b4ffb5d1-760e-48cc-962d-16d25d44b673
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 17:54:27 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=b4ffb5d1-760e-48cc-962d-16d25d44b673
date
Wed, 16 Feb 2022 17:54:27 GMT
via
1.1 google
x-samesite
secure
alt-svc
clear
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8051620d-3a53-4b00-9140-85a3da4bec1b
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8051620d-3a53-4b00-9140-85a3da4bec1b
Protocol
H2
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 16 Feb 2022 17:54:27 GMT
Server
MT3 4133 baa842e master hkg-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8051620d-3a53-4b00-9140-85a3da4bec1b
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Feb 2022 17:54:26 GMT
Pug
image2.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkI3RUY4MTEtMzgxQy00OTdFLTk2OUItQzExNzREQTdEOEM0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug014:0:1186
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGrc9Wk9TnG2zB3kCGnbYOc&google_cver=1
42 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGrc9Wk9TnG2zB3kCGnbYOc&google_cver=1
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:26:02 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug002:0:413
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGrc9Wk9TnG2zB3kCGnbYOc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B08800FF6EA34F5BB5E6633CFD9D1824
42 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B08800FF6EA34F5BB5E6633CFD9D1824
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:26:03 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug002:0:317
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 16 Feb 2022 17:54:26 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B08800FF6EA34F5BB5E6633CFD9D1824
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Tue, 15 Feb 2022 17:54:26 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7053038009852845648&gdpr=0&gdpr_consent=&us_privacy=
1 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7053038009852845648&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:26:03 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug002:0:460
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7053038009852845648&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=07c027c8-1f84-497f-a8db-fe36b11bd367
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=07c027c8-1f84-497f-a8db-fe36b11bd367
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:35:57 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug009:0:337
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=07c027c8-1f84-497f-a8db-fe36b11bd367
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
2B7EF811-381C-497E-969B-C1174DA7D8C4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BE01 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2B7EF811-381C-497E-969B-C1174DA7D8C4?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2B7EF811-381C-497E-969B-C1174DA7D8C4&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AynMUptE2uXXXeV_H.KtNDFu9ibQVi8-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AynMUptE2uXXXeV_H.KtNDFu9ibQVi8-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AynMUptE2uXXXeV_H.KtNDFu9ibQVi8-~A&gdpr=0&gdpr_consent=
date
Wed, 16 Feb 2022 17:54:26 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2B7EF811-381C-497E-969B-C1174DA7D8C4&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=a4739400cb31224&is_secure=true&networkId=17100&version=1&nuid=2B7EF811-381C-497E-969B-C1174DA7D8C4&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcecnaMhFAAMF_2ogAAAAAAA&expiration=1645120466&nuid=2B7EF811-381C-497E-969B-C1174DA7D8C4&...
42 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcecnaMhFAAMF_2ogAAAAAAA&expiration=1645120466&nuid=2B7EF811-381C-497E-969B-C1174DA7D8C4&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug016:0:454
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcecnaMhFAAMF_2ogAAAAAAA&expiration=1645120466&nuid=2B7EF811-381C-497E-969B-C1174DA7D8C4&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=7b826aa8-8f51-11ec-8681-7f9b9a30e98b&gdpr=0&gdpr_consent=
1 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=7b826aa8-8f51-11ec-8681-7f9b9a30e98b&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug014:0:1116
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=7b826aa8-8f51-11ec-8681-7f9b9a30e98b&gdpr=0&gdpr_consent=
Date
Wed, 16 Feb 2022 17:54:25 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
7b826aa9-8f51-11ec-8681-7f9b9a30e98b
Pug
image2.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8541061122262657890&gdpr=0&gdpr_consent=
42 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8541061122262657890&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:43:10 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug010:0:514
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 17:54:26 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 577.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
b03b189b-dbd7-48fa-8c4c-062c27e7648b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8541061122262657890&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame BE01 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.198.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-198-120.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Pug
image2.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xedjz8C0ZpnetjWfx7F-nsOwYcne52TNlrdPng_Q
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xedjz8C0ZpnetjWfx7F-nsOwYcne52TNlrdPng_Q
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug002:0:437
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xedjz8C0ZpnetjWfx7F-nsOwYcne52TNlrdPng_Q
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341&gdpr=0&gdpr_consent=
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug001:0:477
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame BE01
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B331_EB648C98_356DB3E1&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
4.78.226.233 Mobile, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-328020867; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 17:54:27 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-328020867; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 16 Feb 2022 12:15:29 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug008:0:584
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1783777311182772972&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7d77fa25-b79b-4f90-a965-0c766261f90e&gdpr=&gdpr_consent=&gdpr_pd=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7d77fa25-b79b-4f90-a965-0c766261f90e&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:27 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug013:0:986
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7d77fa25-b79b-4f90-a965-0c766261f90e&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 16 Feb 2022 17:54:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=37146068162650729
42 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=37146068162650729
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:26 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug004:0:453
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:26 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=37146068162650729
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel.gif
apx.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apx.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%40UWf5%2Bd%3BrR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&cm=1&f=0&j=&t=1645034065947&de=778550687969&cu=1645034065947&m=1675&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11812&le=1&lf=155&lg=1&lh=64&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A379%3A379%3A0%3A947&as=1&ag=1149&an=85&gi=1&gf=1149&gg=85&ix=1149&ic=1149&ez=1&ck=1149&kw=1032&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1149&bx=85&ci=1149&jz=1032&dj=1&aa=1&ad=1038&cn=0&gn=1&gk=1038&gl=0&ik=1038&co=1038&cp=1032&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1032&cd=169&ah=1032&am=169&rf=0&re=0&wb=1&cl=0&at=0&d=11162627%3A11164227%3A26844414%3A-&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739766&zMoatAlias=93484975&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=496735468&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1313397239&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-201-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 16 Feb 2022 17:54:27 GMT
pixel.gif
apx.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apx.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%40UWf5%2Bd%3BrR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&cm=1&f=0&j=&t=1645034065947&de=778550687969&cu=1645034065947&m=1676&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11812&le=1&lf=155&lg=1&lh=64&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A379%3A379%3A0%3A947&as=1&ag=1149&an=1149&gi=1&gf=1149&gg=1149&ix=1149&ic=1149&ez=1&ck=1149&kw=1032&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1149&bx=1149&ci=1149&jz=1032&dj=1&aa=1&ad=1038&cn=1038&gn=1&gk=1038&gl=1038&ik=1038&co=1038&cp=1032&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1032&cd=1032&ah=1032&am=1032&rf=0&re=0&wb=1&cl=0&at=0&d=11162627%3A11164227%3A26844414%3A-&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739766&zMoatAlias=93484975&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=496735468&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=595475290&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-201-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 16 Feb 2022 17:54:27 GMT
pixel.gif
apx.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apx.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%40UWf5%2Bd%3BrR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&cm=1&f=0&j=&t=1645034065947&de=778550687969&cu=1645034065947&m=1676&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11812&le=1&lf=155&lg=1&lh=64&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A379%3A379%3A0%3A947&as=1&ag=1149&an=1149&gi=1&gf=1149&gg=1149&ix=1149&ic=1149&ez=1&ck=1149&kw=1032&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1149&bx=1149&ci=1149&jz=1032&dj=1&aa=1&ad=1038&cn=1038&gn=1&gk=1038&gl=1038&ik=1038&co=1038&cp=1032&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1032&cd=1032&ah=1032&am=1032&rf=0&re=0&wb=1&cl=0&at=0&d=11162627%3A11164227%3A26844414%3A-&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739766&zMoatAlias=93484975&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=496735468&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=1740346407&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-201-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 16 Feb 2022 17:54:27 GMT
pixel.gif
apx.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apx.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%40UWf5%2Bd%3BrR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&cm=1&f=0&j=&t=1645034066129&de=662366360845&cu=1645034066129&m=1619&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11812&le=1&lf=52&lg=1&lh=14&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A379%3A379%3A0%3A947&as=1&ag=1159&an=56&gi=1&gf=1159&gg=56&ix=1159&ic=1159&ez=1&ck=1159&kw=1014&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1159&bx=56&ci=1159&jz=1014&dj=1&aa=1&ad=1059&cn=0&gn=1&gk=1059&gl=0&ik=1059&co=1059&cp=1014&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1014&cd=112&ah=1014&am=112&rf=0&re=0&wb=1&cl=0&at=0&d=11162627%3A11164227%3A26844413%3A-&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739767&zMoatAlias=93484976&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=496735466&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=849742919&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-201-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 16 Feb 2022 17:54:27 GMT
pixel.gif
apx.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apx.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%40UWf5%2Bd%3BrR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&cm=1&f=0&j=&t=1645034066129&de=662366360845&cu=1645034066129&m=1620&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11812&le=1&lf=52&lg=1&lh=14&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A379%3A379%3A0%3A947&as=1&ag=1159&an=1159&gi=1&gf=1159&gg=1159&ix=1159&ic=1159&ez=1&ck=1159&kw=1014&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1159&bx=1159&ci=1159&jz=1014&dj=1&aa=1&ad=1059&cn=1059&gn=1&gk=1059&gl=1059&ik=1059&co=1059&cp=1014&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1014&cd=1014&ah=1014&am=1014&rf=0&re=0&wb=1&cl=0&at=0&d=11162627%3A11164227%3A26844413%3A-&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739767&zMoatAlias=93484976&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=496735466&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=287455282&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-201-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 16 Feb 2022 17:54:27 GMT
pixel.gif
apx.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apx.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%40UWf5%2Bd%3BrR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&cm=1&f=0&j=&t=1645034066129&de=662366360845&cu=1645034066129&m=1621&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11812&le=1&lf=52&lg=1&lh=14&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A379%3A379%3A0%3A947&as=1&ag=1159&an=1159&gi=1&gf=1159&gg=1159&ix=1159&ic=1159&ez=1&ck=1159&kw=1014&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1159&bx=1159&ci=1159&jz=1014&dj=1&aa=1&ad=1059&cn=1059&gn=1&gk=1059&gl=1059&ik=1059&co=1059&cp=1014&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1014&cd=1014&ah=1014&am=1014&rf=0&re=0&wb=1&cl=0&at=0&d=11162627%3A11164227%3A26844413%3A-&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739767&zMoatAlias=93484976&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=496735466&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=260681104&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-201-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 16 Feb 2022 17:54:27 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame BE01 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156758&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:54:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel.gif
apx.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apx.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%40UWf5%2Bd%3BrR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&cm=1&f=0&j=&t=1645034065947&de=778550687969&cu=1645034065947&m=5698&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11812&le=1&lf=155&lg=1&lh=64&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A379%3A379%3A0%3A947&as=1&ag=5172&an=1149&gi=1&gf=5172&gg=1149&ix=5172&ic=5172&ez=1&ck=1149&kw=1032&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5172&bx=1149&ci=1149&jz=1032&dj=1&aa=1&ad=5061&cn=1038&gn=1&gk=5061&gl=1038&ik=5061&co=1038&cp=1032&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=5055&cd=1032&ah=5055&am=1032&rf=0&re=0&wb=2&cl=0&at=0&d=11162627%3A11164227%3A26844414%3A-&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739766&zMoatAlias=93484975&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=496735468&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=972029443&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-201-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 16 Feb 2022 17:54:31 GMT
pixel.gif
apx.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apx.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%40UWf5%2Bd%3BrR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&cm=1&f=0&j=&t=1645034066129&de=662366360845&cu=1645034066129&m=5649&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11812&le=1&lf=52&lg=1&lh=14&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A379%3A379%3A0%3A947&as=1&ag=5190&an=1159&gi=1&gf=5190&gg=1159&ix=5190&ic=5190&ez=1&ck=1159&kw=1014&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5190&bx=1159&ci=1159&jz=1014&dj=1&aa=1&ad=5090&cn=1059&gn=1&gk=5090&gl=1059&ik=5090&co=1059&cp=1014&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=5045&cd=1014&ah=5045&am=1014&rf=0&re=0&wb=2&cl=0&at=0&d=11162627%3A11164227%3A26844413%3A-&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739767&zMoatAlias=93484976&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=496735466&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=568136408&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-201-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 16 Feb 2022 17:54:31 GMT
pixel.gif
apx.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apx.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%40UWf5%2Bd%3BrR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&cm=1&f=0&j=&t=1645034065947&de=778550687969&cu=1645034065947&m=5900&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11812&le=1&lf=155&lg=1&lh=64&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A379%3A379%3A0%3A947&as=1&ag=5374&an=5172&gi=1&gf=5374&gg=5172&ix=5374&ic=5374&ez=1&ck=1149&kw=1032&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5374&bx=5172&ci=1149&jz=1032&dj=1&aa=1&ad=5263&cn=5061&gn=1&gk=5263&gl=5061&ik=5263&co=1038&cp=1032&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=5256&cd=5055&ah=5256&am=5055&rf=0&re=0&wb=2&cl=0&at=0&d=11162627%3A11164227%3A26844414%3A-&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739766&zMoatAlias=93484975&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=496735468&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=831151817&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-201-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 16 Feb 2022 17:54:31 GMT
pixel.gif
apx.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apx.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=-1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ADTECHBRANDS1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&th=1219999633&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2CChrome%20PDF%20Plugin*Chrome%20PDF%20Viewer*Native%20Client%2C1%2C4%2C0%2Cprobably%2Cprobably&os=&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%40UWf5%2Bd%3BrR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Ftechcrunch.com%2F2022%2F02%2F14%2Ffreedom-convoy-donor-leak-givesendgo%2F&id=1&ii=4&cm=1&f=0&j=&t=1645034066129&de=662366360845&cu=1645034066129&m=5851&ar=da8ed23e15-clean&iw=7e8212f&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11812&le=1&lf=52&lg=1&lh=14&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A379%3A379%3A0%3A947&as=1&ag=5392&an=5190&gi=1&gf=5392&gg=5190&ix=5392&ic=5392&ez=1&ck=1159&kw=1014&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5392&bx=5190&ci=1159&jz=1014&dj=1&aa=1&ad=5292&cn=5090&gn=1&gk=5292&gl=5090&ik=5292&co=1059&cp=1014&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=5246&cd=5045&ah=5246&am=5045&rf=0&re=0&wb=2&cl=0&at=0&d=11162627%3A11164227%3A26844413%3A-&zMoatS1=5113&zMoatS2=125930&zMoatS3=0&zMoatS4=3739767&zMoatAlias=93484976&zMoatMagicNum=undefined&gw=adtechbrands092348fjlsmdhlwsl239fh3df&zMoatBannerInfo=496735466&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=182630&na=977652020&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-201-161.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 17:54:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 16 Feb 2022 17:54:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
techcrunch.com
URL
https://techcrunch.com/wp-content/uploads/2015/02/cropped-cropped-favicon-gradient.png?w=32
Domain
techcrunch.com
URL
https://techcrunch.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
Domain
ads.playground.xyz
URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-rkoYbhNE2uH0kX5FWHjNyLrRxfjryg--~A&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 function| structuredClone object| webVitals object| _wpemojiSettings object| YAHOO function| __uspapi function| __tcfapi function| ACookie function| oathPlayerCommon object| vdb object| __core-js_shared__ object| C object| vidible string| ajaxurl object| JAC_CONFIG object| PARSELY function| _typeof object| dotq object| Typekit object| tc_app_data object| YCTBanner object| VMediaLGPD object| twemoji object| wp object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ object| rapidInstance object| _comscore function| fbq function| _fbq object| fbPixels string| GoogleAnalyticsObject function| ga object| tp object| SPOTIM object| _stq function| st_go function| linktracker_init object| wpcom number| lastApvTime object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| COMSCORE boolean| BZ_WIDGET_ANALYTICS_PROVIDER_INITIALIZED object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __twttrll object| twttr object| __twttr boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG object| cX function| ___tp function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| PianoESPConfig function| cxCCE_callQueueExecute object| cxTest object| JAC object| JAC_QUEUE object| cXNative undefined| cXJsonpCBkzput4ohx2brcqgs object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| DOMlessLLDcallback_14660081 undefined| cXJsonpCBkzput533os4x8jaj object| GoogleGcLKhOms

138 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgkIOhCDqa-d8C8=
.techcrunch.com/ Name: BX
Value: 2co1endh0qeif&b=3&s=ec
.techcrunch.com/ Name: GUC
Value: AQEBAQFiDotiF0IfLgSq
.techcrunch.com/ Name: A1
Value: d=AQABBE86DWICEGrlhMKzzWZTTNUlNbsuYCYFEgEBAQGLDmIXYgAAAAAA_eMAAAcITzoNYrsuYCY&S=AQAAAicU1raOQQTJXWpgFrYj1EE
.techcrunch.com/ Name: A3
Value: d=AQABBE86DWICEGrlhMKzzWZTTNUlNbsuYCYFEgEBAQGLDmIXYgAAAAAA_eMAAAcITzoNYrsuYCY&S=AQAAAicU1raOQQTJXWpgFrYj1EE
.techcrunch.com/ Name: A1S
Value: d=AQABBE86DWICEGrlhMKzzWZTTNUlNbsuYCYFEgEBAQGLDmIXYgAAAAAA_eMAAAcITzoNYrsuYCY&S=AQAAAicU1raOQQTJXWpgFrYj1EE&j=WORLD
.techcrunch.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/%22%2C%22sref%22:%22%22%2C%22sts%22:1645034063731%2C%22slts%22:0}
.techcrunch.com/ Name: cmp
Value: t=1645034064&j=0
.techcrunch.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=7eb1efdd3557bfdc7eedb4e278878e37%22%2C%22session_count%22:1%2C%22last_session_ts%22:1645034063731}
.yahoo.com/ Name: A3
Value: d=AQABBFA6DWICEOa_r4_HcsMe6aSGQVLRNX4FEgEBAQGLDmIXYgAAAAAA_eMAAA&S=AQAAAgeLGpN1LcUWgXLu9aGVm9s
.techcrunch.com/ Name: _ga
Value: GA1.2.775134820.1645034065
.techcrunch.com/ Name: _gid
Value: GA1.2.1158620617.1645034065
.scorecardresearch.com/ Name: UID
Value: 1FB1d763cc14ecd6ec732721645034064
.piano.io/ Name: __cf_bm
Value: nUtXXAO1s86IEzoNjDtrGJ0TD53WCAJ1Da3fBaf2oio-1645034064-0-AWOzH9l8WshHMgiS4hT+3L03h3nxU9PZHqxDgnWJfcJXqes3mzRiiFFkgsNSac1vY14vOUk2h0SnMc7x7jzm+hs=
.techcrunch.com/ Name: __tbc
Value: %7Bkpex%7DuxSkKU83DrmVFJ4a98ZBeEmNaX2QgD0lUPJt9NsavUX4Pzi0P2eeSyRm2dIZFfYr
.techcrunch.com/ Name: cX_P
Value: kzput3uendqckbcz
.techcrunch.com/ Name: __pat
Value: -28800000
.techcrunch.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-kzput3uiemymb99w%22%2C%22domain%22%3A%22.techcrunch.com%22%2C%22time%22%3A1645034064872%7D
.techcrunch.com/ Name: xbc
Value: %7Bkpex%7DGFbD_KTQ4zv49ki93ZiYsltdn48q9X2fnD7YM5ogfwRrBHv-2nPDbMPAp7hYSkSrYwVc6zXnNl4GCoj5PYTRYXiNruT0j4zPB_J5dQvWGshGjTuw0WcDUgma1y9dg83HYfg_6Eo6FSv_-pVvdhvh-WySUSaEGNHlZ5X81dy7Fwb1t-8n6LgDD9Vir4jekUrFDD82vyt2HrE8MFKBvzz7SVtEaELbMlmpM-HEVouwQ7cmnw6cueZI06uJvEJcWSdXEZ9KiFuisvvF-Ov3hBfWjlOz5ZP-FKex4Fcq-pTLSHPkyw4r-3uUNpLwdIUnfwkLolN2fW2beI2VxHvNiBr07RzQ2EUkHC_FVCHcKh6OYrNDIuK9uvmwy4q7MwQBAW8ZMY9x0171wX_kdHHwJdk8Tq0yy31xHbET1UJ-lshwUrA
.techcrunch.com/ Name: __gads
Value: ID=a87154738aac4437-22aa5fb504d0004e:T=1645034064:RT=1645034064:S=ALNI_MZzgNFowGedrxaBAA26RtiH0sNQpw
.techcrunch.com/ Name: cX_S
Value: kzput4o8ey6ppw1e
.tinypass.com/ Name: LANG
Value: en_US
.tinypass.com/ Name: LANG_CHANGED
Value: en_US
.cxense.com/ Name: gckp
Value: fhg0v0nuyzthtturyr1ad05n
.techcrunch.com/ Name: cX_G
Value: cx%3A3dwruvf8fmkvv4nldqahjbpxs%3A1ab4rcftjy53z
.advertising.com/ Name: APID
Value: UP7b505ddf-8f51-11ec-8386-0ea96657d767
.adnxs.com/ Name: uuid2
Value: 8541061122262657890
.demdex.net/ Name: demdex
Value: 81385765005746047361685481060668180605
.spotxchange.com/ Name: audience
Value: 7b5b3afd-8f51-11ec-885c-1966130c0103
.dpm.demdex.net/ Name: dpm
Value: 81385765005746047361685481060668180605
.adsrvr.org/ Name: TDID
Value: 07c027c8-1f84-497f-a8db-fe36b11bd367
.doubleclick.net/ Name: IDE
Value: AHWqTUkFT-HnJdSLGt0nBpsB1R9-YD6pLpaZAlsrjpIwp3sMzZLTrR1P-F6q5Ybf1O8
.spotim.market/ Name: vmuid
Value: 95bdb558f954d4a4
.spotim.market/ Name: a271858
Value: 8541061122262657890
.spotim.market/ Name: a290146
Value: y-53NyM8NE2uHJsxkpJNWYPsGAUTkw_4yX~A~UP7b505ddf-8f51-11ec-8386-0ea96657d767
.spotim.market/ Name: a301276
Value: 7b5b3afd-8f51-11ec-885c-1966130c0103
.agkn.com/ Name: ab
Value: 0001%3AHaqVw7%2FaOXDCgfKmk3qXbxEGK%2FSzJmIV
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2B7EF811-381C-497E-969B-C1174DA7D8C4
.pubmatic.com/ Name: DPSync3
Value: 1646179200%3A201_197%7C1645574400%3A164%7C1645056000%3A174
.spotim.market/ Name: a281178
Value: 2B7EF811-381C-497E-969B-C1174DA7D8C4
.adform.net/ Name: C
Value: 1
.adgrx.com/ Name: ADGRX_UID
Value: 7b72c028-8f51-11ec-9371-a0350199f618
.adform.net/ Name: uid
Value: 37146068162650729
.deepintent.com/ Name: CDIUSER
Value: di_697380c1ecd4473c84b38
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yg06UgAGtzyGrgBH
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.rlcdn.com/ Name: pxrc
Value: CNL0tJAGEgUI6EcQAA==
.uplynk.com/ Name: COMBOID
Value: "comboid=y-6zgDItRE2uF7QdMZK5L5djv70qXaVG9c~A~UP7b505ddf-8f51-11ec-8386-0ea96657d767|expires_at=1652810066"
.quantserve.com/ Name: d
Value: EN8BCwG6JfijAA
.quantserve.com/ Name: mc
Value: 620d3a52-cf44d-50e2b-27feb
.sitescout.com/ Name: ssi
Value: fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a#1645034066859
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8541061122262657890&KRTB&23339-8541061122262657890
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEGrc9Wk9TnG2zB3kCGnbYOc&KRTB&22987-CAESEGrc9Wk9TnG2zB3kCGnbYOc&KRTB&23025-CAESEGrc9Wk9TnG2zB3kCGnbYOc
.acuityplatform.com/ Name: auid
Value: 647612703894
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBP0B1PR2kmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT9AdT0dpI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-xedjz8C0ZpnetjWfx7F-nsOwYcne52TNlrdPng_Q&KRTB&19420-xedjz8C0ZpnetjWfx7F-nsOwYcne52TNlrdPng_Q&KRTB&22979-xedjz8C0ZpnetjWfx7F-nsOwYcne52TNlrdPng_Q
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b5ce4900-c5d5-4a81-427e-25626696068a.27DcJilSiCSGjzFvbNP5Q5lVuRXoCdEhwGfx0J4Pj44
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Atc5JAMXVSoFCfiViZpYGipU4mbM.Jue%2FKsSEGEixFH%2FVcET3DP5Qs0URFhqtY2gMaA7eDNA
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-07c027c8-1f84-497f-a8db-fe36b11bd367&KRTB&22918-07c027c8-1f84-497f-a8db-fe36b11bd367&KRTB&23031-07c027c8-1f84-497f-a8db-fe36b11bd367
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Yg06UgAGttKFygBH&KRTB&22978-Yg06UgAGttKFygBH&KRTB&23194-Yg06UgAGttKFygBH&KRTB&23209-Yg06UgAGttKFygBH
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-7b72c028-8f51-11ec-9371-a0350199f618
.3lift.com/ Name: tluid
Value: 3223219275822513178025
.inmobi.com/ Name: idsp_c
Value: 727ce0de-a1cc-4ea8-a6a4-c82b9aa96ca5
.turn.com/ Name: uid
Value: 7053038009852845648
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-c7d333dd-71be-42fa-b73f-d76c4c4a4ccf
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q6983204661699776467P
.owneriq.net/ Name: pmc
Value: 1
.ipredictive.com/ Name: cu
Value: 7b826aa8-8f51-11ec-8681-7f9b9a30e98b|1645034066891
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-647612703894
.w55c.net/ Name: wfivefivec
Value: FPxQjtlF1Nkovw5
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-tc5JAMXVSoFCfiViZpYGipU4mbM
.bidr.io/ Name: bito
Value: AAFDSE7EGnUAAHePDzunQw
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_1233
Value: 23223-727ce0de-a1cc-4ea8-a6a4-c82b9aa96ca5&KRTB&23266-727ce0de-a1cc-4ea8-a6a4-c82b9aa96ca5&KRTB&23285-727ce0de-a1cc-4ea8-a6a4-c82b9aa96ca5
beacon.lynx.cognitivlabs.com/ Name: UID
Value: c8951644-3c0f-4585-9f88-ac9abbac0f5a
beacon.lynx.cognitivlabs.com/ Name: ss
Value: DrTtLIBWjRRnwzw16UZ6mimdltvIV4Putyh9eRWsI3kc3uXBEWomzhdlKv%2BriqwAMWZztxCUsRsurbs77RIGow%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7053038009852845648
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-fcd44f2b-d67f-4ba5-b4c8-d89c76c3c08a-620d3a52-4341
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-7b826aa8-8f51-11ec-8681-7f9b9a30e98b&KRTB&23011-7b826aa8-8f51-11ec-8681-7f9b9a30e98b
.pippio.com/ Name: did
Value: oPiR2zFA3bz22axN
.pippio.com/ Name: didts
Value: 1645034066
.pippio.com/ Name: nnls
Value:
.simpli.fi/ Name: suid
Value: B08800FF6EA34F5BB5E6633CFD9D1824
.w55c.net/ Name: matchpubmatic
Value: 5
.bidr.io/ Name: checkForPermission
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:B08800FF6EA34F5BB5E6633CFD9D1824
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:FPxQjtlF1Nkovw5
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b2254f04-171e-4577-9938-73b14ab1abc4-005%22%2C%22nxtrdr%22%3Afalse%7D
.dotomi.com/ Name: DotomiTest
Value: a4739400cb31224
.bidswitch.net/ Name: tuuid
Value: 7d77fa25-b79b-4f90-a965-0c766261f90e
.bidswitch.net/ Name: c
Value: 1645034066
.tribalfusion.com/ Name: ANON_ID
Value: aSnseFN3IdbSIdwFUNGGE2lsjV3TspfB6Q0taPsVqauWYk1bFH3ZcGXWh2KvD9OZdqVLKjfky6pFWH7R2MMHZaB
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-37146068162650729&KRTB&23263-37146068162650729
.bidswitch.net/ Name: tuuid_lu
Value: 1645034067
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGcecnaMhFAAMF_2ogAAAAAAA&KRTB&22713-AAAGcecnaMhFAAMF_2ogAAAAAAA&KRTB&22715-AAAGcecnaMhFAAMF_2ogAAAAAAA
.pippio.com/ Name: pxrc
Value: CNP0tJAGEgQIAhAAEgYI7OsBEAA=
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q6983204661699776467&KRTB&22521-Q6983204661699776467
.contextweb.com/ Name: V
Value: oaxravwXq8Ll
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1c7o|7dN.0.AAFDSE7EGnUAAHePDzunQw
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d303b0d81cc5aa0e
.linksynergy.com/ Name: rmuid
Value: b4ffb5d1-760e-48cc-962d-16d25d44b673
.linksynergy.com/ Name: icts
Value: 2022-02-16T17:54:27Z
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b2254f04-171e-4577-9938-73b14ab1abc4-005%22%7D
.mxptint.net/ Name: mxpim
Value: R1B331_EB648C98_356DB3E1.1.0000000000000000620D3A53
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjS3MDY3Nzc2NDS0MDI3N7I0NxLiM9Qtr0j0zUlNTEvPrQqU4jU0MzE1MDYxMDM3NDAAAICFrNQ0AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvFwmtoZmJqYGxiYGZuaGAAAAKyULsQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjS3MDY3Nzc2NDS0MDI3N7I0NxLiM9Qtr0j0zUlNTEvPrQoEAJnN_HYlAAAA
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-b2254f04-171e-4577-9938-73b14ab1abc4-005
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B331_EB648C98_356DB3E1&KRTB&23092-R1B331_EB648C98_356DB3E1
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY0NTAzNDA2Njg4MiwiNCI6MTY0NTAzNDA2NzEyOSwiMzkiOjE2NDUwMzQwNjcxMjksIjI5IjoxNjQ1MDM0MDY3MTI5fQ
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwi8r4CD7d-4OhAFEhYKB3N2eDl0NTASCwierrWH7d-4OhAFGAEgASgCMgsInqa4tIPguDoQBTgBWgdzdng5dDUwYAI.
.rlcdn.com/ Name: rlas3
Value: NDjFed44eMAAX8rm/12xklIvmTs8edJVZnM6bOeegN8=
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-7d77fa25-b79b-4f90-a965-0c766261f90e
.exelator.com/ Name: EE
Value: "7d7ad1d1fa2d57b146d8884665b3363e"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcE8xTwxxTDFMC3RKMXUPMnQxCzFwsLCxMzMNMnY2Mw4dXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJiSX5RZvoiZ8fFRSlpDItKik8F72%252B8BgB4TypY"
.tapad.com/ Name: TapAd_TS
Value: 1645034067285
.tapad.com/ Name: TapAd_DID
Value: 342cccd0-6028-4990-83d6-71e2560d3733
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.spotxchange.com/ Name: sl
Value: eyJnIjpmYWxzZSwicyI6IjIxMTk0NSIsInNwIjo3LCJpIjp0cnVlLCJscCI6NjY1MywiZ2NzIjoiIiwicGwiOltdLCJzaWQiOiI3YjViM2I2NC04ZjUxLTExZWMtODg1Yy0xOTY2MTMwYzAxMDMiLCJzb2wiOjcsInNsIjowfQ==
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:7263620d-3a53-4a00-9940-6e5e48a50b86&KRTB&16736-uid:7263620d-3a53-4a00-9940-6e5e48a50b86&KRTB&23019-uid:7263620d-3a53-4a00-9940-6e5e48a50b86&KRTB&23208-uid:7263620d-3a53-4a00-9940-6e5e48a50b86
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1645574400%3A15_38_223_2%7C1647561600%3A224%7C1645833600%3A63%7C1646179200%3A239_240_204_5_104_3_220_54_8_55_56_178_231_99_7_166_71_22_165_48_21_13_176_233%7C1646265600%3A35
.pubmatic.com/ Name: pi
Value: 156078:3
.smartadserver.com/ Name: pid
Value: 8056379446578827850
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAFDSE7EGnUAAHePDzunQw
.mathtag.com/ Name: uuid
Value: 7ea5620d-3a53-4100-9749-7a28f0fe9d85
.technoratimedia.com/ Name: tads_uid
Value: 011DFB04F5E44F849A06590FE861F1EF
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220216125427-0500
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AAFDSE7EGnUAAHePDzunQw
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFDSE7EGnUAAHePDzunQw
.pubmatic.com/ Name: PugT
Value: 1645008177
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.analytics.yahoo.com/ Name: IDSYNC
Value: "16pp~239t:1769~239t:17kh~239t:187s~239t:18kp~239t:18qt~239t:18xi~239t:18xn~239t:18yl~239t:18yx~239t:18z8~239t:191q~239t"
.pubmatic.com/ Name: SPugT
Value: 1645034069

4 Console Messages

Source Level URL
Text
other warning URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Message:
Allow attribute will take precedence over 'allowfullscreen'.
security error URL: about:blank
Message:
Refused to load the image 'https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-rkoYbhNE2uH0kX5FWHjNyLrRxfjryg--~A&gdpr=0&gdpr_consent=' because it violates the following Content Security Policy directive: "img-src https://pixel.advertising.com https://sync.adap.tv https://sync.adaptv.advertising.com https://ups.analytics.yahoo.com https://*.uplynk.com https://*.doubleclick.net https://*.yahoo.com https://*.adsrvr.org https://*.pubmatic.com https://*.yahoo.com https://*.doubleclick.net https://*.doubleclick.net https://*.doubleclick.net https://*.3lift.com".
security error URL: about:blank
Message:
Refused to load the image 'https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID' because it violates the following Content Security Policy directive: "img-src https://pixel.advertising.com https://sync.adap.tv https://sync.adaptv.advertising.com https://ups.analytics.yahoo.com https://*.uplynk.com https://*.doubleclick.net https://*.yahoo.com https://*.adsrvr.org https://*.pubmatic.com https://*.yahoo.com https://*.doubleclick.net https://*.doubleclick.net https://*.doubleclick.net https://*.3lift.com".
network error URL: https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: https:; object-src 'none'; connect-src https: wss:; script-src 'unsafe-inline' https: 'unsafe-eval'; worker-src 'self' blob:; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; media-src 'self' blob: data: https:; font-src 'self' data: https://use.typekit.net https://cdn.vidible.tv https://cdnjs.cloudflare.com ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25.at.atwola.com
3p-geo.yahoo.com
3p-udc.yahoo.com
a.tribalfusion.com
aa.agkn.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.ca
adservice.google.com
aka-cdn.adtechus.com
api-2-0.spot.im
api.cxense.com
apx.moatads.com
audex.userreport.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
buy.tinypass.com
c1.adform.net
c2.piano.io
cdn.cxense.com
cdn.tinypass.com
cdn.vidible.tv
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
comcluster.cxense.com
connect.facebook.net
consent.cmp.oath.com
d1z2jf7jlzjs58.cloudfront.net
di.rlcdn.com
direct-events-collector.spot.im
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
geo.moatads.com
googleads.g.doubleclick.net
guce.techcrunch.com
ib.adnxs.com
id.cxense.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
jac.yahoosandbox.com
jill.fc.yahoo.com
launcher.spot.im
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mweb.ck.inmobi.com
o.aolcdn.com
onevideosync.uplynk.com
opus.analytics.yahoo.com
organizer.bizzabo.com
p.rfihub.com
p.typekit.net
p1.parsely.com
p1cluster.cxense.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.wp.com
platform.twitter.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
publisher-assets.spot.im
pubmatic-match.dotomi.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adentifi.com
s.tribalfusion.com
s.yimg.com
sb.scorecardresearch.com
seo.spot.im
service.idsync.analytics.yahoo.com
simage2.pubmatic.com
simage4.pubmatic.com
sp.analytics.yahoo.com
static-cdn.spot.im
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
syndication.twitter.com
tag.idsync.analytics.yahoo.com
tags.bluekai.com
tags.rd.linksynergy.com
techcrunch.com
tpc.googlesyndication.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
use.typekit.net
widget.us.criteo.com
www.google-analytics.com
www.google.com
x.bidswitch.net
ads.playground.xyz
ib.adnxs.com
sync.mathtag.com
techcrunch.com
103.229.206.241
104.244.42.136
104.36.113.24
104.36.115.113
104.45.178.220
107.178.254.65
107.23.223.65
108.168.159.145
129.159.70.95
13.225.230.28
13.226.31.55
13.33.46.91
142.251.40.130
142.251.40.194
145.40.89.32
151.101.130.49
152.195.14.41
152.199.24.48
156.154.202.36
173.223.56.123
173.231.178.117
178.250.0.163
185.167.164.39
192.0.76.3
192.35.249.127
198.148.27.139
199.127.204.142
199.187.193.192
199.38.167.128
2001:4998:124:1704::5000
2001:4998:14:800::1000
2001:4998:14:800::1001
2001:4998:58:207::6000
207.198.113.171
23.221.201.161
23.221.203.12
23.227.139.243
23.46.249.89
2600:141b:13::17d7:82cb
2600:141b:7000:1b7::268b
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185
2606:2800:121:46:19e1:1c79:eea:1135
2606:2800:21f:16d2:d9:26d7:10a3:cf1
2606:2800:21f:3d5b:386b:a42c:93aa:d404
2606:2800:220:de:468:2285:c1:4a3
2606:4700::6810:2a41
2606:4700::6811:bab1
2606:4700::6812:d05
2606:ae80:1451:21::410
2607:f8b0:4006:806::2002
2607:f8b0:4006:809::2002
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80d::200e
2607:f8b0:4006:81e::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:823::2004
2620:112:f002:bbbb::21
2620:116:800b:21:44af:4f54:8af4:5563
2a03:2880:f012:8:face:b00c:0:1
3.229.12.133
34.107.140.17
34.196.168.57
34.98.67.3
35.174.142.166
35.190.60.146
35.211.178.172
35.71.131.137
38.91.45.7
4.78.226.233
52.200.205.250
52.202.229.46
52.85.61.100
52.85.61.16
52.85.61.28
52.85.61.52
52.86.198.120
54.144.144.142
54.166.244.71
54.175.156.64
54.175.87.114
54.208.81.2
54.210.154.62
54.227.88.83
54.230.244.8
54.81.225.10
68.67.160.24
69.90.254.78
74.119.119.150
76.13.32.146
76.13.32.147
76.223.111.18
8.28.7.82
8.28.7.83
8.28.7.84
86.109.7.56
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
036fd6bed98c9770a40c936d97bef1b0be8520e63115a5a7855e2105a417a5a9
07f16185a125828aeb99720a290d83c00d922eedf7014b9e5f205d04e8ee67b1
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0afd9861cfb70fe36a459d7f60383585f8164c713584cb8421eb7412fb97b797
0b3fc86e1776ea74bf5716728ab8add261fd32267abc1b0beeebb888be100427
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
0d0885974c27951b15c27a69a8d53ed6156fe44066f370f50c3fd7c5ce1502d5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f45a591b60aead8a9ef49a3831ba6ef2366250e78ec1b6d22dc5de323db5494
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
1633bb3b7682fc5b89b4d91bf07adc7a3511a312593321ca3a2274d5a282e6a9
175c0f9cb869c40821273eeac5a24c4e2f3ac68c7afde345434b0973e079823a
17bc49d54c8c2999dab2ffeb65363e9937616f57d75f63e8b52e9d030abe97e6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b6f60b0715e162c4f3ca6c4b54b64a1e8edfa8b5ad1859982d990c9258abf3d
1b987d94ed8d762772220d579788eb1ddeeeae304e3046dc08dd108d3f8c2aec
1c2ce7f3d6651ad28636addf4a66370a39bd4f1ca7fbad632d461492a682250e
1e948b5e167eac6e8582c21c0f929cc6c716982ff4f2350dc252525c08eff62c
1f0cbb02bbae34e9d62e4fc7e0e40a69a04f5cd798c1ce56bc195cf207a377f3
1f0d72c4ea18787359759b5834c8091bd40150f5b79ff6e13d9dc2a11d0ced7b
1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147
2248ec78737c73554aac2f777ef47e835df59b59e506613b44d773d889335349
227aa7d9685c3643048b4dd7e0bdbed5f11b48a89780c6ddb60b1747b7b661c6
22c6e1ec3778b739f5b541e03557d5b3404ad1677d41d0f786bf597afd786d7e
23d98a0ee47915c2ca68398ab6231740174c59edf1be75de3f8b15d48e54fda3
263f3c06eba4f4b57903b66aadabadc3da9e57715dac5b3418c65220c0f5564b
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2ccef1b129ed6450fdb43ca07cbadafc2be4626eee1ad9c4c63bb45d951bec39
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd
2e800bf69de415a9c073ef4bd5351fb14d75861b587cc8a96eeec0849dac817e
30db497779a0966205a5444b00224525b23cd803e0ccec2d3a447995a16dd2b9
328b1b063a08d0bf0dd7f19dd944c6b0263e8106e55b86e00b4b08c8c53b94ae
34def6a771d89740567287b5050a9188bd1b604d796cb2b024104d718efd2911
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6
3cfc040cbb8778b4e7f499ac9b75a40e4169bdb66ee3f455cf0822782fe0da5d
3e03de2259a78803ce3ccd706072878f713d865a58fe7e50d0f33bc8a18b5288
446ddb7dc616e94753169f8df79f7bbb35ef2c905fc2623dc6cb79a590c730ba
47053498fb3acd91194938d6b153683b4b6232bee4b2a29f46b8dce2e99d8f95
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c22f24b495a329bd23c63495f5d37df3bb01b46e6d06223038d5f0d54602340
4d95a498cb323fe637b8bd1b65792d4788c46d8df065f21838bc46d69fa6b310
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9f78ab7fd3ba8308cef70f9b187aa8354da49c5fe54fc96a1796ce85fd7952
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fdc3d93d3a5601cddd91190f4d69ccbfed0f53d603617a1995cdeb63f2a5a28
510aada1862bed9b809b45f850cf157fe7113b1c005d9d9a1c1188067f41f4a3
53223cc800efd65753dec3ab9c1099a86c6eb0f37a044c45e64b4cd8469a5181
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
53a556bcc4e872322c770e889c66f311ecef9f26a73c765777bf3695c6dd8448
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5660d50fc56f6a2e78e802f4f208873fa403dfa2362ab50883b787ab203c9364
58652fccc788bc872fd608c8b9d56a6fb82bb4b6e4ca487beecdddc7f1020b2d
589c4ce3ccd4584ac0e60e7fadf4565e96f2c257add8259634085b31df79b11a
5c771dac13ea6d6cc7f64d98902c8cca8636cee40c0b4082ee698fb1de2456dd
5cd47de00d8c1fe3cf68abf6f0835fd573be437a131e343076455ff95a63b6ca
5ceb8d57b2629cff3c0d744a95ddcf6b91afb756aefa92dd0c55a5a0548b834a
5d71e020776bd9760fcba78876a3a725095e041b8ca6b76cd26008aafe95e1ef
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630156a17471251f8d11ddebb87508d5e9d84492270672da83eec5d7eca0a01e
66a94072ad1b15f2e73365d0971fd8e71fc79a912b1ef67df121276b1aa35cfc
68bd0d8dd6c8f4300250c8799251f2c1b3059254847423ce68716d02a02d360f
69aa54076ccf59896ad12b8235523db29db7ba08beebe496e4a6a1a9dcafdcd9
6f1088469da33e99180e0ba9320ddd95be2a4905e58a886fa030235cd809a420
708e0c4f5f39d21d0fa3573ab1fc90d187913b6d077e858ed53ae0918050d416
724e07c7b16bd3357ff82418323d6122bbb0b292035463add0403db1016ff582
72a2fe18367bc541725b2d08b9d66ca98f7a8f613a7bdfb3727b1b1a79d48d87
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
778f7d76b157fb3ac9fd835d6d1251275f449b01bd41016ffea49314d8080084
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845b7be3b207780167043b9c1fd86ccc1599e5d200d0d768dbe31350ee22cdff
8463e34733b0c084ce562cf93dec869fe8199084f7332691d51669f97f810090
84cdc3aed853248e434823fc8f7cbed565c453069b8808eaf0a25ce3fd5595c8
84d650f8817b192592459e5188f4db49a48d1fce84f1c76a0c2ffb7777bef813
873da1d00e5934492edfc089492acedc263c72c5820410869cd5942a9d6264da
877ff3ef7decafbe11071ad9eeb8a2a93a2b5190061a59f491651cbc3793e7e6
898b3b0d1198cb947a851de1fa2b27f1851813dfb396f47bfdc287238bc3e39f
8a6549e0b8027fc0c8da2fc94088a68a4484a019fd3ff1d4233d262da23ad411
8ab6940b0f8ee45f1d0da07edac2e0c104e008676bbdb3443d78ad4c74d75749
8b333a5434d43b106cef9028a3eb82c58b2ec53d036a5952e85865584b8f9506
8e315a135b277af2ea1b9c4f7969c1cd1f3b96afff683df914a4b3e5bbf35adb
8ea1ccbe7836c16fca632c2adc594d18c7693e15b8203b44dcb6b500e0d1cb8d
8f528bfec27c52159a668c585f5d35fcae1b8b4af3f2fd4cef6aa802b89db9a8
9108c97fd79a9c52f825a7b17a40903b308dba450ca88ce8617f6380326953b9
91c990564273d784a8df001580e9e1eccef85200c4b6d26fedaee31529c11a33
9401d45b15dac98d3adc3803a52be3bae9777cfc6f2e5565115bf2d0d02eefc2
968dff73000c5cad9bcb147e022cad42c0df017924f3baff8c99d53f78e5905b
9719de30a3b058098c8af2f75524da2e413613ac05f04fac4d46c7366402483f
97e7c49b532fcdb24f32a1f72c2a8b0e248e19f0d688acffcb2d3bdead1c2198
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c5dcb03ef2ed2ab24222408b878863a65198f23b048caff75bf9fcc9ca31548
a0a048b66e9230d29b7a68087012fad0138f4b2e98c3047f0c66ff209c642f29
a1865b0d2f40b489949f2e4e22e7280035c3b678d7c9963c7ae6bb96dd1f016a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a71aa670b0a5f2c7a4657c4f5e52d3057e6231606e234bd0e11bff28ee6fbcac
a75f265a8dbb53d405e546cabb0bdfaf610e0a192509739cc80538092dd9b81b
aa3c6b2a9c2524876d8933551e3294c60e5e14679597573de531edc89ef6bebf
ac94b68b625c3a385b391317f5ea9ab7234025bdf48b1b8b507a6981c1c19b4e
b00f2089d0ec18d6d9e5e7719bb66e19d6cb8f40cf5737944292d6da6f567d26
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b49577d8ee0a7c4bfd674dd37eb4713ff1d465bd554bb2b35711f0063721cc5d
b5142c18467770afa78d87b96a60e5635a3275733eb2a3007c17465c65f22b77
b69c2c9b650280c60eda7e10d544a5bd6aa4cc082088c90fe94282fbf757e71d
b7163fba8c15e32a144ef096abce6359fe8402a7403716a216f9bcb581e5abc8
b7da68088510b16745f1d6ddbf8b83134f7aef35986a2c293a96aaa84c649832
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
c159f1aa46a041641d855f1776f76a46866a9b2dcf63cdf693994aad2e6567e1
c61f16ac3df810ae126b54c4b84242d0187a98d19d4e4616b9174e9d8965f93c
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7d03f9cded0bf6b1011629938dea3b5ea4e4280abf4ad792fc35f07d1587709
caacab0deaf67e97531afe3f0fc53378c98fb836991729e958eb93b1d5559240
cd4e3402d3d2ed084e5e62cd0abb106641cc446487409c2da82d140119e89644
cdc70cef973465de611ee913219b5fab1c020430681ad6e16c766ad74ff59e21
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d58b25a373c2d322f847023d9d36a45cec17cd4ec9506037232adb457079e545
d77fc177e529814719b32eed97c67034e85522c10d18e536b48fdd3a5c2c0021
db7b15e87fd538a618f7e72f2be084b430943d8bd469dd78a57669db7d0d5ede
dca8d3f9f5e78c0559e5f3a091165875b6ce61aeaf38c64155e89d2056c64584
de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74
e5e10e59eb5bd501f3249b914ad302001b4717e538e053bfde9c83788b2b9395
e8c417a6b1d077bf702eb52ba1bba456552b4640daf4b3be0c65662b1ddb86f6
ea14a15b393e66ecf153e01f45ce2c03c6c819754f1deb4a1563f5ac81f7b4ff
eab8de27de645e5b26b6cbd48545a6997f72956e40401714a0be09b2e2fa8d58
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f047e57ca31c7b9b7f0034818363956624c6815ab631b7c2ff73703d59a9f5c1
f191efb0e7d96a6d0dac16f55ab188a1da3013d2fd43743d109f52e2c9e993ed
f33fa76dfa8b789f28f418fda80c1f84192c25088bfb0ead1e76044047729b00
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f543a3d3b2872e9c51de9ea7157f31abe80735b2500299038d13dcc8b34f08e0
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01
f85d2f99360b499dee9582d6eb85a812efbf4b8db567dc76bc4bab175d09e7cb
fad53d8c09f270d8e145e54163788f3dcc21e77ce92b74e906a5857dd5cb0337
fcfd64d61b127e1024d67e2c7fdf39105a8ce22900608a9416c316200c9d32da